Good day.

There is an HTML5 application (PhoneGap / Cordova) in which you need to add a modular system.

Implement the following features:

1) Установка ΠΌΠΎΠ΄ΡƒΠ»Π΅ΠΉ ΠΈΠ·Π²Π½Π΅ ΠΏΠΎ ссылкС (ΠΈΠΌΠ΅Π½Π½ΠΎ установка) 2) ΠœΠΎΠ΄ΡƒΠ»ΠΈ ΠΌΠΎΠ³ΡƒΡ‚ ΠΈΡΠΏΠΎΠ»ΡŒΠ·ΠΎΠ²Π°Ρ‚ΡŒ Ρ‚ΠΎΠ»ΡŒΠΊΠΎ API, прСдоставляСмый ΠΏΡ€ΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠ΅ΠΌ

The option of storing modules in FS is not suitable, because a) Clogs the disk with files b) It is possible to replace files

Only localStorage, cookies and other unknown storage remain for me

  • With storage it is possible to solve, the most important thing - 2) - PROPHESSOR
  • as storage you can still indexeddb - username.ak
  • @ username.ak What's up with Cordova 2.9.0 compatibility? - PROPHESSOR

1 answer 1

Here, it seems: https://github.com/natevw/evel

There is a ready-made solution wrapper around the iframe and eval, which protects against code injection.

She has, of course, her own workarounds, but they are gradually corrected.

The solution is that the script is maximally isolated: it runs in a separate frame, deletes dangerous functions and creates its own implementations of some.

Works everywhere with ES5 support

  • one
    The link is not the answer, it is better to specify the most important thing here, but to provide the link as a source. - 0xdb