Is it possible to sanitize Javascript code?

I want to allow user contributed Javascript in areas of my website.
  1. Is this completely insane?
  2. Are there any Javascript sanitizer scripts or good regex patterns out there to scan for alerts, iframes, remote script includes and other malicious Javascript?
  3. Should this process be manually authorized (by a human checking the Javascript)?
  4. Would it be more sensible to allow users to only use a framework (like jQuery) rather than giving them access to actual Javascript? This way it might be easier to monitor.

以上就是Is it possible to sanitize Javascript code?的详细内容,更多请关注web前端其它相关文章!

赞(0) 打赏
未经允许不得转载:web前端首页 » JavaScript 答疑

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址

前端开发相关广告投放 更专业 更精准