Alternative to Mozilla's eval in a scope

Andy Chu andy at chubot.org
Sun Dec 13 22:17:16 PST 2009


On Sun, Dec 13, 2009 at 9:56 PM,  <ihab.awad at gmail.com> wrote:
> Hi Andy,
>
> On Sun, Dec 13, 2009 at 9:49 PM, Andy Chu <andy at chubot.org> wrote:
>> There is a function called "loadCode" for now, that behaves a little
>> bit like eval:
>>
>> var code = loadCode("var foo=3; var bar = function(a) { fn(a) };",
>> {fn: obj.fn});
>>
>> // code is now {foo: 3, bar: function(a) ...}
>
> Where is this loadCode function implemented? Is this something you
> wrote yourself?

I was just imagining what I would want the API to look like (after
unsatisfactorily hacking the plugins in ES3).  I've done similar
things in Python, which is fairly close to those semantics.  I don't
expect that it would be very hard to do a demo of this say in v8.

If Caja has already done something along these lines then awesome --
I'm just asking if there is discussion about standardizing such a
thing.

It seems like a pretty useful primitive to have.  In a way it's a bit
lower level than a module system.  You could implement a module system
on top of that (I think CommonJS modules), and without knowing too
much it looks like part of Web Workers could be defined in those terms
(e.g. one context needs to be able to call the onmessage() function in
another context).

I'm sure there are all sorts of details, e.g. around primordials, and
defining exactly what kind of isolation is the goal (isolating
__builtins__: None in Python is not safe because you can still
traverse the object graph of a literal: "{}.__class__.__subclasses__"
etc.).

> In the Caja project, our "isolated evaluator" is implemented to return
> the value of the last ExpressionStatement in the code. In other words,
> the loaded code is more easily able to defend its *own* integrity
> since its top-level vars are private to it.

Where is this documented?  I've looked at the Caja site but don't see it.

I see the point about keeping top level vars private -- that's
definitely desirable.  Though there are many possible mechanisms for
keeping some variables private.

Random thought: It may be interesting to have another argument that
specifies what kind of code is allowed:

loadCode("var a...", {}, "es5-strict");
loadCode("var a...", {}, "es3");
loadCode("var a...", {}, "caja");

thanks,
Andy


More information about the es-discuss mailing list