diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)

Nov212006

Sandboxing JavaScript Using ‘iframe’

Dean Edwards has created a Sandbox funtion that allows him to eval code outside the contect of a window. I’ve been experimenting with running code in an iframe and the results are very encouraging.

Sandbox.eval()

I’m currently developing a templating system in JavaScript and ran into a problem with scope. The problem is that my template scripts have access to all of the global (window) object’s properties and methods. I don’t want this. I want my template scripts to run in a separate, closed environment. Template scripts shouldn’t be able to address anything in the browser window. This could potentially lead to disaster.
Continue for more info….


sandbox.eval("alert('Hello!')"); // => Hello!
try {
var goodbye = "Goodbye!";
sandbox.eval("alert(goodbye)"); // => ERROR!
} catch (error) {
alert("ERROR!");
}

ajaxian

Sandbox, java, javascript, sandboxing

Share This Story, Choose Your Platform!

Do NOT follow this link or you will be banned from the site!