proposal-compartments
caja
proposal-compartments | caja | |
---|---|---|
1 | 2 | |
111 | 1,117 | |
0.0% | - | |
10.0 | 10.0 | |
over 1 year ago | over 3 years ago | |
HTML | Java | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
proposal-compartments
-
Show HN: Run unsafe user generated JavaScript in the browser
There's a related proposal for Compartments and Module constructor is a prerequisite to that. A shim for the entire thing exists, with lockdown and Compartments isolating code:
https://github.com/endojs/endo/tree/master/packages/ses
https://github.com/tc39/proposal-compartments/
It has usage already, eg. metamask snaps
caja
- Show HN: Run unsafe user generated JavaScript in the browser
-
The Complicated Futility of WordPress
> PHP code is not sandboxable
People said the same about JavaScript, and yet smart people figured out ways to do it. For example: https://github.com/googlearchive/caja
PHP may be particularly challenging to sandbox, but it's not too much for talented engineers to figure out.
What are some alternatives?
jailed - execute untrusted code with custom permissions
wordpress-develop - WordPress Develop, Git-ified. Synced from git://develop.git.wordpress.org/, including branches and tags! This repository is just a mirror of the WordPress subversion repository. Please include a link to a pre-existing ticket on https://core.trac.wordpress.org/ with every pull request.
workerbox - A secure sandbox to execute untrusted user JavaScript, in a web browser, without any risk to your own domain/site/page.
lumina - Lumina Desktop Environment
determine-basal-native
cinnamon-spices-applets - Applets for the Cinnamon desktop
json-editor - JSON Schema Based Editor
rs_asio - ASIO for Rocksmith 2014
Directus - The Modern Data Stack 🐰 — Directus is an instant REST+GraphQL API and intuitive no-code data collaboration app for any SQL database.
deno - A modern runtime for JavaScript and TypeScript.
plasmic - Visual builder for React. Build apps, websites, and content. Integrate with your codebase.
proposal-shadowrealm - ECMAScript Proposal, specs, and reference implementation for Realms