Lightning Web Security sandboxing library
$ yarn add @locker/sandbox
The evaluateInSandbox()
function:
import { evaluateInSandbox } from '@locker/sandbox';
let sandboxed;
// Evaluate source text in a sandbox using
// `evaluateInSandbox(key, sourceText, context, endowments)`. The function has
// no return value.
evaluateInSandbox(
// The key of the sandbox to evaluate source text in. One sandbox is created
// per key regardless of the number of calls to `evaluateInSandbox()`.
'sandbox',
// The source text to evaluate in the sandbox.
`$lockerEvalContext$(${
// Function body to coerce to a string. Using a function and coercing
// it to a string has the benefit of working with minifiers.
function () {
// Call to a provided endowment value.
logger('inside sandbox');
// Other code to sandbox...
}
})`,
// The value of the optional sandbox context binding `$lockerEvalContext$`
// that may be used to initialize sandboxed code. The binding can be an object,
// function, or anything else. The `$lockerEvalContext$` binding can only be
// accessed a once per sandbox evaluation and is set to `undefined` after
// the synchronous sandbox evaluation.
(def) => {
sandboxed = def;
},
// The optional endowments object whose property descriptors are used to
// define properties on the sandboxed global object. Behind the scenes the
// `$lockerEvalContext$` is defined using the same endowments feature.
{ logger: console.log.bind(console) }
);