vee-eight
v0.0.1
Published
Safely execute arbitrary untrusted JavaScript from nodejs. This module implements a lightweight isolated JavaScript environment that can be used to run any code without being able to escape the sandbox. The V8 context is initialized and executed entirely
Downloads
6
Readme
vee-eight
Safely execute arbitrary untrusted JavaScript from nodejs. This module implements a lightweight isolated JavaScript environment that can be used to run any code without being able to escape the sandbox. The V8 context is initialized and executed entirely from C++ so it's impossible for the JS stack frames to lead back to the nodejs environment. It's usable from a nodejs process, but the JS environment is pure V8.
See example.js for usage
Installation
npm install vee-eight
Once installed, import it into your module via:
const VeeEight = require('vee-eight').VeeEight
API
Initialize a new VeeEight instance:
const v8 = new VeeEight()
Use execute(code) to run the specified code block:
v8.execute("1+2")
// #=> 3
State will be preserved between function calls:
v8.execute("var = 42")
v8.execute("var")
// # => 42
To clear the context invoke reset():
v8.reset()
v8.execute("var")
// # => ReferenceError: s is not defined
To limit long running operations, set a timeout with: timeout(milliseconds):
v8.timeout(1000) // 1 second timeout
v8.execute("while(true){}")
// # => timed out
License
vee-eight is licensed under The MIT License