Consider sandboxing proxy-vole

[jpasski]

Proxy-vole executes potentially malicious JavaScript in a ScriptEngine. The current readme mentions this:

Caveat emptor: any identified PAC scripts are executed as-is. That is, they are not sandboxed within a security manager.

Design and implement a sandbox that disallows any shenanigans via malicious JavaScript. (It would also be nice to know what malicious JS could actually do here...)

[pajswigger]

If you put this in your PAC, it launches calculator:

java.lang.Runtime.getRuntime().exec("calc");

Probably want to use something like this to restrict it.