SAP SE
Client-side taint-protection using taint-aware javascript

Abstract:

Methods, systems, and computer-readable storage media for receiving, by a web browser executing on a client-side device, a response from a server, the response provided in a taint-enhanced data format, processing, by a Javascript framework executed by the web browser, the response to parse data within the response and, for any data values marked as tainted, providing respective taint string Javascript objects as sanitized data, and providing the sanitized data to a document object model (DOM).