On Jul 28, 11:31 am, beadrsh <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I plan to implement a system in which client passes in the javascript
> containing some business logic.What i intend to do is to form a
> superset of JavaScript code, i.e add some rhino scripting logic which
> involves doing some i/o file operations .I have combined the script
> that client has passed to my server-side Javascript and i call some of
> these functions.
>
> Now after combining both the server-side and the client-side scripts ,
> Now i understand that there will be security issues as the client can
> use in java packages to maybe delete the files on the server.
>
> My question is ,i want to know if i can make out if a script has got
> some server-side scripting logic like deleting files on server hence
> avoid executing it.
>
> Sorry if this question sounds trivial as i am new to rhino.
>
> Thanks in advance

Check out org.mozilla.javascript.Context.setClassShutter and and
Context.observeInstructionCount for ways to limit Java class
visibility and script execution time respectively.

--N
_______________________________________________
dev-tech-js-engine-rhino mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-js-engine-rhino

Reply via email to