You would be hard pressed to find a website built in the last few years that does not use third party code. Its use has allowed many website developers to punch above their weight, and build rich functionality in their websites that they could not have done by themselves. These advantages carry risks since third party code operates with the same privileges as the code written by the website’s developers. This project highlights a way developers can protect their websites from untrustworthy third party code. It is able to mediate access to the most dangerous privileges, work in current and many legacy browsers, and is designed using academically accepted security principles. As you read this paper, you will first learn about web technologies and the problem relating to third party code faced by website developers. You will then learn about the requirements for a solution aiming to solve the problem and past academic research on potential solution. Finally, you will be introduced to a real solution, implemented as a prototype, than can be used immediately to improve a website’s security.