Helma Logo
main list history
previous version  overview  next version

Version 1 by hannes on 03. April 2009, 18:18

One cool new feature the helma.system module provides is the createSandbox() function to create *JavaScript sandboxes*. It allows you to set up an isolated JavaScript environment with its own module search path and global object. Optionally, you can inject global properties, restrict access to Java objects using a ClassShutter, and seal the global object.

The following code shows how to set up a sandbox with the directory <tt>some/dir</tt> as only module path and pass it the require() function from our host environment:

  var sandbox = createSandbox("some/dir", {require: require});

The createSandbox() function tries to evaluate a file called <tt>global.js</tt> to initialize the sandbox's global object. Optionally, the global object can be sealed after global.js has been run. The following code shows how to do that and also creates a sandbox that prevents any access to java objects.

  var classShutter = function(classname) { return false; };
  var sandbox = createSandbox('some/dir', {require: require},
                              classShutter, true);

Note that the require function we pass to the sandbox is not affected by the ClassShutter since it is defined in the outer trusted host environment.