3.0.4 • Published 9 months ago

js-worker-sandbox v3.0.4

Weekly downloads
-
License
UNLICENSED
Repository
github
Last release
9 months ago

轻量 JS Worker 执行沙箱

English | 简体中文

注意:从 3.0.0 版本开始,WorkerSandbox 支持浏览器环境。该特性目前仍处于试验阶段,暂时基于 iframe 实现。

Node.js 的 vm 模块允许我们在 V8 的上下文中编译和运行代码,这为代码执行提供了一个隔离的环境,也就是所谓的“沙箱”。在进行指定代码的安全研究或测试时,经常需要评估代码片段的行为而不希望其对主系统造成影响。vm 模块恰好提供了这样的理想环境,可以用于观察和分析代码行为。

概述

本项目使用 vm 模块来创建一个 JavaScript Worker 执行沙箱,实现了以下特性:

  • 代码隔离:使用 Node.js 的 vm 模块在隔离的上下文中执行代码;
  • 事件驱动:实现 Worker 的 fetch 事件处理机制;
  • 环境模拟:模拟 Worker Runtime 的各类 API;
  • 调试支持:支持 console 数据打印,便于开发调试;

安装

npm i js-worker-sandbox -D

使用

Node.js

const { WorkerSandbox } = require("js-worker-sandbox");

async function run() {
  const ws = new WorkerSandbox({
    script: `
addEventListener("fetch", (event) => {
  console.log(event.request.url);
  event.respondWith(new Response("Hello WorkerSandbox!"));
});`,
  });
  
  const res = await ws.dispatchFetch("http://localhost:8000/");
  
  console.log(await res.text());
  ws.dispose();
}

run();
const { WorkerSandbox } = require("js-worker-sandbox");

async function run() {
  const ws = new WorkerSandbox({
    script: `
addEventListener("fetch", (event) => {
  console.log(event.request.url);
  event.respondWith(new Response("Hello WorkerSandbox!"));
});`,
  });
  
  const res = await ws.dispatchFetch("http://localhost:8000/");
  
  console.log(await res.text());
  ws.dispose();
}

run();

Browser

import { WorkerSandbox } from "js-worker-sandbox/dist/broswer";

async function run() {
  const ws = new WorkerSandbox({
    script: `
addEventListener("fetch", (event) => {
  console.log(event.request.url);
  event.respondWith(new Response("Hello WorkerSandbox!"));
});`,
  });
  
  const res = await ws.dispatchFetch("http://localhost:8000/");
  
  console.log(await res.text());
  ws.dispose();
}

run();
import { WorkerSandbox } from "js-worker-sandbox/dist/broswer";

async function run() {
  const ws = new WorkerSandbox({
    script: `
addEventListener("fetch", (event) => {
  console.log(event.request.url);
  event.respondWith(new Response("Hello WorkerSandbox!"));
});`,
  });
  
  const res = await ws.dispatchFetch("http://localhost:8000/");
  
  console.log(await res.text());
  ws.dispose();
}

run();

API

WorkerSandbox

  • constructor(init):接受一个配置对象,其中 script 是需要执行的 JavaScript 代码;
  • dispatchFetch(url, requestInit):模拟 fetch 事件,触发事件监听器;
  • dispose():清除所有事件监听器,释放资源;
typescriptjavascriptworkersandbox
blob-polyfillundiciurlpattern-polyfill
3.0.4

9 months ago

3.0.3

9 months ago

3.0.2

10 months ago

3.0.1

10 months ago

3.0.0

10 months ago

2.3.0

10 months ago

2.2.0

10 months ago

2.4.0

10 months ago

2.0.2

10 months ago

2.1.0

10 months ago

2.0.1

10 months ago

2.0.0

10 months ago

1.0.1

10 months ago

1.0.0

10 months ago