fabricemarcelin fabricemarcelin - 1 month ago 16
Javascript Question

Nodejs in sandbox

I'm using nodejs as a middle-man between a client browser and the server to handle all the requests. I'm trying to use nodejs as a filter tool and highlight (if not) all malicious scripts. But I realize that nodejs let the script to run with the current environment privilege. So, I decide to run it in a new context by installing sandbox (

npm install sandbox
or
git clone git://github.com/gf3/sandbox.git
).
However when I run node I have this following error:


TypeError: Cannot call method
\'runInNewContext\' of undefined'


Any ideas anyone?

Answer

Have you looked at the inbuild sandbox abilities of node 0.4.6.

var localVar = 123,
    usingscript, evaled,
    vm = require('vm');

usingscript = vm.runInThisContext('localVar = 1;',
  'myfile.vm');
console.log('localVar: ' + localVar + ', usingscript: ' +
  usingscript);
evaled = eval('localVar = 1;');
console.log('localVar: ' + localVar + ', evaled: ' +
  evaled);

// localVar: 123, usingscript: 1
// localVar: 1, evaled: 1
Comments