[dojo-contributors] "core dojo", packaging, and the build system

Sandro Magi smagi at naasking.homeip.net
Wed Apr 5 18:52:54 EDT 2006


An array of hosts with a random selection stored in dojo.js could be
used to distribute the load across any number of servers. Whether this
is actually a win depends on how scripts are cached by the browser. If
the browsers are good, then distributing the scripts in this manner
could very well *degrade* performance.

Furthermore, this is potentially a security nightmare. Subverting any
one of the hosting servers means an attacker could potentially steal
information from any web applications which use dojo this way.

You can close this vulnerability by storing secure hashes of the
referenced scripts in the root dojo.js file. When the script is fetched,
the computed hash must match the stored one to ensure that the script
hasn't been compromised. If it doesn't match, the next server could be
tried. I can't think how else you can ensure the app's security.

Sandro

Jesse Kuhnert wrote:
> In regard to the globally available js package server, I still wish this
> were possible. It seems the only barrier is trying to ask 1 entity to
> host this, which just isn't feasible.
> 
> I wish I knew more tcp/ip routing to make any thoughts I have
> substantial but I thought that you can sort of round robin stagger a DNS
> name to a number of different physical hosts....If this were possible,
> and we could somehow guarantee only a certain amount of traffic going to
> each particular entity it might be easier to get more companies/people
> to volunteer bandwidth/server resources.
> 
> But, like I said. I don't know enough about networking on this kind of
> scale to know if it's feasible.
> 



More information about the dojo-contributors mailing list