How Does Jsfiddle Allow And Execute User-defined Javascript Without Being Dangerous?

March 26, 2024 Post a Comment

I've been working on a JS library and would like to setup a demo page on Github that allows, for example, users to define their own callbacks and execute commands. I know 'eval()

Solution 1:

jsFiddle executes user scripts on a separate domain, http://fiddle.jshell.net (try it and see). Therefore, it can't interact with the parent frame and it can't steal cookies.

You can actually do this without a separate server by placing a static page in a separate domain that reads from its querystring in Javascript. You can communicate back using the page title (and so can the enemy).

Baca Juga

Jquery Toggle Dynamically
How To Store Program State In Url Query String?
Javascript Activexobject

JavaScript General

How Does Jsfiddle Allow And Execute User-defined Javascript Without Being Dangerous?

Solution 1:

Post a Comment for "How Does Jsfiddle Allow And Execute User-defined Javascript Without Being Dangerous?"