Open bnolan opened 9 years ago
dominictarr
commented
9 years ago I'm looking into that right now. the problem is not to let access leak out...
if untrusted code can get to function () {}.constructor then they can do anything. (such as while(true);)
dominictarr
commented
9 years ago My current thinking is it's simplest if you only allow static calls to methods that are provided as context.
A static call would be foo.bar.baz() a dynamic call would be foo[bar].baz() in the first, we know exactly what function they are calling, in the second, we can't tell. (we could check it at runtime, which is fine, because we have an interpreter, but if we have statically safe calls then we can use v8 and it will be faster!)
So, they may only call methods that where passed in, and prevent access to dangerous properties like prototype constructor and __proto__. __defineGetter__.
I'm not sure about access to OO stuff, like [].reduce you can't necessarily tell that is really the array's reduce there. this is stuff you could check dynamically though.
So maybe you provide a set of helper functions, instead of the built ins (which are not very good anyway!)
Can you add the math functions to it? Or maybe the ability to add functions Arbitrarily? Also, would it be possible to use jarbarscript on a three.js vector?