Skip to content

Sandbox

Emiel Mols edited this page Aug 12, 2015 · 1 revision

Plugin code is subject to a statically-checked Javascript sandbox to prevent code from "breaking out" (eg. accessing data from other plugins or happenings, misleading users by breaking user interface elements, etc). Static checking is done when submitting the plugin bundle.

To maintain the sandbox, some features that a web developer has come to know and use in normal HTML5 apps are unavailable:

  • direct access to DOM elements (users could follow the dom tree up and change the content of a parent element, or could use fixed positioning to draw over core user interface elements to mislead users)
  • direct access to Event objects (users could retrieve a DOM element from it)
  • direct access to the window object and APIs like localStorage

Instead, APIs are provided to accomplish similar tasks. Most notably, access to the DOM has been abstracted by the dom module that uses a reactive programming paradigm to describe layouts.

Server-side code runs on custom v8 instances. Only core Javascript library (like Math and JSON) is available (this is not Node.js), apart from our own server-side API of course.

Basic topics

API reference

  • API Reference
    • Client
      • [client plugin](client plugin)
      • [client dom](client dom)
      • [client obs](client obs)
      • [client db](client db)
      • [client server](client server)
      • [client page](client page)
      • [client ui](client ui)
      • [client form](client form)
      • [client icon](client icon)
      • [client modal](client modal)
      • [client photo](client photo)
      • [client photoview](client photoview)
      • [client time](client time)
      • [client share](client share)
      • [client map](client map)
      • [client geoloc](client geoloc)
    • Server
      • [server event](server event)
      • [server plugin](server plugin)
      • [server http](server http)
      • [server db](server db)
      • [server photo](server photo)
      • [server time](server time)
  • Example UI elements

Advanced topics

Clone this wiki locally