From Wikipedia, the free encyclopedia
Jump to: navigation, search
Paradigm object-capability
Designed by Douglas Crockford
First appeared 2007[1]
Influenced by
Caja project

ADsafe is an object-capability subset of Javascript. From the project's home page[1]:

ADsafe makes it safe to put guest code (such as third party scripted advertising or widgets) on a web page. ADsafe defines a subset of JavaScript that is powerful enough to allow guest code to perform valuable interactions, while at the same time preventing malicious or accidental damage or intrusion. The ADsafe subset can be verified mechanically by tools like JSLint so that no human inspection is necessary to review guest code for safety.

ADsafe is significant for being a relatively simple object-capability subset language. Unlike Caja, another system for sandboxing Javascript code, ADsafe does not do source-to-source rewriting of Javascript, but uses a source code verifier.


  1. ^ Early post about JSLint's ADsafe feature to the caplet mailing list, Douglas Crockford, 2007/09/30, retrieved 2009/11/21.

External links[edit]