After getting some feedback from Mikeal Rogers and Tim Smart, it was decided that evalcx should not try to do any fancy security stuff, and instead leave that in the hands of the user. To comply more with spidermonkey, everything is passed in, and objects are passed in by reference rather than being cloned.
1. Move the context->Enter() call so that the global obj is available for writing. 2. On success, copy the modified global out to the sandbox object. 3. Don't copy functions in either direction. They have scope and closures, and make for craziness when trying to keep contexts separate. 4. Only do the ->ToObject->Clone() on objects, so that simple values stay simple. 5. Update the test so that it tests all this stuff.
…vent silent failure.