<div dir="ltr"><div><a href="https://code.google.com/p/google-caja/source/browse/trunk/src/com/google/caja/ses/">https://code.google.com/p/google-caja/source/browse/trunk/src/com/google/caja/ses/</a><br></div><a href="http://research.google.com/pubs/pub40673.html">http://research.google.com/pubs/pub40673.html</a><br><a href="https://code.google.com/p/google-caja/wiki/SES">https://code.google.com/p/google-caja/wiki/SES</a><br><a href="http://www-cs-students.stanford.edu/~ataly/Papers/sp11.pdf">www-cs-students.stanford.edu/~ataly/Papers/sp11.pdf</a><div><br></div><div><a href="http://wiki.ecmascript.org/doku.php?id=strawman:concurrency">http://wiki.ecmascript.org/doku.php?id=strawman:concurrency</a> desperately needs updating in light of modern promises, but see discussion of Vats and "there".</div><div><br><div class="gmail_extra"><br><div class="gmail_quote">On Sun, Nov 23, 2014 at 3:27 AM, Michał Wadas <span dir="ltr"><<a href="mailto:michalwadas@gmail.com" target="_blank">michalwadas@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">Introdution:<br>
- eval executes piece of code<br>
- eval can not be safely used with external input<br>
- Python's ast.literal_eval would be almost useless in modern<br>
JavaScript (almost all data types can be easily send as JSON)<br>
<br>
literal_eval description:<br>
>The string or node provided may only consist of the following Python literal structures: strings, numbers, tuples, lists, dicts, booleans, and None.<br>
<br>
<br>
<br>
My proposition is "safe eval".<br>
Safe eval ( eval.safe(string: code, callback) ) should perform theses steps:<br>
- Create isolated realm without capabilities to perform almost any IO<br>
(implementation dependant - no XHR, no importScript, no require)<br></blockquote><div><br></div><div>y</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
- evaluate code in context of created realm<br></blockquote><div><br></div><div>y</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
- post result of last evaluated expression back to creator realm using<br>
structured-clone algorithm<br></blockquote><div><br></div><div>n. Structured clone sucks.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
- call callback with returned data<br></blockquote><div><br></div><div>Prefer promises to callbacks</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<br>
Pros:<br>
+ sandbox offered by language<br></blockquote><div><br></div><div>y. Plan is to refine Realm API for ES7 by trying to redo SES in terms of Vats.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
+ easy to run in other thread<br></blockquote><div><br></div><div>y</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
+ quite easy to polyfill<br></blockquote><div><br></div><div>Well, it wasn't as easy as I first expected, but we do have a SES polyfill. Not yet for Vats or Dr. SES</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
+ servers can send computations to users<br></blockquote><div><br></div><div>y</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
+<br>
Cons:<br>
- Realm creation can be costly (but implementations can solve this<br>
problem in many ways)<br></blockquote><div><br></div><div>y</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
- proposal does not include support for asynchronous operations<br></blockquote><div><br></div><div>Dr. SES does.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
_______________________________________________<br>
es-discuss mailing list<br>
<a href="mailto:es-discuss@mozilla.org">es-discuss@mozilla.org</a><br>
<a href="https://mail.mozilla.org/listinfo/es-discuss" target="_blank">https://mail.mozilla.org/listinfo/es-discuss</a><br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature">    Cheers,<br>    --MarkM</div>
</div></div></div>