Many web developers, such as those of Google® Maps, are exposing external application programming interfaces (APIs) for their web applications. Other web developers can embed references to these external APIs within the web pages of their own web applications to thereby aggregate the functionality of multiple web applications. By importing this external API into a different web application, the resulting aggregated web application can utilize the resources of the external web application in conjunction with their own resources. A program fragment within a mobile terminal phonebook web application, for example, could invoke the Google® Maps JavaScript constructor to create a map of a contact's address within a certain HyperText Markup Language (HTML) element of the mobile terminal phonebook web application. While this aggregation of web applications creates new functionality not present within either web application individually, it also creates new implications for security and privacy.
More particularly, the new functionality desired in aggregated web applications often requires an external web application to have at least limited access to some of the resources of the aggregated web application's runtime environment (e.g., reading a phonebook contact's address). However, importing the external web application into the aggregated web application makes the external web application execute in the context of the aggregated web application runtime environment and, therefore, actually has full access to all of its resources (e.g., writing over or deleting all of a phonebook contact's information). Thus, if the aggregated web application is to provide new functionality, it must absolutely trust the external web application with such access. Of course, this absolute trust is not always present particularly because aggregated web applications often originate from different web developers and domains. This frequent lack of absolute trust often forces the aggregated web application to sacrifice functionality for security. In other situations, the desire for new functionality forces the aggregated web application to sacrifice security for functionality.