3.0.2 • Published 2 months ago

js-worker-sandbox v3.0.2

Weekly downloads
-
License
UNLICENSED
Repository
github
Last release
2 months ago

Lightweight JS Worker Execution Sandbox

English | 简体中文

Node.js's vm module allows us to compile and run code within V8 contexts, providing an isolated environment for code execution, also known as a "sandbox". When conducting security research or testing specific code, it's often necessary to evaluate code snippets' behavior without affecting the main system. The vm module provides an ideal environment for observing and analyzing code behavior.

Note: Since version 3.0.0, WorkerSandbox supports browser environment. This feature is still experimental and currently implemented based on iframe.

Overview

This project uses the vm module to create a JavaScript Worker execution sandbox, implementing the following features:

  • Code isolation: Execute code in an isolated context using Node.js's vm module;
  • Event-driven: Implement the Worker's fetch event handling mechanism;
  • Environment simulation: Simulate various APIs of the Worker Runtime;
  • Debugging support: Support console data printing for development and debugging;

Installation

npm i js-worker-sandbox -D

Usage

Node.js

const { WorkerSandbox } = require("js-worker-sandbox");

async function run() {
  const ws = new WorkerSandbox({
    script: `
addEventListener("fetch", (event) => {
  console.log(event.request.url);
  event.respondWith(new Response("Hello WorkerSandbox!"));
});`,
  });
  
  const res = await ws.dispatchFetch("http://localhost:8000/");
  
  console.log(await res.text());
  ws.dispose();
}

run();
const { WorkerSandbox } = require("js-worker-sandbox");

async function run() {
  const ws = new WorkerSandbox({
    script: `
addEventListener("fetch", (event) => {
  console.log(event.request.url);
  event.respondWith(new Response("Hello WorkerSandbox!"));
});`,
  });
  
  const res = await ws.dispatchFetch("http://localhost:8000/");
  
  console.log(await res.text());
  ws.dispose();
}

run();

Browser

import { WorkerSandbox } from "js-worker-sandbox/dist/broswer";

async function run() {
  const ws = new WorkerSandbox({
    script: `
addEventListener("fetch", (event) => {
  console.log(event.request.url);
  event.respondWith(new Response("Hello WorkerSandbox!"));
});`,
  });
  
  const res = await ws.dispatchFetch("http://localhost:8000/");
  
  console.log(await res.text());
  ws.dispose();
}

run();
import { WorkerSandbox } from "js-worker-sandbox/dist/broswer";

async function run() {
  const ws = new WorkerSandbox({
    script: `
addEventListener("fetch", (event) => {
  console.log(event.request.url);
  event.respondWith(new Response("Hello WorkerSandbox!"));
});`,
  });
  
  const res = await ws.dispatchFetch("http://localhost:8000/");
  
  console.log(await res.text());
  ws.dispose();
}

run();

API

WorkerSandbox

  • constructor(init): Accepts a configuration object where script is the JavaScript code to be executed;
  • dispatchFetch(url, requestInit): Simulates a fetch event, triggering event listeners;
  • dispose(): Clears all event listeners and releases resources;
3.0.2

2 months ago

3.0.1

2 months ago

3.0.0

2 months ago

2.3.0

2 months ago

2.2.0

2 months ago

2.4.0

2 months ago

2.0.2

2 months ago

2.1.0

2 months ago

2.0.1

2 months ago

2.0.0

2 months ago

1.0.1

2 months ago

1.0.0

2 months ago