Free and Open Source, on Github
A secure sandbox for you to run end user JavaScript safely away from your own application.
The following is a demo of using WorkerBox to create a plugin architecture for a web UI. There are messages on the right, and an action bar that you can add commands to.
It will be impossible for you to effect the DOM of this page, without using the deliberately exposed methods on the scope.
The scope is how you communicate with your users code.
For this demo, you can't edit the scope, as it's hard coded into the demo app.
You can edit the code below and see the results on the right.
Running
An iframe is inserted into the page from a completely separate domain.
The iframe then creates a web worker, and handles posting messages between the iframe, webworker and your own app.
Because the only communication between the user code and the workerbox instead is done through messaging, the argument inputs and outputs must all be serializable. We use SuperJSON for serialization and deserialization.