UNPKG

ayvajs

Version:

A lightweight, behavior-based JavaScript API for controlling Open Source Multi Axis Stroker Robots.

github.com/ayvasoftware/ayvajs

ayvasoftware/ayvajs

86 lines (69 loc) 2.52 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
/* eslint-disable guard-for-in */ import GeneratorBehavior from './generator-behavior.js'; import * as AyvaModules from '../util/script-whitelist.js'; /** * A behavior that allows the execution of scripts stored in a string. * * WARNING: Scripts are run inside of a rudimentary sandbox. The sandbox is NOT secure. * Care should be taken to avoid running scripts from untrusted sources. * * For full details on how to use this class, see the {@tutorial behavior-api} tutorial. */ class ScriptBehavior extends GeneratorBehavior { #scope; #code; /** * Create a new ScriptBehavior. * * @param {String} script - the script. * @param {Object} scope - an object containing variables to include in the script's scope. */ constructor (script, scope = {}) { super(); this.#scope = { ...AyvaModules, ...scope }; // Escape quotes and backslashes. this.#code = script.replace(/["'`\\]/g, (v) => `\\${v}`); } * generate (ayva) { const generator = this.#createSandboxGenerator(ayva); /* c8 ignore start */ // We turn off code coverage for this block because the branch at // the end of the loop is never hit due to how generators work... or something like that :) while (!this.complete) { // We only perform this in a loop so we do not have to recreate the sandbox each iteration. yield* generator(ayva); // Force a yield in case the sandbox generator did not yield a value. // This prevents an infinite loop. yield; } /* c8 ignore stop */ } #createSandboxGenerator () { const scopeValues = []; let sandboxFunction = 'new Function('; for (const scopeProp in this.#scope) { sandboxFunction += `"${scopeProp}", `; scopeValues.push(this.#scope[scopeProp]); } for (const prop in globalThis) { // Blacklist globals that haven't been put in scope. if (!Object.prototype.hasOwnProperty.call(this.#scope, prop)) { sandboxFunction += `"${prop}", `; } } // Blacklist eval and Function sandboxFunction += '"eval", "Function", '; // Create the generate function from script. sandboxFunction += `\` return (function*(ayva) { ${this.#code} }).bind(this);\`);`; try { const sandbox = eval(sandboxFunction); // eslint-disable-line no-eval return sandbox.call(this, ...scopeValues); } catch (error) { throw new SyntaxError('Invalid AyvaScript.'); } } } export default ScriptBehavior;