I want to have developers write some custom apps for a site in Javascript but I want to sandbox it so they can't do anything naughty like redirect the user, set the body display to none etc etc. I have a namespace in Javascript where all the functions they'll ever need exist in there so I was thinking to create a sandbox would be a matter of:
with(Namespace) {
//App code goes here where they can only access Namespace.*
}
How is easy is it to get around this and what other methods can be done? Would rather not have to moderate every submitted app.
Well, the options to sandbox code at the moment are:
Both allow you to create a safe environment where the access to the global object and the DOM is restricted.
The primary purpose of these projects is to allow you to safely embed widgets and any web content from third parties.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With