2

I want to know what is the best way to allow user to embed JavaScript code to their own site

I want to allow user to embed code like fb analytic code so that code being execute.I don't want user to embed malicious code like :

alert('foobar')
window.location = "http://foobar.com"

I have tried something like following:

(function(window){
   delete window.alert;
   delete window.location //obviously failed cause that property is not configurable
   /*user define code here*/
})(window)
slier
  • 6,511
  • 6
  • 36
  • 55

0 Answers0