Sandbox environment (restricting calls)

16 views
Skip to first unread message

Lassic

unread,
Sep 16, 2011, 4:34:42 PM9/16/11
to JSCocoa
Hi,
I'm just starting out with JSCocoa, read most of the Wiki and went
over the iPhone sample (my current target device).
First, it's really awesome, thanks.

I would like to create a 'sandboxed' environment for user scripts,
limiting JS calls to a scripting API my app will expose and not
allowing scripts to access the entire Cocoa space. JS scripts can
implement callbacks that I need to call from ObjC in a plugin sort of
way. JS will also have access to some state objects that will be set
on the global context.
(I saw the thread here about JS callbacks and a JS _callback wrapper
API file and that looks fine to me.)

From what I've read so far I couldn't figure out if core Cocoa classes
(UIApplication for example) are automatically visible to JS just by
using JSCocoa, or whether these were enabled by some kind of
*.bridgesupport which can be removed.
Another thing is that I would probably want to catch these 'out of
sandbox' calls and generate a warning.
So aside from removing restricted classes/functions I also need a way
to handle this lookup errors. What's the best way to do that?

Thanks again.

Patrick Geiller

unread,
Sep 16, 2011, 5:49:49 PM9/16/11
to jsc...@googlegroups.com
>
> From what I've read so far I couldn't figure out if core Cocoa classes
> (UIApplication for example) are automatically visible to JS just by
> using JSCocoa, or whether these were enabled by some kind of
> *.bridgesupport which can be removed.
> Another thing is that I would probably want to catch these 'out of
> sandbox' calls and generate a warning.
> So aside from removing restricted classes/functions I also need a way
> to handle this lookup errors. What's the best way to do that?


Everything is visible by default. You can use delegate methods to restrict classes and methods.
https://github.com/parmanoir/jscocoa/blob/master/JSCocoa/JSCocoaController.h#L218

canGetGlobalProperty: lets you restrict access of global lookup (classes, structs, enums, functions), getGlobalProperty: lets you override JSCocoa's default behavior and return your own object.
Delegate methods can restrict or override calling, property setting, file loading.

JSCocoa does not have a way to handle lookup errors, it just returns NULL. This lookup is done in OSXObject_getProperty(), you can add your own handling at its end, or do the lookup yourself in the getGlobalProperty: method and warn the user if the class does not exist.
https://github.com/parmanoir/jscocoa/blob/master/JSCocoa/JSCocoaController.m#L2883

Regarding BridgeSupport, it's only used for C and structure definitions. If BridgeSupport files are not loaded, then C functions and structs will not be available. Any ObjC class or method is fetched at runtime with NSClassFromString, class_getInstanceMethod, etc.

-Patrick

Lassic

unread,
Sep 16, 2011, 9:25:32 PM9/16/11
to JSCocoa
Perfect, I'll give that a try soon, thanks!

On Sep 17, 12:49 am, Patrick Geiller <parman...@gmail.com> wrote:
> > From what I've read so far I couldn't figure out if core Cocoa classes
> > (UIApplication for example) are automatically visible to JS just by
> > using JSCocoa, or whether these were enabled by some kind of
> > *.bridgesupport which can be removed.
> > Another thing is that I would probably want to catch these 'out of
> > sandbox' calls and generate a warning.
> > So aside from removing restricted classes/functions I also need a way
> > to handle this lookup errors. What's the best way to do that?
>
> Everything is visible by default. You can use delegate methods to restrict classes and methods.https://github.com/parmanoir/jscocoa/blob/master/JSCocoa/JSCocoaContr...
>
> canGetGlobalProperty: lets you restrict access of global lookup (classes, structs, enums, functions), getGlobalProperty: lets you override JSCocoa's default behavior and return your own object.
> Delegate methods can restrict or override calling, property setting, file loading.
>
> JSCocoa does not have a way to handle lookup errors, it just returns NULL. This lookup is done in OSXObject_getProperty(), you can add your own handling at its end, or do the lookup yourself in the getGlobalProperty: method and warn the user if the class does not exist.https://github.com/parmanoir/jscocoa/blob/master/JSCocoa/JSCocoaContr...
Reply all
Reply to author
Forward
0 new messages