Some sites allow users to provide active contents that can be posted on the Web sites in the form of images, movies and at times JavaScript. Third party advertisers are also allowed to upload ads that include flash banners. From the perspective of security, running a site with such a functionality opens it up to different script based attacks, malware via ad network infection, information gathering and inappropriate content.

Some businesses may require active contents to execute either by the user, a partner or an advertiser which of course as many knows with identified risks. Currently, there is no way to limit the access like allowing only certain advertisers to post only certain contents on such domain or a way to prevent exploiting an XSS hole from executing script from the users browser. The importance of Active Content Policy becomes important in order to restrict active content execution, inform browser which domains can serve certain contents and inform browsers of legitimate executions.