| function sandboxJS(js) { | |
| var whitelist = ["alert","console","navigator","location"]; | |
| var handlers = { | |
| has(target,key,context) { | |
| if (whitelist.indexOf(key) >= 0) { | |
| return Reflect.has( | |
| target, key, context | |
| ); | |
| } | |
| else { | |
| throw new Error("Not allowed: " + key); | |
| } | |
| } | |
| }; | |
| var proxy = new Proxy(window,handlers); | |
| var proxyName = `proxy${Math.floor(Math.random() * 1E9)}`; | |
| var fn = new Function(proxyName,`with(${proxyName}){${js}}`); | |
| return fn.call(this,proxy); | |
| } | |
| sandboxJS("console.log(2)"); // 2 | |
| sandboxJS("console.log(history)"); // Error, Not allowed: history |
This comment has been minimized.
This comment has been minimized.
|
sandboxJS("[].constructor.prototype.indexOf=x=>1"); |
This comment has been minimized.
This comment has been minimized.
|
sandboxJS("''.sub.constructor('eval(alert(1337))')()"); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This comment has been minimized.
sandboxJS("}eval('alert(1337)');{");