0

I found this gist to implement a sandbox for 3rd-party code using with and the Harmony direct proxies. How useful is it? Would it be possible to implement a proper javascript sandbox using proxies? What are the quirks and / or downsides of this approach?

(I'm looking for a javascript-only solution in this question, so no Caja and similar server-side projects)

janesconference
  • 6,045
  • 7
  • 52
  • 71

1 Answers1

1

In principle, that approach should probably work. However, a couple of things to note:

  1. Clearly, this requires putting all untrusted code into the with-scope. In practice, that might become rather unwieldy.

  2. Moreover, it subtly changes the meaning of outermost var/function declarations contained in that code, which now become local instead of being properties on the global object. Undeclared variables, on the other hand, will still end up on the global object. This may break some programs.

  3. Because of the insane semantics of 'with', modern JavaScript VMs give up most attempts to optimise code in its scope. Generated code can easily be two orders of magnitude slower for something that has a 'with'.

So overall, I wouldn't recommend this approach. You are far better off with SES or Caja (not sure in which sense you call those server-side).

(It's also worth noting that ES6's module loaders will provide a cleaner way to sandbox the global object. But it is hard to tell when those will become available. Not soon.)

Andreas Rossberg
  • 31,309
  • 3
  • 55
  • 70
  • - I call Caja "server-side" because it needs an external java server / process to cajole the code. Plus, you can't do anything you want with Caja (certain libraries won't work, certain objects like Audio API won't be tamed etc) - I have read (briefly, I confess) the [Harmony module spec](http://wiki.ecmascript.org/doku.php?id=harmony:module_loaders). How do you sandbox the global object? (defineBuiltins, I guess, but it's not clear). - What is SES? :) – janesconference May 29 '13 at 22:15