Sanitizing user supplied javascript using Google Caja

Question

A similar question was posted here, but doesn't provide a working code example.

I want to sanitize user-submited Javascript so I can execute it in-browser. I'm following the example code here:

```

caja.initialize({
  cajaServer: 'https://caja.appspot.com/',
  debug: true
});

caja.load(undefined, undefined, function(frame) {
  frame.code('return function f(x) { return 1; }', 'application/javascript')
    .run();
});

```

I get:

Uncaught script error: Uncaught SyntaxError: Failed to parse program: SyntaxError: Unexpected token (1:15) in source: "return function f(x) { return 1; }" at line: -1

...any ideas?