Class JsSanitizer

java.lang.Object
delight.nashornsandbox.internal.JsSanitizer

public class JsSanitizer extends Object
JavaScript sanitizer. Check for loops and inserts function call which breaks script execution when JS engine thread is interrupted.

Created on 2017.11.22

Version:
$Id$
  • Field Details

    • BEAUTIFY_JS

      private static final String BEAUTIFY_JS
      The resource name of beautify.min.js script.
      See Also:
    • BEAUTIFY_FUNCTIONS

      private static final List<String> BEAUTIFY_FUNCTIONS
      The beautify function search list.
    • JS_INTERRUPTED_FUNCTION

      static final String JS_INTERRUPTED_FUNCTION
      The name of the JS function to be inserted into user script. To prevent collisions random suffix is added.
      See Also:
    • JS_INTERRUPTED_TEST

      static final String JS_INTERRUPTED_TEST
      The name of the variable which holds reference to interruption checking class. To prevent collisions random suffix is added.
      See Also:
    • POISON_PILLS

      private static final List<JsSanitizer.PoisonPil> POISON_PILLS
    • BEAUTIFY_OPTIONS

      private static final Map<String,Object> BEAUTIFY_OPTIONS
      The beautifier options. Don't change if you are not know what you are doing, because regexps are depended on it.
    • beautifysScript

      private static SoftReference<String> beautifysScript
      Soft reference to the text of the js script.
    • scriptEngine

      private final ScriptEngine scriptEngine
    • jsBeautify

      private final Function<String,String> jsBeautify
      JS beautify() function reference.
    • securedJsCache

      private final SecuredJsCache securedJsCache
    • allowNoBraces

      private final boolean allowNoBraces
      true when lack of braces is allowed.
    • LACK_EXPECTED_BRACES

      private static final List<Pattern> LACK_EXPECTED_BRACES
      Pattern for back braces.
  • Constructor Details

    • JsSanitizer

      JsSanitizer(ScriptEngine scriptEngine, int maxPreparedStatements, boolean allowBraces)
    • JsSanitizer

      JsSanitizer(ScriptEngine scriptEngine, boolean allowBraces, SecuredJsCache cache)
  • Method Details