An HTTP service that uses the Duktape JavaScript engine to safely execute JavaScript in a sandboxed environment.
Using Docker, start the service (be sure to replace <version> below):
docker run -e JSAAS_BIND_ADDR=0.0.0.0:9412 -p 9412:9412 --rm -ti titanclass/jsaas:<version>You can find the latest version on DockerHub
If you have Rust, you can opt to use Cargo instead:
cargo install jsaas
jsaasNow that the JSaaS service is running, define a program that adds two numbers:
curl -XPOST --data 'function(a, b) { return a + b; }' http://localhost:9412/scriptswhich yields:
{"id":"af15791e-e9c1-4750-8a44-60222ef88c7c"}
Next, execute the program by supplying the numbers:
curl -XPOST --data '[4, 5]' http://localhost:9412/scripts/af15791e-e9c1-4750-8a44-60222ef88c7cwhich yields:
9
In a real-world scenario, you can also return a JS object or any other JSON-serializable value.
You can also supply a function to be evaluated in one request and immediately discarded.
curl -XPOST --data 'function() { return 8 * 2; }' http://localhost:9412/executewhich yields:
16
JSaaS is configured through environment variables. See the following table for a listing of variables:
| Name | Description |
|---|---|
| JSAAS_BIND_ADDR | Declare the address to bind to. Default: "127.0.0.1:9412" |
| JSAAS_SCRIPT_DEFINITION_EXPIRATION_TIME | If a script isn't executed in this duration (milliseconds), it is removed from the server. Default: "86400000" |
| JSAAS_SCRIPT_EXECUTION_THREAD_POOL_SIZE | Number of workers to use for executing JavaScript. 0 signifies number of CPUs availablet. Default: "0" |
| JSAAS_SCRIPT_EXECUTION_COMPLETION_TIME | Duration of time to wait for a script to finish executing before timing out. Default: "10000" |
| JSAAS_TLS_BIND_ADDR | If specified, and TLS is configured, a separate port will be bound for TLS instead of using the default one. |
| JSAAS_TLS_PUBLIC_CERTIFICATE_PATH | TLS public key path, PEM format. Note that TLS is currently only supported on Linux. |
| JSAAS_TLS_PRIVATE_KEY_PATH | TLS private key path, PEM format. Note that TLS is currently only supported on Linux. |
This project currently requires a POSIX-compliant operating system and bash, mostly due to its build setup. The first time that the project is compiled may take some time as the build downloads Duktape and configures it.
You'll need the following software:
- cargo
- curl
- gcc
- python2
- python2-yaml
- rustc
Once the environment is prepared, execute the following:
cargo buildA static binary can be produced:
cargo build --release --target=x86_64-unknown-linux-muslA webserver can be started for development:
cargo run- JSaaS is now published to DockerHub for both AMD64 and ARM architectures.
- Fix a bug in
atobcausing incorrect results for certain inputs.
- Use
futures::sync::mpscfor better Tokio integration. - Rust 1.33.0.
- First version published to Crates.io (in addition to DockerHub).
- Fix a bug causing a crash if invalid values are returned by supplied JS code.
- Add
atob,btoaimplementations for Base64 support. - Use HTTP status 400 where appropriate.
- Rust 1.32.0.
- Add an
/executeroute that can execute code without saving it.
- Initial release.
To release, push a tag that starts with "v" -- e.g. "v0.2.0" -- and CircleCI will build the project, push an image to DockerHub, and publish it on Crates.io.
(c)opyright 2019, Titan Class P/L