Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make a secure mode #98

Open
HolyOne opened this issue Jan 9, 2024 · 1 comment
Open

Make a secure mode #98

HolyOne opened this issue Jan 9, 2024 · 1 comment

Comments

@HolyOne
Copy link

HolyOne commented Jan 9, 2024

Hello, I want user to run QB in my website.

But I dont want it to reach DOM
Also including files should be optional when executing the code. (for security and other reasons, like the code may break if the remote included file goes missing)

Can you add a parameter for these?
@boxgaming
Copy link
Owner

Thanks for the suggestion. This is a very interesting concept. So, the use case is that you want to include QBJS on a page on your site where visitors can change and execute the code samples?

If you are planning embedding the QBJS IDE from qbjs.org in an iframe on your site, the standard browser security rules will prevent that frame from being able to modify content on the parent page.

In addition to the DOM functions a potential secure mode would probably also need to disable the ability to use the $If Javascript metacommand to include native JS code.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@HolyOne @boxgaming