Just a quick correction, the rewrite function was in place for testing
purposes. For deployment I am not running it like that and I instead passed
undefined in.
On Wednesday, 28 May 2014 14:11:13 UTC+1, Will Caine wrote:
>
> So, I am using some code such as the following to load a piece of
> standalone javascript and passing it an API. I have two questions...
>
> caja.initialize({cajaServer: 'https://caja.appspot.com/', debug: true,
> maxAcceptableSeverity: 'NO_KNOWN_EXPLOIT_SPEC_VIOLATION'});
>
> caja.load(undefined, {rewrite:function(uri){return true;}},
> function(frame) {
>
> frame.code("/code/" + author + "/" + slug + "/compiled.js",
> 'application/javascript')
>
> .api(CaG.api).run();
>
> });
>
>
> My first question is, is there a way for me to dynamically store some
> javascript client side and then load it into the frame.code() method? My
> site allows users to write some javascript and then execute it but this
> code has to be sandboxed and restricted hence I'm using caja. Can I allow
> the user to edit the code client side and load it straight up and execute
> it? Possibly passing the code to caja using eval?
>
> My second question is with regards to supplying my API. In the object I
> supply, none of the functions have been tamed. When I attempt to iterate
> through this object and tame them before use, all of them return undefined.
> I have a replica of my api object but every function is simply set to
> undefined. Why is this and furthermore, why is taming necessary? my code
> works as is and the clients script is unable to touch the DOM or get
> network access so I see no issue. My api object contains functions for
> manipulating a canvas, and a couple other utility functions, nothing big.
>
> Thanks in advance for any help.
>
--
---
You received this message because you are subscribed to the Google Groups
"Google Caja Discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
