1

I've been searching everywhere and have found nothing, so I would like use Java's inbuilt JavaScript engine, but whilst users can't import java class, like any of the following:

importPackage(package.example);

or

importClass(package.example.MessWithEverythingClass)

or

new package.example.MessWithEverythingClass(ApplicationIsBroken aib);
  • I didn't know java had a builtin js engine. How is it called ? – perencia May 03 '14 at 13:16
  • this.ScriptEngine = new ScriptEngineManager(); this.Script = this.ScriptEngine.getEngineByName("JavaScript"); Then, passing through objects: this.Script.put("Sys", sys); this.Script.put("Sys.out", sys.out); this.Script.put("Sys.err", sys.err); –  May 03 '14 at 13:17
  • I was referring to its name, sorry :) Could it be _Rhino_ ? – perencia May 03 '14 at 13:19
  • Yeah, thats it. just search in google: javax.script.ScriptEngine, there are addons line jython, jruby etc. –  May 03 '14 at 13:22
  • @perencia There are a couple names that would work. For one they give you the choice to use uppercase (in certain places) or all lowercase e.g., inserting JavaScript or javascript into getEngineByName would both work, you could also say ECMAScript and I think even JS or js. All these names would work for JavaScript. – Kyle Bridenstine Jul 07 '14 at 01:07

1 Answers1

0

I'm a little confused. Based off of your title I think you want to prevent users from importing classes inside JavaScript. In that case this question has already been asked here, security problem with Java ScriptEngine. Some of the solutions suggested there were to look into Java SecurityManager and another user said he solves this problem by putting "importPackage = null" on the top of all scripts.

On the contrary based on the contents of your script I get the feeling you are having trouble importing Java classes. If that's the case I answer that here, Use a jar in JavaScript through Java ScriptEngine Basically there is another way to import inside JavaScript that you did not show. I do it this way,

    pack = Packages.abc.foo.pack.name;

    var foo = new pack.ClassFromTheJarFile("arg1","arg2");

    foo.doSomething();

    var fooSister = new pack.AnotherCLassFromTheJarFile("arg1");

    fooSister.doSomthingFromThisClass();

Although that example uses a package from a jar file it does not have to be from a jar and the code would still remain the same.

Community
  • 1
  • 1
Kyle Bridenstine
  • 6,055
  • 11
  • 62
  • 100