{"json_modified": "2016-08-16T17:54:17.101724", "uuid": "f5564a54-9f79-4e3f-bc58-6d2b0382926d", "title": "Script security", "url": "/en-US/docs/Mozilla/Gecko/Script_security", "tags": ["Security"], "translations": [{"uuid": "bdfd53a6-224b-4e5b-aa27-8a556d5ff8bd", "title": "Script security", "url": "/ru/docs/Mozilla/Gecko/Script_security", "tags": [], "summary": "Like any Web browser, Gecko loads JavaScript from untrusted and potentially hostile web pages, and runs it on the user's computer. The security model for web content is based on the <a href=\"/en-US/docs/Web/Security/Same-origin_policy\">same-origin policy</a>, in which code gets full access to objects from the same origin but highly restricted access to objects from a different origin. The rules for determining whether an object is same-origin with another, and what access is allowed cross-origin, are now mostly standardized across browsers.", "localization_tags": ["inprogress"], "locale": "ru", "last_edit": "2015-08-17T19:48:00", "review_tags": []}], "modified": "2016-08-16T17:54:17", "label": "Script security", "localization_tags": [], "locale": "en-US", "id": 131361, "last_edit": "2016-08-16T17:54:15", "summary": "Like any Web browser, Gecko loads JavaScript from untrusted and potentially hostile web pages, and runs it on the user's computer. The security model for web content is based on the <a href=\"/en-US/docs/Web/Security/Same-origin_policy\">same-origin policy</a>, in which code gets full access to objects from the same origin but highly restricted access to objects from a different origin. The rules for determining whether an object is same-origin with another, and what access is allowed cross-origin, are now mostly standardized across browsers.", "sections": [{"id": "Security_policy", "title": "Security policy"}, {"id": "Compartments", "title": "Compartments"}, {"id": "Cross-compartment_access", "title": "Cross-compartment access"}, {"id": "Same-origin", "title": "Same-origin"}, {"id": "Cross-origin", "title": "Cross-origin"}, {"id": "Privileged_to_unprivileged_code", "title": "Privileged to unprivileged code"}, {"id": "Unprivileged_to_privileged_code", "title": "Unprivileged to privileged code"}, {"id": "Security_checks", "title": "Security checks"}, {"id": "Subsumes", "title": "Subsumes"}, {"id": "Security_principals", "title": "Security principals"}, {"id": "System_principal", "title": "System principal"}, {"id": "Content_principal", "title": "Content principal"}, {"id": "Expanded_principal", "title": "Expanded principal"}, {"id": "Null_principal", "title": "Null principal"}, {"id": "Principal_relationships", "title": "Principal relationships"}, {"id": "Computing_a_wrapper", "title": "Computing a wrapper"}], "slug": "Mozilla/Gecko/Script_security", "review_tags": []}