The ADsafe subset of Javascript prohibits the use of certain things that are not

Question

0

Asked: May 25, 20262026-05-25T21:21:37+00:00 2026-05-25T21:21:37+00:00

The ADsafe subset of Javascript prohibits the use of certain things that are not

0

The ADsafe subset of Javascript prohibits the use of certain things that are not safe for guest code to have access to, such as eval, window, this, with, and so on.

For some reason, it also prohibits the Date object and Math.random:

Date and Math.random

Access to these sources of non-determinism is restricted in order to make it easier to determine how widgets behave.

I still don’t understand how using Date or Math.random will accomodate malevolence.

Can you come up with a code example where using either Date or Math.random is necessary to do something evil?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-25T21:21:38+00:00

Editorial Team

2026-05-25T21:21:38+00:00Added an answer on May 25, 2026 at 9:21 pm

According to a slideshow posted by Douglas Crockford:

ADsafe does not allow access to Date or random

This is to allow human evaluation of ad content with confidence that
behavior will not change in the future. This is for ad quality and
contractual compliance, not for security.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

The ADsafe subset of Javascript prohibits the use of certain things that are not

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply