On Jul 28, 11:31 am, beadrsh <[EMAIL PROTECTED]> wrote: > Hi, > > I plan to implement a system in which client passes in the javascript > containing some business logic.What i intend to do is to form a > superset of JavaScript code, i.e add some rhino scripting logic which > involves doing some i/o file operations .I have combined the script > that client has passed to my server-side Javascript and i call some of > these functions. > > Now after combining both the server-side and the client-side scripts , > Now i understand that there will be security issues as the client can > use in java packages to maybe delete the files on the server. > > My question is ,i want to know if i can make out if a script has got > some server-side scripting logic like deleting files on server hence > avoid executing it. > > Sorry if this question sounds trivial as i am new to rhino. > > Thanks in advance
Check out org.mozilla.javascript.Context.setClassShutter and and Context.observeInstructionCount for ways to limit Java class visibility and script execution time respectively. --N _______________________________________________ dev-tech-js-engine-rhino mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-js-engine-rhino
