Dean Edwards has created a Sandbox funtion that allows him to eval code outside the contect of a window. I’ve been experimenting with running code in an iframe and the results are very encouraging.

Sandbox.eval()

I’m currently developing a templating system in JavaScript and ran into a problem with scope. The problem is that my template scripts have access to all of the global (window) object’s properties and methods. I don’t want this. I want my template scripts to run in a separate, closed environment. Template scripts shouldn’t be able to address anything in the browser window. This could potentially lead to disaster.
Continue for more info….

sandbox.eval("alert('Hello!')"); // => Hello!
try {
var goodbye = "Goodbye!";
sandbox.eval("alert(goodbye)"); // => ERROR!
} catch (error) {
alert("ERROR!");
}

ajaxian

Sandbox, java, javascript, sandboxing