Research a way to have a js engine in .net

[kellyelton]

There are plenty of options out there, so this ticket isn't to determine if it's even possible.

Requirements

• Should allow multiple separate engines running in a single app domain at the same time
• Instance should be able to be reused and have it store states between calls.
• Should be updated regularly.
• Should be up to date (using ecmascript 6)
• Should NOT have node.js built in
• Ability to have each side cleanly pass objects back and forth, with the least amount of headache possible.
• Must have a decent license.
• Must use the Google v8 engine as the js engine.
• Must allow delegates in both directions without anything crazy, as well as automatic serialization/deserialization

The reason we don't want to have node.js integration is because it opens security holes with socket and file system access. The best model most likely will end up being a js engine that's only access to the outside world is through us.

Expected behavior of delegates

public interface IJsEngine
{
    void AddVariable(string name, object cls);
    object Execute(string js);
}

public class TestClass
{
    public void DoIt()
    {
        System.Console.WriteLine("taco");
    }
}

void Test(IJsEngine engine)
{
    var obj = new TestClass();
    engine.AddVariable("test", obj);

    engine.Execute("test.DoIt();");
    // Prints "taco" to the command line

    engine.Execute(@"
var MyNewClass = function(){}{
    test.DoIt();
}
MyNewClass.prototype.doItJsStyle = function(){
    test.DoIt();
}");

    var fun = engine.Execute("return function(){ test.DoIt();}");
    fun();
    // Prints "taco" to the command line
    var cls = engine.Execute("return new MyNewClass();");
    // Prints "taco" to the command line
    cls.doItJsStyle();
    // Prints "taco" to the command line
}

I have a few that could be researched as a headstart. https://github.com/tjanczuk/edge https://javascriptdotnet.codeplex.com/

[Gravecorp]

I eliminated 4 other options because they either require things like evai() to work which i think is bad practice especially if scripts can be supplied by a third party or they are very inactive with a long issue list that really needs fixing. Right now the options are edge, javascriptdotnet and Jint I have reviewed and rejected: clearscript nil.js ironJS jurassic

Jint link: https://github.com/sebastienros/jint

[kellyelton]

Yeah it seems like all of them but ironJS are actively updated.

[Gravecorp]

After some testing i will relegate edge.js to the maybe/no pile due to having node.js inside it and that poses a security risk when we are dealing with 3rd party code. Other than the glaring security issue it would probably still fit the bill although objects get sent over in JSON and returned in the same format so calling functions on c# objects in JS would give issues but just changing values would work if you work over the changes when it gets returned.

[kellyelton]

Was using Jint for a bit, but it couldn't properly use dynamic objects or actually operate on the objects passed in properly. Tried Javascript.net and it was the same situation. Ended up using Clearscript as it allowed DyamicObjects to be passed in by reference and allowed the javascript to modify the object that exists outside of its context.

That all being said, I don't know if Clearscript is the best choice, I just chose it because I had to pick something. So this ticket can stay open so we can see if there's a better alternative.