SShortSingh.
TopTechnologyAI & MLStartupsProgrammingScienceBusinessFinanceCrypto & Web3World
Back to feed
Programming

How to safely serve user-generated HTML using a cookieless-origin sandbox pattern

0
·1 views

A developer behind ShareMyPage, a platform that hosts LLM-generated HTML pages, has detailed a security architecture for safely rendering arbitrary user-supplied HTML in browsers. The approach combines three layers: serving untrusted content from a separate, cookieless domain to enforce origin isolation, applying an iframe sandbox attribute without allow-same-origin to give scripts a null origin, and using short-lived signed JWTs as access-control tokens instead of session cookies. Because the content origin never sets or receives session cookies, even a failure in origin isolation leaves no credentials to steal. Access control and damage containment are handled as two distinct problems — signed URLs answer who may view a page, while origin isolation limits what any malicious code can do. The pattern is applicable beyond ShareMyPage to use cases such as email renderers, no-code builders, and AI artifact viewers.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

Microsoft Entra's Extensibility Expands Power but Creates New Control Plane Risks

Microsoft Entra has evolved into one of the most extensible enterprise identity platforms, allowing custom code to influence token issuance, privileged role activation, lifecycle workflows, and access package approvals. These extension points enable businesses to embed their own logic directly into Entra's identity and access decisions, turning it into a programmable enforcement engine. However, each extension effectively hands a portion of Entra's trust boundary to external systems — Azure Functions, Logic Apps, or third-party endpoints — that Microsoft does not directly control. Security experts argue these external systems now qualify as Control Plane assets, the same high-privilege tier as domain controllers and root certificate authorities. Despite their critical role, such extensions are rarely treated with the rigorous security controls that Control Plane designation demands.

0 comments Read more at DEV Community
0
ProgrammingDEV Community ·

Mininglamp Open-Sources Octo, a Collaboration Layer Linking Multi-Agent AI Teams

Mininglamp Technology has open-sourced Octo, a work platform designed to connect multiple AI agents operating across an organization into a shared coordination network. The tool addresses a growing bottleneck: while individual AI agents have become highly capable, they typically operate in isolation, forcing humans to manually sync their outputs. Octo integrates agents directly into instant messaging channels, allowing teams to deploy, monitor, and chain agents within existing workflows without additional installation or configuration. Its three-level structure of spaces, channels, and threads enables multiple agents to hand off tasks sequentially, forming end-to-end work pipelines. The project is now publicly available on GitHub under Mininglamp's open-source initiative.

0 comments Read more at DEV Community
0
ProgrammingDEV Community ·

Developer Ditches Docker Desktop on Windows, Moves to WSL2 Debian for Better Performance

A Windows-based developer switched from Docker Desktop to a native Docker installation inside a Debian WSL2 distribution after experiencing persistent slowdowns, crashes, and excessive memory usage. Docker Desktop's performance on Windows lagged noticeably behind Linux and macOS setups, prompting a rethink of the entire development workflow. The developer integrated the WSL2 environment with Visual Studio Code using remote dev containers, restoring the responsiveness and reliability seen on native Linux systems. However, a new challenge emerged when the development distro ballooned to 60GB due to Docker images, layers, and cache data. To address this, the developer devised a strategy of separating Docker data onto an external VHDX disk mounted within WSL2, keeping the core distro lean and manageable.

0 comments Read more at DEV Community
0
ProgrammingDEV Community ·

Engineer shares hard lessons from building an AI pipeline for 10,000 daily job listings

A software engineer built an LLM-powered scoring pipeline for a job platform that processed over 10,000 listings per day, but a parallel AI rewrite feature was shut down after API costs reached $3,000 per month for a single feature. The engineer found that using raw prompts in production caused unreliable outputs, including fabricated salary data, which was resolved by switching to OpenAI's function calling with strict JSON schemas. Cost management proved critical at scale, with GPT-4o mini and OpenAI's Batch API cutting expenses by 50% compared to synchronous calls. Further testing of DeepSeek V4 Flash showed comparable output quality at roughly 23 times lower cost, a gap the engineer described as the difference between a pipeline that ships and one that gets cancelled. The rewrite pipeline remains offline pending evaluation, highlighting how cost architecture — not just technical performance — determines whether AI features survive in production.

0 comments Read more at DEV Community