![]() ![]() ![]() Is there a standard way to sandbox and execute non-trusted JavaScript in Node, getting the output. I have seen some projects like Microsoft Web Sandbox and Google Caja which allow execution of sanitized markup and script (for embedding third-party ads on websites), but it seems that these are client-side tools and I'm not sure if they can be safely used within Node. The eval function comes to mind, but I know this has multiple security concerns (the user submitted code would be able to access Node's File API, etc). I would like to have the ability to let users submit arbitrary JavaScript code, which is then sent to a Node.JS server and safely executed before the output is sent back to multiple clients (as JSON).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |