Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Security Implementations of Active Content



Wayne Jansen, Athanasios T. Karygiannis


Active content documents offer several benefits to both the users of these documents and their authors. Java applets, JavaScript, and ActiveX provide more functionality to static Web pages, plug-ins enable browsers to support new types of content, Postscript offloads the processing and interpretation of the presentation of documents to the printer, and macros automate repetitive word processing and spreadsheet tasks. The benefits of each of these active content technologies must be carefully weighed against the new risks they pose to an organization s computing environment. Security is not black or white, but shades of gray. When employing active content technology, security measures should be put in place to reduce risk to a pragmatic level and to quickly recover if an incident occurs.
ITL Bulletin -


active content, java, javascript, macro, plug-in, postscript, security


Jansen, W. and Karygiannis, A. (2000), Security Implementations of Active Content, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed July 12, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created March 30, 2000, Updated February 19, 2017