Javascript Sandbox
- by Louis
I want to have developers write some custom apps for a site in Javascript but I want to sandbox it so they can't do anything naughty like redirect the user, set the body display to none etc etc. I have a namespace in Javascript where all the functions they'll ever need exist in there so I was thinking to create a sandbox would be a matter of:
with(Namespace) {
//App code goes here where they can only access Namespace.*
}
How is easy is it to get around this and what other methods can be done? Would rather not have to moderate every submitted app.