-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.php
More file actions
100 lines (94 loc) · 4.13 KB
/
index.php
File metadata and controls
100 lines (94 loc) · 4.13 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
<?php require_once "{$_SERVER['DOCUMENT_ROOT']}/home/header/create_head.php";
use ANT_COOKIE_Consent\ANTNavOption;
use function ANT_COOKIE_Consent\ANTNavHome;
use function ANT_COOKIE_Consent\create_head;
create_head('Browser ECMAScript Environment', [
'base' => '/browser/', 'maxWidth' => '600px',
], [
], [
ANTNavHome(),
new ANTNavOption('/browser/', '/dollmaker1/endpoint.php?preset=Bee',
'javascript ANT', '#a68300', '#fff100', true),
new ANTNavOption('php.php', '/dollmaker1/endpoint.php?preset=Magnata',
'PHP ANT (WIP)', '#a68300', '#fff100'),
]) ?>
<div class="divs nav-home">
<div>
<h1>Browser ECMAScript Environment</h1>
<p hidden>this is my openSource SandboxedFunction Project. it should be a dynamic safe way to execute arbitrary
code
like user inputs. it will eventually be available for javascript, php and maybe python. baseline executables
for javascript are ow finished. read the change log for more details
<p>This text describes an open-source project that allows users to safely execute arbitrary code. The project is
still under development, but the basic version for JavaScript is complete. For more information, please see
the change log.
</div>
<label for="Sandboxed-indexed">Test out SandboxedFunction</label>
<br/>
<textarea id="Sandboxed-indexed" rows="25" style="width:100%;"
><?= ANT_COOKIE_Consent\htmlspecialchars12(<<<JS
function hypertext() {
return "hello";
}
return hypertext()
JS. ";");
$update_log = [
['baseline functionallity, like console.log and function calls, ' .
'setting variables and function arguments might not work yet.' .
' but math expressions do!', new Date('2025-01-13T15:41:11.000Z')],
] ?></textarea><br/>
<button onclick="sandboxedfunction()" type=button>run</button>
<p>please note that the SandboxedFunctions are still work in progress,
<p><a href="https://github.com/Qin2007/SandboxedFunction">our github</a>
<script src="javascript.js"></script>
<script src="deepproxy.js"></script>
<script src="utils.js"></script>
<script src="BigNumber.js"
></script>
<script src="toJSON.js"
></script>
<pre><output aria-label="Result of the code execution"></output></pre>
<h2>Update Log (Most Recent Patch FIRST)</h2>
<ol><?= ($n = "\n ");
foreach ($update_log as $item) {
$h = $item[1]->toHTML('[tojavascript]');
echo "<li>$item[0] ($h)$n";
} ?></ol>
</div>
<script src="bytes.js"
></script>
<script>
function getFrom(property, array, separator = '') {
const result = [];
for (const arrayElement of array) {
result.push(arrayElement[property]);
}
return result.join(separator)
}
const indexed = document.getElementById('Sandboxed-indexed');
const buffer = document.querySelector('pre>output');
buffer.innerText = '<output';
buffer.innerText += ' here>';
function sandboxedfunction() {
const hello = new SandboxedFunction(indexed.value);
try {
buffer.innerText += '\n\n' + JSON.stringify(hello.addBufferListener(function (v1) {
buffer.innerText += v1 + '\n\n';
}).run(), function (key, value) {
switch (typeOf(value, typeOf.functionsAreObjects)) {
case "undefined":
return "undefined";
case "function":
return value.toString();
}
return value;
}, 2);
} catch (e) {
buffer.innerText += '\n\n' + e.toString();
}
}
/*(function () {const hello = new SandboxedFunction(code);document.querySelector('pre').innerText += JSON.stringify({
runner: hello.run().value, hello,}, function (key, value) {switch (typeOf(value, typeOf.NAN_IS_NAN)) {
case"undefined":return "Symbol(__.undefined)";case"NaN":return "NaN";case"function":return value.toString();
}return value;}, 4);})();*/
</script>