I'm wondering if it's possible to sandbox JavaScript running in the browser to prevent access to features that are normally available to JavaScript code running in an HTML page.  For example, let's say I want to provide a JavaScript API...
I would like to have the ability to let users submit arbitrary JavaScript code, which is then sent to a Node.JS server and safely executed before the output is sent back to multiple clients (as JSON). The eval function comes to mind, but I know this...
I've got an empty iframe and a button:  <input type="button" name="B1" value="google" onclick="frames['IFrameName1'].location.href='https://www.google.com/'">  But (besides .location.href) i n...
I have an untrusted code submitted by a user, and I need to execute it in a sandboxed environment in a browser.  I was advised that Web-Workers cannot be secure enough for that, and that a sandbxed iframe should better be used. This page:  https://ww...
I have this turn-based NodeJs gaming app in which developers (anyone) can submit a player-robot. My NodeJS app will load all players and let them play against each other. Because I don't know anything about the code submitted I need to run it ins...
I want to have developers write some custom apps for a site in Javascript but I want to sandbox it so they can't do anything naughty like redirect the user, set the body display to none etc etc. I have a namespace in Javascript where all the func...
I am using Selenium to test a web application and am not allowed to modify the application's javascript code.  I am trying to track the number of outstanding AJAX requests by using GreaseMonkey to override XMLHttpRequest.send.  The new send() wil...
I had a bug in our (code signed) java applet "access denied (java.net.SocketPermission x.x.x.x:443 connect_resolve." We had an html "save" button that was calling (via javascript) an applet method to save a file, loaded into the apple...
Can someone please provide me more information on this error and how 'allow-same-origin' flag works? I am getting following error in Chrome for iframe Sandboxing:     Uncaught SecurityError: Failed to read the 'contentDocument' proper...
I am loading HTML content into an iframe using the srcdoc property. The iframe is a sandboxed iframe with no permissions given, so all Javascript in the iframe is blocked. However, remote requests (such as for CSS, images etc.) will still be triggere...

Tags

Recent Questions

Top Questions

Home Tags Terms of Service Privacy Policy DMCA Contact Us

©2020 All rights reserved.