Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
When players type code into your website, you can do one of three things:
eval()their code - let them hack the level and break their own page if they want to, but don't let other players run that code, since it's a security risk.
- Send the code to your server, where you can lock it way, way down in its own process, run it, and send it back to the player. If it explodes, tell them it didn't work.
Why? It turns out you have to be crazy like this if you want to provide live-coding performance, friendly error messages, multiplayer security, offline play, and time-travel debugging, Bret-Victor-style.