3.0.4 • Published 5 months ago

js-worker-sandbox v3.0.4

Weekly downloads
-
License
UNLICENSED
Repository
github
Last release
5 months ago

轻量 JS Worker 执行沙箱

English | 简体中文

注意:从 3.0.0 版本开始,WorkerSandbox 支持浏览器环境。该特性目前仍处于试验阶段,暂时基于 iframe 实现。

Node.js 的 vm 模块允许我们在 V8 的上下文中编译和运行代码,这为代码执行提供了一个隔离的环境,也就是所谓的“沙箱”。在进行指定代码的安全研究或测试时,经常需要评估代码片段的行为而不希望其对主系统造成影响。vm 模块恰好提供了这样的理想环境,可以用于观察和分析代码行为。

概述

本项目使用 vm 模块来创建一个 JavaScript Worker 执行沙箱,实现了以下特性:

  • 代码隔离:使用 Node.js 的 vm 模块在隔离的上下文中执行代码;
  • 事件驱动:实现 Worker 的 fetch 事件处理机制;
  • 环境模拟:模拟 Worker Runtime 的各类 API;
  • 调试支持:支持 console 数据打印,便于开发调试;

安装

npm i js-worker-sandbox -D

使用

Node.js

const { WorkerSandbox } = require("js-worker-sandbox");

async function run() {
  const ws = new WorkerSandbox({
    script: `
addEventListener("fetch", (event) => {
  console.log(event.request.url);
  event.respondWith(new Response("Hello WorkerSandbox!"));
});`,
  });
  
  const res = await ws.dispatchFetch("http://localhost:8000/");
  
  console.log(await res.text());
  ws.dispose();
}

run();
const { WorkerSandbox } = require("js-worker-sandbox");

async function run() {
  const ws = new WorkerSandbox({
    script: `
addEventListener("fetch", (event) => {
  console.log(event.request.url);
  event.respondWith(new Response("Hello WorkerSandbox!"));
});`,
  });
  
  const res = await ws.dispatchFetch("http://localhost:8000/");
  
  console.log(await res.text());
  ws.dispose();
}

run();

Browser

import { WorkerSandbox } from "js-worker-sandbox/dist/broswer";

async function run() {
  const ws = new WorkerSandbox({
    script: `
addEventListener("fetch", (event) => {
  console.log(event.request.url);
  event.respondWith(new Response("Hello WorkerSandbox!"));
});`,
  });
  
  const res = await ws.dispatchFetch("http://localhost:8000/");
  
  console.log(await res.text());
  ws.dispose();
}

run();
import { WorkerSandbox } from "js-worker-sandbox/dist/broswer";

async function run() {
  const ws = new WorkerSandbox({
    script: `
addEventListener("fetch", (event) => {
  console.log(event.request.url);
  event.respondWith(new Response("Hello WorkerSandbox!"));
});`,
  });
  
  const res = await ws.dispatchFetch("http://localhost:8000/");
  
  console.log(await res.text());
  ws.dispose();
}

run();

API

WorkerSandbox

  • constructor(init):接受一个配置对象,其中 script 是需要执行的 JavaScript 代码;
  • dispatchFetch(url, requestInit):模拟 fetch 事件,触发事件监听器;
  • dispose():清除所有事件监听器,释放资源;
typescriptjavascriptworkersandbox
blob-polyfillundiciurlpattern-polyfill
3.0.4

5 months ago

3.0.3

6 months ago

3.0.2

6 months ago

3.0.1

7 months ago

3.0.0

7 months ago

2.3.0

7 months ago

2.2.0

7 months ago

2.4.0

7 months ago

2.0.2

7 months ago

2.1.0

7 months ago

2.0.1

7 months ago

2.0.0

7 months ago

1.0.1

7 months ago

1.0.0

7 months ago