caja
jailed
caja | jailed | |
---|---|---|
2 | 2 | |
1,117 | 994 | |
- | - | |
10.0 | 0.0 | |
over 3 years ago | about 4 years ago | |
Java | JavaScript | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
caja
- Show HN: Run unsafe user generated JavaScript in the browser
-
The Complicated Futility of WordPress
> PHP code is not sandboxable
People said the same about JavaScript, and yet smart people figured out ways to do it. For example: https://github.com/googlearchive/caja
PHP may be particularly challenging to sandbox, but it's not too much for talented engineers to figure out.
jailed
-
Show HN: Run unsafe user generated JavaScript in the browser
What advantages does workerbox have over existing solutions like jailed [1]?
[1] https://github.com/asvd/jailed
-
Sandboxed language/interpreter to embed in browser to run untrusted code
So far I'm thinking using a iframe/worker sandbox might be acceptable, this library comes to mind. However it also seems to have some security issues that I'd need to watch for. I'm not 100% sure but I believe I could avoid a lot of issues by using either jailed or doing my own iframe worker sandbox, and serving the user scripts from another domain. This seems to be similar to what platforms like jsfiddle and the like do. However this sounds rather irritating to deal with.
What are some alternatives?
wordpress-develop - WordPress Develop, Git-ified. Synced from git://develop.git.wordpress.org/, including branches and tags! This repository is just a mirror of the WordPress subversion repository. Please include a link to a pre-existing ticket on https://core.trac.wordpress.org/ with every pull request.
determine-basal-native
lumina - Lumina Desktop Environment
workerbox - A secure sandbox to execute untrusted user JavaScript, in a web browser, without any risk to your own domain/site/page.
cinnamon-spices-applets - Applets for the Cinnamon desktop
json-editor - JSON Schema Based Editor
rs_asio - ASIO for Rocksmith 2014
Pentive - Collaborative Spaced Repetition
Directus - The Modern Data Stack 🐰 — Directus is an instant REST+GraphQL API and intuitive no-code data collaboration app for any SQL database.
vm2-process - Execute unsafe javascript code in a sandbox
deno - A modern runtime for JavaScript and TypeScript.
proposal-shadowrealm - ECMAScript Proposal, specs, and reference implementation for Realms