Is it possible to sandbox JavaScript running in the browser?

I’m wondering if it’s possible to sandbox JavaScript running in the browser to prevent access to features that are normally available to JavaScript code running in an HTML page.

For example, let’s say I want to provide a JavaScript API for end users to let them define event handlers to be run when “interesting events” happen, but I don’t want those users to access the properties and functions of the window object. Am I able to do this?

In the simplest case, let’s say I want to prevent users calling alert. A couple of approaches I can think of are:

  • Redefine window.alert globally. I don’t think this would be a valid approach because other code running in the page (i.e., stuff not authored by users in their event handlers) might want to use alert.
  • Send the event handler code to the server to process. I’m not sure that sending the code to the server to process is the right approach, because the event handlers need to run in the context of the page.

Perhaps a solution where the server processes the user defined function and then generates a callback to be executed on the client would work? Even if that approach works, are there better ways to solve this problem?

Related Posts:

  1. How to get the browser to navigate to URL in JavaScript
  2. Blocked script execution in because the document’s frame is sandboxed – Angular application
  3. Why doesn’t JavaScript support multithreading?
  4. How to get scrollbar position with Javascript?
  5. How can I stop the browser back button using JavaScript?
  6. How can I generate a rainbow circle using HTML5 canvas?
  7. How can I submit a form using JavaScript?
  8. How do I get the current date in JavaScript?
  9. How to do a redirect to another route with react-router?
  10. Jest spy on functionality
  11. Use a JSON array with objects with javascript
  12. Toggle show/hide on click with jQuery
  13. What is DOM Event delegation?
  14. How can I add JavaScript inside Blogger?
  15. Get the last item in an array
  16. Node.js – SyntaxError: Unexpected token import
  17. getElementById returns null?
  18. How to compare arrays in JavaScript?
  19. Rock, Paper, Scissors in JavaScript
  20. Export html table data to Excel using JavaScript / JQuery is not working properly in chrome browser
  21. How to test valid UUID/GUID?
  22. Angular: Error no directive with “exportAs” set to “ngForm”
  23. How can I remove a character from a string using JavaScript?
  24. Setting onSubmit in React.js
  25. document.getElementByID is not a function
  26. No overload matches this call. Type ‘string’ is not assignable to type ‘Signals’
  27. Moment js date time comparison
  28. window.variableName
  29. What does ${} (dollar sign and curly braces) mean in a string in Javascript?
  30. How to implement authenticated routes in React Router 4?
  31. How to create a JQuery Clock / Timer
  32. Access Control Request Headers, is added to header in AJAX request with jQuery
  33. React Js: Uncaught (in promise) SyntaxError: Unexpected token < in JSON at position 0
  34. How to check if function exists in JavaScript?
  35. Does JavaScript support array/list comprehensions like Python?
  36. Play an audio file using jQuery when a button is clicked
  37. How can I get the last character in a string?
  38. getBoundingClientRect is not a function
  39. Jquery button click() function is not working
  40. Make iframe automatically adjust height according to the contents without using scrollbar?
  41. Uncaught ReferenceError: function is not defined with onclick
  42. Can a for loop increment/decrement by more than one?
  43. Example JavaScript code to parse CSV data
  44. addEventListener not working in javascript
  45. How to access the request body when POSTing using Node.js and Express?
  46. How do I check whether a checkbox is checked in jQuery?
  47. Failed to find a valid digest in the ‘integrity’ attribute for resource on a deployed emberjs application
  48. Cannot read property ‘getHostNode’ of null
  49. TypeError: Class extends value undefined is not a function or null
  50. Eslint: How to disable “unexpected console statement” in Node.js?
  51. How to get native javascript functions source code?
  52. Changing the image source using jQuery
  53. Reload an iframe with jQuery
  54. JavaScript pattern for multiple constructors
  55. How to manage a redirect request after a jQuery Ajax call
  56. Get the Highlighted/Selected text
  57. Video auto play is not working in Safari and Chrome desktop browser
  58. How do I convert a JavaScript forEach loop/function to CoffeeScript
  59. ZIP Code (US Postal Code) validation
  60. Is there a standard function to check for null, undefined, or blank variables in JavaScript?
  61. How to force JavaScript to deep copy a string?
  62. How to go to a URL using jQuery?
  63. Uncaught ReferenceError: ga is not defined
  64. Getting or changing CSS class property with Javascript using DOM style
  65. How to close a window using jQuery
  66. Javascript- Multiplying 2 numbers and return number
  67. What does the $() function do in JavaScript?
  68. is it posible to add anime.js in WordPress
  69. WP Rest API – How to get featured image
  70. How to only enqueue block javascript on the frontend when its needed [duplicate]
  71. Eliminate render blocking javascript
  72. is_front_page() not working
  73. The value of attribute [ data-type ] must be in double quotes – custom html widget error
  74. How to replace a javascript select box onchange event to a form submit action?
  75. Add tinymce dynamically via Javascript
  76. How to Add Javascript Only When a Function Exists?
  77. Make TinyMCE checkbox that returns a value instead of true/false
  78. TypeError: window.tinyMCE.execInstanceCommand is not a function
  79. Adding JavaScript to a WordPress website
  80. wp-env mysqlcheck error:1130
  81. event/callback on block update?
  82. How to disable inline css styles generated by Gutenberg editor?
  83. Multiple Conditional Controllers
  84. Adding javascript trigger to user role selection on the user-edit page
  85. Vue and wordpress.Bad Request ajax request
  86. How to add if lt IE9 conditional scripts to functions.php
  87. How to include a JSON file on my page?
  88. Gutenberg consume wp-json data and reflect in frontend the content
  89. How to add “on change” to a text input in contact form7?
  90. Update media library attachments
  91. JavaScript Libraries in WordPress
  92. How to use WP switchEditors.switchto(this) JS function in your own script?
  93. Removing admin javascript
  94. Can I get the user name in JavaScript?
  95. Landing function through URL
  96. Escaping quotes while enqueuing scripts
  97. Combining results from WP-API using AngularJS
  98. Custom JS doesn’t work after 4.9.9 update [closed]
  99. Anyway to disable the auto excerpt creation?
  100. How do I cycle a JS function in WordPress? [closed]

Leave a Comment