Initiaze v8 engine without built-in functionality .

[pravee...@gmail.com]

I am trying to embed engine in c++ application. i don't want the java-script  built-in Methods and functions.

I need it only for arithmetic and relational operators. 

after exploring much in internet ,i got to know built-ins functions are de-serilized and put in from these native_blob.bin and snapshot_blob.bin . 

I commented v8::V8::InitializeExternalStartupData(argv[0]); , but throwing some run-time error.

Could anyone please help me on this.

Requirement : Embedding v8 engine without built-in functionality as i need it only for arithmetic, relational operators.

I don't want these builts-in function gets de-serialized and put in heap ( https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects)

References: 

1) https://v8.dev/blog/embedded-builtins.

2) https://v8.dev/blog/custom-startup-snapshots

3) https://v8.dev/docs/builtin-functions

4) https://v8.dev/blog/lazy-deserialization

Thanks & Regards

Praveen N

                   

[Yang Guo]

Hi,

builtins are set up in bootstrapper.cc, you can comment out the parts that install builtin objects and check how well that works. Note that some internal functionality rely on builtin objects and functions though, so even if you don't install them onto the global object, you may need them to be initialized.

Cheers,

Yang

--
--
v8-dev mailing list
v8-...@googlegroups.com
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to v8-dev+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/v8-dev/8dea5e1d-374d-42ea-a3f0-9c64cffeec38%40googlegroups.com.

[pravee...@gmail.com]

Hi Thanks for the help. Currently i am using prebuilt v8 binaries from nuget package https://github.com/pmed/v8-nuget  in windows.

 Is there any other way rather building the V8 and generating binaries.

I already have  prebuilt v8 binaries and bin(snapshotblob and nativeblob) files from nuget package. 

can we do some thing in code to exclude those built-in functionality in V8 engine?

for eg: 

in js script, if i type 

1) Date();    //V8 engine should show error rather than showing date.

2) var newarray = new Array();    var arr = [1,2,3,4,5];

   // v8 engine should not allow creating dynamic elements.

3) var  newObject = {  "name"="xyz", "age"=5 };   

    var newObject = Object.create( Object.prototype );

   // v8 engine should not allow  object oriented programming .

4) function add(a,b)

{

       return a+b;

}

var res = add(2,3);

 // v8 engine should not allow users to create functions.

My requirement is simple comparison and returning Boolean value

5 > 3 &&  4==10  ||   "abc" =="xyz;

i am gonna register the callbackfunctions in c++ and get the value after running the script, evaluate and print the boolean result.

Could you please help me how can i achieve this.

[Simon Zünd]

As stated earlier, V8 itself was never meant to be used this way, so there is currently no way to specify a subset of JavaScript that V8 would allow.

As an alternative, you could run your scripts through an existing JavaScript parser (acorn, esprima, etc), walk the resulting AST and throw on all the language constructs you want to forbid. Before passing the actual source along to V8. 

--

--
v8-dev mailing list
v8-...@googlegroups.com
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to v8-dev+un...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/v8-dev/c7c63362-57b7-4840-b6e4-d193b96595d8%40googlegroups.com.

[Leszek Swirski]

If all you want is binary operations and comparisons on numbers and strings, then it could be a fun (and educational!) weekend project to write an infix expression evaluator and drop the V8 dependency entirely. That might be easier than trying to bend a JS engine into evaluating only such a tiny subset of JS.

- Leszek

To view this discussion on the web visit https://groups.google.com/d/msgid/v8-dev/CACswSC2V6_%3DCNjn_ouM9LS-ZvH9Huqu3hFVFrBSW-JLQRi03JQ%40mail.gmail.com.

[Jakob Kummerow]

+1 to Leszek's suggestion. Getting rid of properties on the global object is easy, even without modifying V8 at all: for example, delete Array gets rid of the Array builtin, so var a = new Array(1) will throw ReferenceError: Array is not defined. However, disabling the corresponding internal functionality is much harder, and e.g. var a = [42] will still work fine. Figuring out all the places where V8 would have to be hacked to trim its supported language down to what you want is probably at least as hard as writing an evaluator from scratch. And it definitely wouldn't work without recompiling V8 (many times even, during development).