]. J. Biba-1977 and . Biba, Integrity Considerations for Secure Computer Systems, 1977.

N. Bielova, D. Devriese, F. Massacci, and F. Piessens, Reactive non-interference for a browser model, 2011 5th International Conference on Network and System Security, pp.97-104, 2011.
DOI : 10.1109/ICNSS.2011.6059965

M. Bodin, A. Charguéraud, D. Filaretti, P. Gardner, S. Maffeis et al., A Trusted Mechanised JavaScript Specification, Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL'13, pp.87-100, 2013.
DOI : 10.1145/2535838.2535876
URL : https://hal.archives-ouvertes.fr/hal-00910135

]. Bohannon, B. C. Pierce, V. Sjöberg, S. Weirich, and S. Zdancewic, Reactive noninterference, Proceedings of the 16th ACM conference on Computer and communications security, CCS '09, pp.79-90, 2009.
DOI : 10.1145/1653662.1653673
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.146.3298

]. Buiras, D. Stefan, and A. Russo, On Dynamic Flow-Sensitive Floating-Label Systems, 2014 IEEE 27th Computer Security Foundations Symposium, p.2014, 2014.
DOI : 10.1109/CSF.2014.13
URL : http://arxiv.org/abs/1507.06189

A. Chudnov and D. A. Naumann, Information Flow Monitor Inlining, 2010 23rd IEEE Computer Security Foundations Symposium, pp.200-214, 2010.
DOI : 10.1109/CSF.2010.21
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.153.6508

]. Clements, A. Sundaram, and D. Herman, Implementing continuation marks in JavaScript, Proceedings of the 9th Scheme and Functional Programming Workshop, 2008.

C. Patrick and R. Cousot, Abstract Interpretation: A Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints, Proceedings of the Fourth ACM Symposium on Principles of Programming Languages (POPL'77), pp.238-252, 1977.

A. Brian, H. A. Davey, and . Priestley, Introduction to lattices and order, 2002.

E. Dorothy and . Denning, A Lattice Model of Secure Information Flow, Commun. ACM, vol.19, issue.5, pp.236-243, 1976.

T. Disney and C. Flanagan, Gradual Information Flow Typing, 2011.

]. Flanagan, Javascript -the definitive guide, 2011.

P. Gardner, G. Smith, J. Mark, U. Wheelhouse, and . Zarfaty, DOM: Towards a Formal Specification, Proceedings of the ACM SIGPLAN Workshop PLAN- X on Programming Language Technologies for XML, 2008.

P. Gardner, S. Maffeis, and G. Smith, Towards a program logic for JavaScript, Proceedings of the 40th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL'13, pp.31-44, 2012.

A. Joseph, J. Goguen, and . Meseguer, Security Policies and Security Models, Proceedings of the 3rd IEEE Symposium on Security and Privacy, SP'82, pp.11-20, 1982.

A. Grosskurth and M. W. Godfrey, A reference architecture for Web browsers, 21st IEEE International Conference on Software Maintenance (ICSM'05), pp.661-664, 2005.
DOI : 10.1109/ICSM.2005.13

A. Guha, C. Saftoiu, and S. Krishnamurthi, The Essence of JavaScript, Proceedings of the 24th European Conference on Object-Oriented Programming (ECOOP), pp.126-150, 2010.
DOI : 10.1007/978-3-642-14107-2_7

A. Guha, B. Lerner, J. G. Politz, and S. Krishnamurthi, Web API Verification: Results and Challenges, 2012.

A. Hedin and . Sabelfeld, Information-Flow Security for a Core of JavaScript, 2012 IEEE 25th Computer Security Foundations Symposium, pp.3-18, 2012.
DOI : 10.1109/CSF.2012.19

D. Hedin, A. Birgisson, L. Bello, and A. Sabelfeld, JSFlow, Proceedings of the 29th Annual ACM Symposium on Applied Computing, SAC '14, pp.1663-1671, 2014.
DOI : 10.1145/2554850.2554909

H. Sebastian and D. Sands, On Flow-sensitive Security Types, Proceedings of the 33rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL '06, pp.79-90, 2006.

]. Jang and R. Jhala, Sorin Lerner and Hovav Shacham. An Empirical Study of Privacy-Violating Information Flows in JavaScript Web Applications, Proceedings of the 17th ACM Conference on Computer and Communications Security, pp.270-283, 2010.

G. Kiczales, J. Lamping, A. Mendhekar, C. Maeda, C. V. Lopes et al., Aspect-Oriented Programming, Proceedings of the 11th European Conference on Object-Oriented Programming (ECOOP), pp.220-242, 1997.

P. Li, Y. Mao, and S. Zdancewic, Information Integrity Policies, Proceedings Formal Aspects in Security & Trust (FAST), 2003.

K. Thotta-ganesh and V. N. Venkatakrishnan, AdJail: Practical Enforcement of Confidentiality and Integrity Policies on Web Advertisements, Proceedings of the 19th USENIX Security Symposium, pp.371-388, 2012.

S. Maffeis, J. C. Mitchell, and A. Taly, An Operational Semantics for JavaScript, Proceedings of the 6th Asian Symposium on Programming Languages and Systems, pp.307-325, 2008.
DOI : 10.1007/11601524_11
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.144.388

]. Magazinius, A. Askarov, and A. Sabelfeld, A lattice-based approach to mashup security, Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS '10, pp.15-23, 2010.
DOI : 10.1145/1755688.1755691

]. Magazinius, A. Russo, and A. Sabelfeld, On-the-fly Inlining of Dynamic Security Monitors, Proceedings of the 25th IFIP TC-11 International Information Security Conference IFIP Advances in Information and Communication Technology, pp.173-186, 2010.
URL : https://hal.archives-ouvertes.fr/hal-01054519

]. Magazinius, A. Russo, and A. Sabelfeld, On-the-fly inlining of dynamic security monitors, Computers & Security, vol.31, issue.7, pp.827-843, 2012.
DOI : 10.1016/j.cose.2011.10.002
URL : https://hal.archives-ouvertes.fr/hal-01054519

J. Matthews and R. B. Findler, Operational semantics for multi-language programs, ACM Transactions on Programming Languages and Systems, vol.31, issue.3, pp.1-12, 2009.
DOI : 10.1145/1498926.1498930

M. Scott and S. Chong, Static Analysis for Efficient Hybrid Information- Flow Control, Proceedings of the 24th IEEE Computer Security Foundations Symposium, CSF'24, pp.146-160, 2011.

]. Politz, A. Spiridon-aristides-eliopoulos, S. Guha, and . Krishnamurthi, ADsafety: Type-Based Verification of JavaScript Sandboxing, Proceedings of the 20th USENIX Security Symposium. USENIX Association, p.71, 2011.

A. Russo, K. Claessen, and J. Hughes, A library for light-weight information-flow security in haskell, Proceedings of the 1st ACM SIGPLAN Symposium on Haskell, pp.13-24, 2008.

A. Russo and A. Sabelfeld, Dynamic vs. Static Flow-Sensitive Security Analysis, 2010 23rd IEEE Computer Security Foundations Symposium, pp.186-199, 2010.
DOI : 10.1109/CSF.2010.20

A. Sabelfeld and D. Sands, A Per Model of Secure Information Flow in Sequential Programs, Higher Order and Symbolic Computation, pp.59-91, 2001.
DOI : 10.1007/3-540-49099-X_4

A. Sabelfeld and A. C. Myers, Language-based information-flow security, IEEE Journal on Selected Areas in Communications, vol.21, issue.1, pp.5-19, 2003.
DOI : 10.1109/JSAC.2002.806121

A. Sabelfeld and A. C. Myers, A Model for Delimited Information Release, Proceedings of the 9th Asian Symposium on Programming Languages and Systems, pp.220-237, 2003.
DOI : 10.1007/978-3-540-37621-7_9

]. Shroff, S. F. Smith, and M. Thober, Dynamic Dependency Monitoring to Secure Information Flow, 20th IEEE Computer Security Foundations Symposium (CSF'07), pp.203-217, 2007.
DOI : 10.1109/CSF.2007.20
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.129.4843

A. Deian-stefan, J. C. Russo, D. Mitchell, and . Mazières, Flexible dynamic information flow control in Haskell, Proceedings of the 4th ACM SIGPLAN Symposium on Haskell, pp.95-106, 2011.

A. Deian-stefan, A. Levy, D. Russo, and . Mazières, Building secure systems with LIO (demo), Proceedings of the 2014 ACM SIGPLAN Symposium on Haskell, pp.93-94, 2014.

A. Taly, Ú. Erlingsson, J. C. Mitchell, M. S. Miller, and J. Nagra, Automated Analysis of Security-Critical JavaScript APIs, 2011 IEEE Symposium on Security and Privacy, pp.363-378, 2011.
DOI : 10.1109/SP.2011.39

V. N. Venkatakrishnan, W. Xu, D. C. Duvarney, and R. Sekar, Provably Correct Runtime Enforcement of Non-interference Properties, Proceedings of 8th International Conference on Information and Communications Security, pp.332-351, 2006.
DOI : 10.1007/11935308_24

M. Dennis, C. E. Volpano, G. Irvine, and . Smith, A Sound Type System for Secure Flow Analysis, Journal of Computer Security, vol.4, issue.26, pp.167-187, 1996.

D. Yang, J. Stefan, D. Mitchell, P. Mazières, B. Marchenko et al., Toward Principled Browser Security, 14th Workshop on Hot Topics in Operating Systems. USENIX Association, p.2013, 2013.

B. Lemma, Prototype-Chain Indistinguishability) For any two memories µ 0 and µ 1 respectively well-typed by ? 0 and ? 1 , reference r, and property p such that r 0 = Proto

. Proto, ? 0 ? ? µ 1 , ? 1 , and ? lev ( (? 0 (r), p)) ? lev(? 0 (r)) ? ?

L. @bullet, ? lev(? 0 (r)) ? ? (hyp.5) then, it holds that: r 0 = r 1 . We proceed by induction on the derivation of

L. @bullet, ? ? (3) -(hyp.5) + (2) ? p ? dom(µ 1 (r)) (4) -(hyp.4) + (hyp.6) + (3) ? r 1 = r (5) -(hyp.3) + (4) ? r 0 = r 1 (6) -(1) + (5) [Look-up] p ? dom(µ 0 (r)) (hyp.6), pp.7-7

@. and ?. Dom, -(hyp.4) + (hyp.6) + (1) ? r 1 = Proto(µ 1 , r ? 1 , p), where: r ? 1 = µ 1 (r ·