Pydertron

Pydertron is an experimental high-level wrapper for Pydermonkey + +

Pydertron is an experimental high-level wrapper for Pydermonkey that provides convenient, secure object wrapping between JS and Python space.

Note that Pydertron is just one example of a high-level interface @@ -18,17 +19,17 @@ code it executes isn't trusted, which affects the nature of the inter-language interaction.

Pydertron is currently hosted at -http://hg.toolness.com/pydertron. Please feel free to send any -questions or comments to atul@mozilla.com.

The Basics

The JsSandbox class encapsulates a JavaScript runtime, context, global -object, and a simple SecurableModule implementation that complies -with the CommonJS standard. It also provides a high-level bridge between +http://hg.toolness.com/pydertron. Please feel free to send any +questions or comments to atul@mozilla.com.

The Basics

The JsSandbox class encapsulates a JavaScript runtime, context, global +object, and a simple SecurableModule implementation that complies +with the CommonJS standard. It also provides a high-level bridge between Python and JavaScript so that you don't need to deal with any of the low-level details of the Pydermonkey API.

For instance, here we'll create a JsSandbox whose module root -points to the monkeys SecurableModule compliance test over HTTP:

For instance, here we'll create a JsSandbox whose module root +points to the monkeys SecurableModule compliance test over HTTP:

 >>> url = ("http://interoperablejs.googlecode.com/svn/trunk/"
@@ -36,9 +37,9 @@
 >>> sandbox = JsSandbox(HttpFileSystem(url))

This compliance test requires a global sys object that contains one -method, print(), that takes two arguments. First, we'll create the -print() function and prepare it for exposure to JS code:

This compliance test requires a global sys object that contains one +method, print(), that takes two arguments. First, we'll create the +print() function and prepare it for exposure to JS code:

 >>> @jsexposed
@@ -46,8 +47,8 @@
 ...   print message, label

Note the use of the @jsexposed decorator: all this does is set -the function's __jsexposed__ attribute to True. This is +

Note the use of the @jsexposed decorator: all this does is set +the function's __jsexposed__ attribute to True. This is done for security purposes: only Python callables satisfying this criteria will be exposed to JavaScript code, to ensure that untrusted JS can't accidentally gain access to privileged Python @@ -60,14 +61,14 @@

We can now access and set properties on this object via either item or attribute lookup, just like in JavaScript. Because -print is a reserved word in Python, though, we'll use item +print is a reserved word in Python, though, we'll use item lookup to set the property here:

 >>> system['print'] = jsprint

Now we tell the sandbox that we want the sys object to be a +

Now we tell the sandbox that we want the sys object to be a global:

@@ -84,8 +85,8 @@
 0

Note the 0 in the last line: this is the return value of -sandbox.run_script(), which returns 0 on success, and +

Note the 0 in the last line: this is the return value of +sandbox.run_script(), which returns 0 on success, and -1 if an exception was raised. For instance, the output of bad code looks like this:

@@ -103,10 +104,10 @@ code: one of Pydertron's aims is to make debugging JS code as much like debugging Python code as possible.

Exceptions

Any exceptions raised by wrapped Python functions need to be of type -pydermonkey.error to be propagated into calling JavaScript code; +pydermonkey.ScriptError to be propagated into calling JavaScript code; if they're not, then for security purposes, the entire JavaScript call stack is unrolled.

For example, here's a function that's bound to fail:

@@ -132,13 +133,13 @@ -1 -

Note that a KeyboardInterrupt triggered while JS is executing will +

Note that a KeyboardInterrupt triggered while JS is executing will have similar effect.