Menu
I'm new to V8 and plan on using it in a python web application. The purpose is to let users submit and execute certain JS scripts. Obviously this is a security threat so I'm looking for resources that document the ways one might 'lock down' v8. For example, can I create a white list of functions allowed to be called? Or a blacklist of libraries not allowed to be referenced?
831
If you use a plain V8 (i.e. not something like node.js) there won't be any dangerous functions. JavaScript itself doesn't have a stdlib containing filesystem functions etc.
The only thing a malicious user can do is creating infinite loops, deep recursions and memory hogs.
186
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
