svent
commented
10 years ago Thanks for your report! I think this is a great idea and it seems there are some use cases for this kind of functionality. I will include something like that in an upcoming version.
There have been times where I have been attempting to analyze some javascript that references code in an external library (For example jquery). This external script is included into the page via a tag such as:
This code will fail in jsdetox because any function calls to the jquery library will fail (unless you include the full code of jquery in the analyze tab).
The downside to doing that is that it adds several hundred lines of code to the analyze tab (code which can typically be assumed to be safe). It also severely slows down calls to reformat/analyze.
What I am suggesting is that a way to upload a javascript file as an "external resource" be added. You could include this in a new tab. The functionality would be that any code that is executed would be executed with these "external resources" added in, but calls to analyze/reformat would not (unless you think that it would be needed for analyze). Also the script files uploaded to the new "external resources" tab would not appear in the analyze/reformat boxes (but perhaps a list of included external resources should be shown in the gray box on the right to maintain awareness that they are configured).
EDIT: I would have supported this with a pull request, but I am a python guy...