|
|
|
|
## Executing JavaScript
|
|
|
|
|
|
|
|
|
|
You can access this module with:
|
|
|
|
|
|
|
|
|
|
var vm = require('vm');
|
|
|
|
|
|
|
|
|
|
JavaScript code can be compiled and run immediately or compiled, saved, and run later.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### vm.runInThisContext(code, [filename])
|
|
|
|
|
|
|
|
|
|
`vm.runInThisContext()` compiles `code` as if it were loaded from `filename`,
|
|
|
|
|
runs it and returns the result. Running code does not have access to local scope. `filename` is optional.
|
|
|
|
|
|
|
|
|
|
Example of using `vm.runInThisContext` and `eval` to run the same code:
|
|
|
|
|
|
|
|
|
|
var localVar = 123,
|
|
|
|
|
usingscript, evaled,
|
|
|
|
|
vm = require('vm');
|
|
|
|
|
|
|
|
|
|
usingscript = vm.runInThisContext('localVar = 1;',
|
|
|
|
|
'myfile.vm');
|
|
|
|
|
console.log('localVar: ' + localVar + ', usingscript: ' +
|
|
|
|
|
usingscript);
|
|
|
|
|
evaled = eval('localVar = 1;');
|
|
|
|
|
console.log('localVar: ' + localVar + ', evaled: ' +
|
|
|
|
|
evaled);
|
|
|
|
|
|
|
|
|
|
// localVar: 123, usingscript: 1
|
|
|
|
|
// localVar: 1, evaled: 1
|
|
|
|
|
|
|
|
|
|
`vm.runInThisContext` does not have access to the local scope, so `localVar` is unchanged.
|
|
|
|
|
`eval` does have access to the local scope, so `localVar` is changed.
|
|
|
|
|
|
|
|
|
|
In case of syntax error in `code`, `vm.runInThisContext` emits the syntax error to stderr
|
|
|
|
|
and throws.an exception.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### vm.runInNewContext(code, [sandbox], [filename])
|
|
|
|
|
|
|
|
|
|
`vm.runInNewContext` compiles `code` to run in `sandbox` as if it were loaded from `filename`,
|
|
|
|
|
then runs it and returns the result. Running code does not have access to local scope and
|
|
|
|
|
the object `sandbox` will be used as the global object for `code`.
|
|
|
|
|
`sandbox` and `filename` are optional.
|
|
|
|
|
|
|
|
|
|
Example: compile and execute code that increments a global variable and sets a new one.
|
|
|
|
|
These globals are contained in the sandbox.
|
|
|
|
|
|
|
|
|
|
var util = require('util'),
|
|
|
|
|
vm = require('vm'),
|
|
|
|
|
sandbox = {
|
|
|
|
|
animal: 'cat',
|
|
|
|
|
count: 2
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
vm.runInNewContext('count += 1; name = "kitty"', sandbox, 'myfile.vm');
|
|
|
|
|
console.log(util.inspect(sandbox));
|
|
|
|
|
|
|
|
|
|
// { animal: 'cat', count: 3, name: 'kitty' }
|
|
|
|
|
|
|
|
|
|
Note that running untrusted code is a tricky business requiring great care. To prevent accidental
|
|
|
|
|
global variable leakage, `vm.runInNewContext` is quite useful, but safely running untrusted code
|
|
|
|
|
requires a separate process.
|
|
|
|
|
|
|
|
|
|
In case of syntax error in `code`, `vm.runInThisContext` emits the syntax error to stderr
|
|
|
|
|
and throws an exception.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### vm.createScript(code, [filename])
|
|
|
|
|
|
|
|
|
|
`createScript` compiles `code` as if it were loaded from `filename`,
|
|
|
|
|
but does not run it. Instead, it returns a `vm.Script` object representing this compiled code.
|
|
|
|
|
This script can be run later many times using methods below.
|
|
|
|
|
The returned script is not bound to any global object.
|
|
|
|
|
It is bound before each run, just for that run. `filename` is optional.
|
|
|
|
|
|
|
|
|
|
In case of syntax error in `code`, `createScript` prints the syntax error to stderr
|
|
|
|
|
and throws an exception.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### script.runInThisContext()
|
|
|
|
|
|
|
|
|
|
Similar to `vm.runInThisContext` but a method of a precompiled `Script` object.
|
|
|
|
|
`script.runInThisContext` runs the code of `script` and returns the result.
|
|
|
|
|
Running code does not have access to local scope, but does have access to the `global` object
|
|
|
|
|
(v8: in actual context).
|
|
|
|
|
|
|
|
|
|
Example of using `script.runInThisContext` to compile code once and run it multiple times:
|
|
|
|
|
|
|
|
|
|
var vm = require('vm');
|
|
|
|
|
|
|
|
|
|
globalVar = 0;
|
|
|
|
|
|
|
|
|
|
var script = vm.createScript('globalVar += 1', 'myfile.vm');
|
|
|
|
|
|
|
|
|
|
for (var i = 0; i < 1000 ; i += 1) {
|
|
|
|
|
script.runInThisContext();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
console.log(globalVar);
|
|
|
|
|
|
|
|
|
|
// 1000
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### script.runInNewContext([sandbox])
|
|
|
|
|
|
|
|
|
|
Similar to `vm.runInNewContext` a method of a precompiled `Script` object.
|
|
|
|
|
`script.runInNewContext` runs the code of `script` with `sandbox` as the global object and returns the result.
|
|
|
|
|
Running code does not have access to local scope. `sandbox` is optional.
|
|
|
|
|
|
|
|
|
|
Example: compile code that increments a global variable and sets one, then execute this code multiple times.
|
|
|
|
|
These globals are contained in the sandbox.
|
|
|
|
|
|
|
|
|
|
var util = require('util'),
|
|
|
|
|
vm = require('vm'),
|
|
|
|
|
sandbox = {
|
|
|
|
|
animal: 'cat',
|
|
|
|
|
count: 2
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
var script = vm.createScript('count += 1; name = "kitty"', 'myfile.vm');
|
|
|
|
|
|
|
|
|
|
for (var i = 0; i < 10 ; i += 1) {
|
|
|
|
|
script.runInNewContext(sandbox);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
console.log(util.inspect(sandbox));
|
|
|
|
|
|
|
|
|
|
// { animal: 'cat', count: 12, name: 'kitty' }
|
|
|
|
|
|
|
|
|
|
Note that running untrusted code is a tricky business requiring great care. To prevent accidental
|
|
|
|
|
global variable leakage, `script.runInNewContext` is quite useful, but safely running untrusted code
|
|
|
|
|
requires a separate process.
|
