So, I am using some code such as the following to load a piece of
standalone javascript and passing it an API. I have two questions...
caja.initialize({cajaServer: 'https://caja.appspot.com/', debug: true,
maxAcceptableSeverity: 'NO_KNOWN_EXPLOIT_SPEC_VIOLATION'});
caja.load(undefined, {rewrite:function(uri){return true;}}, function(frame)
{
frame.code("/code/" + author + "/" + slug + "/compiled.js",
'application/javascript')
.api(CaG.api).run();
});
My first question is, is there a way for me to dynamically store some
javascript client side and then load it into the frame.code() method? My
site allows users to write some javascript and then execute it but this
code has to be sandboxed and restricted hence I'm using caja. Can I allow
the user to edit the code client side and load it straight up and execute
it? Possibly passing the code to caja using eval?
My second question is with regards to supplying my API. In the object I
supply, none of the functions have been tamed. When I attempt to iterate
through this object and tame them before use, all of them return undefined.
I have a replica of my api object but every function is simply set to
undefined. Why is this and furthermore, why is taming necessary? my code
works as is and the clients script is unable to touch the DOM or get
network access so I see no issue. My api object contains functions for
manipulating a canvas, and a couple other utility functions, nothing big.
Thanks in advance for any help.
--
---
You received this message because you are subscribed to the Google Groups
"Google Caja Discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
