This repository has been archived by the owner on Dec 5, 2019. It is now read-only.
forked from gf3/sandbox
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Initial working commit. Specs coming soon.
- Loading branch information
0 parents
commit 6ae0613
Showing
4 changed files
with
146 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
# Node Sandbox | ||
|
||
A rudimentary javascript sandbox for use with NodeJS. | ||
|
||
## Some features | ||
|
||
- Can be used to execute untrusted code. | ||
- Support for timeouts (e.g. prevent infinite loops) | ||
- Handles errors gracefully | ||
- Restricted code (cannot access NodeJS methods) | ||
|
||
## Example | ||
|
||
Be sure to check out example/example.js | ||
|
||
var s = new Sandbox(); | ||
s.run('1 + 1 + " apples"', function(output) { | ||
// output == "2 apples" | ||
}); | ||
|
||
## Documentation | ||
|
||
Coming soon! | ||
|
||
Basic syntax: `sandbox_instance.run(code_string, hollaback_function)` | ||
|
||
## Author | ||
|
||
Written by [Gianni Chiappetta](http://github.com/gf3) – [gf3.ca](http://gf3.ca) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
var sys = require("sys"); | ||
process.mixin(GLOBAL, require("../lib/sandbox")); | ||
|
||
var s = new Sandbox(); | ||
|
||
// Example 1 - Standard JS | ||
s.run("1 + 1", function(output) { | ||
sys.puts("Example 1: " + output); | ||
}); | ||
|
||
// Example 2 - Something slightly more complex | ||
s.run("(function(name) { return 'Hi there, ' + name + '!'; })('Fabio')", function(output) { | ||
sys.puts("Example 2: " + output); | ||
}); | ||
|
||
// Example 3 - Syntax error | ||
s.run("lol)hai", function(output) { | ||
sys.puts("Example 3: " + output); | ||
}); | ||
|
||
// Example 4 - Restricted code | ||
s.run("process.platform", function(output) { | ||
sys.puts("Example 4: " + output); | ||
}); | ||
|
||
// Example 5 - Infinite loop | ||
s.run("while (true) {}", function(output) { | ||
sys.puts("Example 5: " + output); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
// sandbox.js - Rudimentary JS sandbox | ||
// Gianni Chiappetta - gf3.ca - 2010 | ||
|
||
/*------------------------- INIT -------------------------*/ | ||
var sys = require("sys"); | ||
|
||
/*------------------------- Sandbox -------------------------*/ | ||
function Sandbox(options) { | ||
this.options = process.mixin(process.mixin({}, Sandbox.options), options || {}); | ||
|
||
this.run = function(code, hollaback) { | ||
// Any vars in da house? | ||
var timer, | ||
stdout = "", | ||
output = function(data) { | ||
if (!!data) stdout += data; | ||
}, | ||
child = process.createChildProcess("node", [this.options.shovel]); | ||
|
||
// Listen | ||
child.addListener("output", output); | ||
child.addListener("exit", function(code) { | ||
if (code != 15) { | ||
clearTimeout(timer); | ||
hollaback.call(this, stdout); | ||
} | ||
}); | ||
|
||
// Go | ||
child.write(code); | ||
timer = setTimeout(function() { | ||
child.removeListener("output", output); | ||
child.kill(); | ||
hollaback.call(this, "TimeoutError"); | ||
}, this.options.timeout); | ||
child.close(); | ||
}; | ||
} | ||
|
||
// Options | ||
Sandbox.options = { | ||
timeout: 500, | ||
shovel: (function() { | ||
var p = __filename.split("/").slice(0, -1); | ||
p.push("shovel.js"); | ||
return p.join("/"); | ||
})() | ||
}; | ||
|
||
/*------------------------- Export -------------------------*/ | ||
exports.Sandbox = Sandbox; | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
// shovel.js - Do the heavy lifting in this sandbox | ||
// Gianni Chiappetta - gf3.ca - 2010 | ||
|
||
/* ------------------------------ INIT ------------------------------ */ | ||
var code = "", | ||
reserved = { | ||
require: null, | ||
code: null, | ||
reserved: null, | ||
run: null | ||
}; | ||
|
||
/* ------------------------------ Sandbox ------------------------------ */ | ||
// Generate list of reserved items | ||
for (var i in GLOBAL) reserved[i] = null; | ||
|
||
// Get code | ||
process.stdio.addListener("data", function(data) { | ||
code += data; | ||
}); | ||
process.stdio.addListener("close", run); | ||
process.stdio.open(); | ||
|
||
// Run code | ||
function run() { | ||
var output = (function() { | ||
try { | ||
return eval('with (reserved) { ' + code + ' }'); | ||
} | ||
catch (e) { | ||
return e.name + ': ' + e.message; | ||
} | ||
})(); | ||
process.stdio.write(output); | ||
process.exit(0); | ||
} |