add sandbox.js

apache · Oct 3, 2013 · fddbdf4 · fddbdf4
1 parent 9308071
commit fddbdf4
Showing 1 changed file with 40 additions and 0 deletions.
diff --git a/sandbox.js b/sandbox.js
@@ -0,0 +1,40 @@
+// from https://github.com/KlausTrainer/sandbox.js
+exports.runInSandbox = function(src, ctx, whitelist) {
+  var vm = require('vm'),
+    sandbox;
+
+  if (ctx && ctx.require) {
+    whitelist = whitelist || [];
+    var insecureRequire = ctx.require,
+      module = require("module"),
+      oldModulePrototype = module.prototype;
+
+    var secureRequire = function(moduleName) {
+      if (whitelist.indexOf(moduleName) == -1) {
+        module.prototype = oldModulePrototype;
+        throw new Error("'" + moduleName + "' is not whitelisted");
+      } else {
+        var requiredModule = insecureRequire(moduleName);
+        module.prototype = oldModulePrototype;
+        return requiredModule;
+      }
+    };
+
+    module.prototype = {
+      require: secureRequire,
+      load: module.prototype.load,
+      _compile: module.prototype._compile
+    };
+
+    module._cache = {};
+
+    ctx.require = secureRequire;
+    sandbox = Object.freeze(vm.createContext(ctx));
+    ctx.require = insecureRequire;
+  } else {
+    sandbox = Object.freeze(vm.createContext(ctx || {}));
+  }
+
+  return vm.createScript('(function() {"use strict"; return ('
+                         + src + ')()}())').runInContext(sandbox);
+};