shadow-function/README.md

ioing lib - shadow Function, worker Function

# ShadowFunction
Secure and controlable embedded third-party code for your website.

gitbook: https://shadow-function.gitbook.io

## Install：
```bash
$ npm install shadow-function --save
```

## Test
Running demo：
```bash
$ npm start
```
Simulate the ISV code for security testing under demo/test.js.

## Start
### ShadowFunction
Simple example：
```js
import { ShadowFunction, ShadowDocument } from 'shadow-function'
new ShadowFunction('console.log(a + b)')({
  a: 1,
  b: 2,
  console
})  // 3
```
Operational authority configuration：
```js
let shadowFunction
shadowFunction = new ShadowFunction({
Node: [
  'nodeName',
  'nodeType',
  'textContent'
 ],
 Element: [
   'style',
   'onblur',
   'onfocus',
   'onscroll',
   'offsetWidth',
   'offsetHeight',
   'clientWidth',
   'clientHeight',
   'innerText',
   'setAttribute',
   'removeAttribute',
   'createTextNode',
   'addEventListener',
   'getElementsByTagName'
 ],
 HTMLDivElement: []
})
shadowFunction(`
  document.appendChild(document.createElement("div"))
`)({
  document
})
```
Prototype chain restriction
```js
new ShadowFunction('console.log(a.prototype)')({
  console,
  a: {}
}) // undefined
new ShadowFunction('console.log(a.valueOf.__proto__)')({
  console,
  a: {}
}) // undefined
```
### ShadowDocument
Secure and controllable method of creating nodes.
```js
import { ShadowFunction, ShadowDocument } from 'shadow-function'
new ShadowFunction('console.log(a + b)')({a: 1, b: 2, console})  // 3
let shadowDocumentFn = new ShadowDocument(document.body, '<div>123</div>')
shadowDocumentFn(`
  document.body.append($template.content);
  console.log(document.body.getElementsByTagName("div")[0].innerText)
`)({
  console
})
```
### Safe jsonp
```js
import { jsonp } from 'shadow-function'
jsonp({
  url: "http://suggest.taobao.com/sug?code=utf-8&q=iphoneX"
}).then((data) => {
  console.log("jsonp:", data)
})
```