You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by ja...@apache.org on 2013/10/03 17:51:02 UTC
[12/17] git commit: updated refs/heads/master to 532100c
add sandbox.js
Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/ba6bdae4
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/ba6bdae4
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/ba6bdae4
Branch: refs/heads/master
Commit: ba6bdae4e3e941c8f815228d5937f35a33deddf7
Parents: 12763ee
Author: Jan Lehnardt <ja...@apache.org>
Authored: Sat Sep 21 16:28:47 2013 +0200
Committer: Jan Lehnardt <ja...@apache.org>
Committed: Thu Oct 3 17:21:30 2013 +0200
----------------------------------------------------------------------
NOTICE | 4 ++++
license.skip | 1 +
src/couchjs-node/sandbox.js | 40 ++++++++++++++++++++++++++++++++++++++++
3 files changed, 45 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/couchdb/blob/ba6bdae4/NOTICE
----------------------------------------------------------------------
diff --git a/NOTICE b/NOTICE
index 6a41c6c..5c95dd2 100644
--- a/NOTICE
+++ b/NOTICE
@@ -189,3 +189,7 @@ This product also includes the following third-party components:
* share/doc/src/templates/couchdb/domainindex.html
Copyright 2007-2011 by the Sphinx team
+
+ * sandbox.js https://github.com/KlausTrainer/sandbox.js
+
+ (c) 2013 Klaus Trainer
http://git-wip-us.apache.org/repos/asf/couchdb/blob/ba6bdae4/license.skip
----------------------------------------------------------------------
diff --git a/license.skip b/license.skip
index d87cc6c..4352011 100644
--- a/license.skip
+++ b/license.skip
@@ -110,6 +110,7 @@
^src/couchdb/priv/couchspawnkillable
^src/couchdb/priv/stat_descriptions.cfg
^src/couchjs-node/package.json
+^src/couchjs-node/sandbox.js
^src/couchjs-node/README.md
^src/erlang-oauth/.*
^src/couch_dbupdates
http://git-wip-us.apache.org/repos/asf/couchdb/blob/ba6bdae4/src/couchjs-node/sandbox.js
----------------------------------------------------------------------
diff --git a/src/couchjs-node/sandbox.js b/src/couchjs-node/sandbox.js
new file mode 100644
index 0000000..cfdff18
--- /dev/null
+++ b/src/couchjs-node/sandbox.js
@@ -0,0 +1,40 @@
+// from https://github.com/KlausTrainer/sandbox.js
+exports.runInSandbox = function(src, ctx, whitelist) {
+ var vm = require('vm'),
+ sandbox;
+
+ if (ctx && ctx.require) {
+ whitelist = whitelist || [];
+ var insecureRequire = ctx.require,
+ module = require("module"),
+ oldModulePrototype = module.prototype;
+
+ var secureRequire = function(moduleName) {
+ if (whitelist.indexOf(moduleName) == -1) {
+ module.prototype = oldModulePrototype;
+ throw new Error("'" + moduleName + "' is not whitelisted");
+ } else {
+ var requiredModule = insecureRequire(moduleName);
+ module.prototype = oldModulePrototype;
+ return requiredModule;
+ }
+ };
+
+ module.prototype = {
+ require: secureRequire,
+ load: module.prototype.load,
+ _compile: module.prototype._compile
+ };
+
+ module._cache = {};
+
+ ctx.require = secureRequire;
+ sandbox = Object.freeze(vm.createContext(ctx));
+ ctx.require = insecureRequire;
+ } else {
+ sandbox = Object.freeze(vm.createContext(ctx || {}));
+ }
+
+ return vm.createScript('(function() {"use strict"; return ('
+ + src + ')()}())').runInContext(sandbox);
+};