- supports full non-strict ECMA-262 v.5 (pdf) including the standard API,
- provides dynamic (runtime) tracking and verification of security labels,
You can download the source of JSFlow and run it using node.js. In addition, we
invite you to try the console, or tackle the challenge.
JSFlow is developed by Andrei Sabelfeld's research group at the
Department of Computer Science and Engineering, Chalmers University of
Technology, Gothenburg, Sweden and Daniel Hedin, Mälardalen University, Västerås, Sweden.
This work has been partly funded by the European Community under the
ProSecuToR, WebSand, and FlowShield projects and the Swedish Foundation for
Strategic Research (SSF) under the WebSec project.