[Caja] Dynamic guest page embedding

I am trying to use Caja to sandbox users' games, to prevent malicious code from being run, however when using Caja you us separate host and guest pages eg. example.com/host and example.com/guest My concern is that an attacker could simply link to the unsandboxed example.com/guest, and bypass

Re: [Caja] Script inclusion error

On Fri, Feb 9, 2018 at 12:22 PM, Marc H wrote: > Thanks so much the snippet now works! Now I am trying to integrate this > with my project, which uses a framework called "A-Frame" for games and I > have run into another problem. > > When I include the framework script, (I

Re: [Caja] Script inclusion error

Thanks so much the snippet now works! Now I am trying to integrate this with my project, which uses a framework called "A-Frame" for games and I have run into another problem. When I include the framework script, (I believe) it tries to add a function to the Math prototype that the library

Re: [Caja] Dynamic guest page embedding

On Fri, Feb 9, 2018 at 12:32 PM, Marc H wrote: > I am trying to use Caja to sandbox users' games, to prevent malicious code > from being run, however when using Caja you us separate host and guest > pages eg. example.com/host and example.com/guest > > My concern is that an