In the early days of the internet, a webpage was a static document that was provided from a server to a client, e.g., a browser application. Later, providers gained an ability to provide functionality in conjunction with content.
Over time, providers developed a desire and an ability to integrate content and/or functionality from a separate provider, i.e., a third party provider in the context of the traditional server/client exchange. In this paradigm, providers are able to provide their users with additional features, for the use and enjoyment of the users, while the third party providers are able to propagate their services over a wide audience.
However, these and related advantages are offset in practice by the presence of malicious providers, and/or malicious third party providers. For example, a malicious provider may attempt to integrate third party services in a manner which enables the malicious provider to attack the third party provider and/or the end user. Conversely, a malicious third party provider may attempt to have its services integrated by an innocent provider, so as to thereby attack the innocent provider and/or the end user. As a result, it is difficult for legitimate providers, third-party providers, and end users to trust content and functionality that is available on the Internet.