SandboxJS
SandboxJS copied to clipboard
nyariv
Safe eval runtime
Hi, nice library! I had to use `Function` instead of `eval`, as the evaluator would throw `eval is not defined`. Indeed, `eval` is missing from the `SAFE_GLOBALS` list: https://github.com/nyariv/SandboxJS/blob/f3168a8e90ad7a48babdf44322b31af90aeac1d1/build/SandboxExec.js#L41. This...
After attempt use compiled code with different contexts I catching error ```ReferenceError: plus is not defined``` and my code ```function plus(n,u){return n+u};function minus(n,u){return n-u};var a=plus(value,10);return minus(a,5);```. In documentation I didn't...
I use SandboxJS with following configuration: ```typescript class SecureEval { private readonly sandbox: Sandbox = new Sandbox(); constructor(whitelistedItems: Record = {}) { const prototypeWhitelist = Sandbox.SAFE_PROTOTYPES; Object.keys(whitelistedItems).forEach((key) => { prototypeWhitelist.set(key,...
```js const sandbox = new Sandbox(); const code = `function onStart() { console.log(some_undefined_var); } return { onStart: onStart }; `; const exec = sandbox.compile(code); const script_context = exec({}).run(); // here...
Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1. Commits 2449650 Update mocha 560b2d8 Don't use regex to trim whitespace b1bdb92 Remove linting package zoo c20dc7e Cache 308 See full diff in compare...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (#428) [Fix] utils.merge: avoid a crash with a null target and a truthy...
This code doesn't currently work in SandboxJS (you can try it quick on the dev tools in https://nyariv.github.io/SandboxJS/): ```js const sandbox = new Sandbox(); const code = ` function test()...
Bumps [minimatch](https://github.com/isaacs/minimatch) to 3.1.2 and updates ancestor dependency [mocha](https://github.com/mochajs/mocha). These dependencies need to be updated together. Updates `minimatch` from 3.0.4 to 3.1.2 Commits 699c459 3.1.2 2f2b5ff fix: trim pattern 25d7c0d...
Bumps [terser](https://github.com/terser/terser) from 5.7.1 to 5.14.2. Changelog Sourced from terser's changelog. v5.14.2 Security fix for RegExps that should not be evaluated (regexp DDOS) Source maps improvements (#1211) Performance improvements in...
This is my script: ```js console.log(1) if (false) throw new Error('test') console.log(2) console.log(3) ``` I run it like this: ```ts // this.jsContents is the the above script const jsContentsExecutor: string...
