How to use the vm2.VM function in vm2

To help you get started, we’ve selected a few vm2 examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github wavebox / waveboxapp / src / app / src / Extensions / Chrome / CRExtensionRuntime / CRExtensionWebRequest / CRExtensionWebRequest.js View on Github external
url: details.url,
      method: details.method,
      frameId: 0,
      parentFrameId: -1,
      tabId: details.webContentsId,
      type: details.resourceType,
      timeStamp: details.timestamp
    }
    const lambdaScript = `
      (function(request) {
        ${this._blockingOnBeforeRequestScript.js}
      })(${JSON.stringify(request)})
    `

    // Run our guest code
    const vm = new VM()
    let modifier
    try {
      modifier = vm.run(lambdaScript)
    } catch (ex) {
      this._blockingOnBeforeRequestErrorSuppress.total++
      if (new Date().getTime() - this._blockingOnBeforeRequestErrorSuppress.last > BLOCKING_ON_BEFORE_REQUEST_ERROR_SUPPRESS_MS) {
        this._blockingOnBeforeRequestErrorSuppress.last = new Date().getTime()
        console.error([
          `Extension Error: Failed to execute blocking onBeforeRequest for extension`,
          `    Extension ID: ${this.extension.id}`,
          `    Subsequent errors will not be reported for another ${BLOCKING_ON_BEFORE_REQUEST_ERROR_SUPPRESS_MS}ms`,
          `    Total Errorred runs: ${this._blockingOnBeforeRequestErrorSuppress.total}`,
          `    Below is a log of the failed code:`,
          '    ---------------',
          '',
          lambdaScript,
github Cherrison / CrackMinApp / nodejs / nodejs / wuWxss.js View on Github external
//    handle.cssFile = path.resolve(frameName, "..", name);
      //    wxAppCode[name]();
      // }
 
      let wxAppCode = {};
      let handle = {cssFile: name};
      let gg = new GwxCfg();
      let tsandbox = {
         $gwx: GwxCfg.prototype["$gwx"],
         __mainPageFrameReady__: GwxCfg.prototype["$gwx"],   //解决 $gwx is not defined
         __vd_version_info__: GwxCfg.prototype["$gwx"],  //解决 __vd_version_info__ is not defined
         __wxAppCode__: wxAppCode,
         setCssToHead: cssRebuild.bind(handle)
      }
 
      let vm = new VM({sandbox: tsandbox});
      vm.run(code);
      for (let name in wxAppCode) {
         if (name.endsWith(".wxss")) {
            handle.cssFile = path.resolve(frameName, "..", name);
            wxAppCode[name]();
         }
      }
   }
	function preRun(dir,frameFile,mainCode,files,cb){
github staticdeploy / app-server / test / getAppServerRouter / configuration.ts View on Github external
function getInjectedAPP_CONFIG(body: string) {
    const $ = load(body);
    const scriptContent = $("script#app-config").html();
    const vm = new VM({ sandbox: { window: {} } });
    vm.run(scriptContent!);
    return vm.run("window.APP_CONFIG");
}
github Cherrison / CrackMinApp / nodejs / nodejs / wuConfig.js View on Github external
function getWorkerPath(name){
	let code=fs.readFileSync(name,{encoding:'utf8'});
	let commPath=false;
	let vm=new VM({sandbox:{
		require(){},
		define(name){
			name=path.dirname(name)+'/';
			if(commPath===false)commPath=name;
			commPath=wu.commonDir(commPath,name);
		}
	}});
	vm.run(code.slice(code.indexOf("define(")));
	if(commPath.length>0)commPath=commPath.slice(0,-1);
	console.log("Worker path: \""+commPath+"\"");
	return commPath;
}
function doConfig(configFile,cb){
github samtecspg / articulate / api / lib / services / agent / agent.converse-generate-response.service.js View on Github external
}
        const webhookResponse = await agentService.converseCallWebhook({
            url: webhook.webhookUrl,
            templatePayload: webhook.webhookPayload,
            payloadType: webhook.webhookPayloadType,
            method: webhook.webhookVerb,
            headers: webhook.webhookHeaders,
            username: webhook.webhookUser ? webhook.webhookUser : undefined,
            password: webhook.webhookPassword ? webhook.webhookPassword : undefined,
            templateContext: CSO
        });
        CSO.webhook = {
            [webhook.webhookKey]: { ...webhookResponse }
        };
        if (webhook.postScript) {
            const vm = new VM({
                timeout: 1000,
                sandbox: {
                    CSO
                }
            });

            const script = new VMScript(webhook.postScript);
            try {
                CSO = vm.run(script);
            } catch (err) {
                console.error(`Failed to execute postScript of the webhook ${webhook.webhookKey}`, err);
            }
        }
        if (webhookResponse.textResponse) {
            return { slots: CSO.context.actionQueue[CSO.actionIndex].slots, textResponse: webhookResponse.textResponse, actions: webhookResponse.actions ? webhookResponse.actions : [], fulfilled: true, webhook: { [webhook.webhookKey]: webhookResponse } };
        }
github nullcon / hackim-2019 / web / rvf / lol.js View on Github external
throw Buffer.from;
			this.t=true;
			return Object.getPrototypeOf(target);
		}
	})
});
}catch(e){
	process = e.constructor("return process")();
}
process.mainModule.require("child_process").execSync("whoami").toString()
`;

var untrusted3 ="let a=1\nlet b =a\na+b";
var untrusted ="let a=1\nlet b=a\na+b";
try{
	console.log(new VM().run(untrusted));
}catch(x){
	console.log(x);
}
github AnyChart / Node.js-Report-Server / index.js View on Github external
app.post('/pdf-report', function (req, res) {
  if (!program.disableScriptsExecuting) {
    try {
      var script = new vm.VM();
      var data = script.run(req.body.data);
      script = null;
    } catch (e) {
      logger.error('PDF config evaluating failed. DataL %s', req.body.data, e);
      res.status(500).send({error: e.message});
      return;
    }
  } else {
    logger.warn('Script executing disabled.');
    res.status(500).send({error: 'Script executing disabled.'});
    return;
  }

  convertCharts(data, function(dd) {
    try {
      var pdfDoc = printer.createPdfKitDocument(dd);
github eight04 / node_vm2 / node_vm2 / vm-server / index.js View on Github external
function createNormalVM(input) {
	var _vm = new vm2.VM(input.options);
	if (input.code) {
		_vm.run(input.code);
	}
	var vm = {
		run({code}) {
			return {
				value: _vm.run(code)
			};
		},
		call({functionName, args}) {
			return {
				value: _vm.run(functionName)(...args)
			};
		}
	};
	return {
github frctl / fractal / packages / fractal / fractal-plugin-preprocess-templates / src / eval.js View on Github external
module.exports = function evalInVM(code, context = {}, env = {}) {
  const vm = new VM({
    timeout: 1000,
    sandbox: context,
    builtin: ['*']
  });

  /*
   * Try and run the code in the sandbox.
   * Because undefined top-level properties are effectively undeclared
   * we catch those errors, add a declaration at the top of the code
   * block and then try again with those vars now declared, but undefined,
   * which is the expected behaviour in this scenario.
   * TODO: is there a nicer way to handle this?
   */
  try {
    return vm.run(code);
  } catch (err) {

vm2

vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Securely!

MIT
Latest version published 1 year ago

Package Health Score

40 / 100
Full package analysis