commit 186288cdf02da3b05f7bd12452f5ea58453f2a01 · kitten.sh/evalish

+8 -2

src/index.ts

···

       81
        
       }

     

       82
        
       

     

       83
        
       let safeGlobal: Record<string | symbol, unknown> | void;

     

       0
        
       
     

       84
        
       

     

       85
        
       function makeSafeGlobal() {

     

       86
        
         if (safeGlobal) {

     
···

       101
        
       

     

       102
        
         // When we're in the browser, we can go a step further and try to create a

     

       103
        
         // new JS context and globals in a separate iframe

     

       104
       -
         let vmGlobals = trueGlobal;

     

       105
        
         let iframe: HTMLIFrameElement | void;

     

       106
        
         if (typeof document !== 'undefined') {

     

       107
        
           try {

     
···

       176
        
         const safeGlobal = makeSafeGlobal();

     

       177
        
         const code = args.pop();

     

       178
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       179
        
         // We pass in our safe global and use it using `with` (ikr...)

     

       180
        
         // We then add a wrapper function for strict-mode and a few closing

     

       181
        
         // statements to prevent the code from escaping the `with` block;

     

       182
       -
         const fn = new Function(

     

       183
        
           'globalThis',

     

       184
        
           ...args,

     

       185
        
           'with (globalThis) {\n"use strict";\nreturn (function () {\n' +

···

       81
        
       }

     

       82
        
       

     

       83
        
       let safeGlobal: Record<string | symbol, unknown> | void;

     

       84
       +
       let vmGlobals: Record<string | symbol, unknown> = {};

     

       85
        
       

     

       86
        
       function makeSafeGlobal() {

     

       87
        
         if (safeGlobal) {

     
···

       102
        
       

     

       103
        
         // When we're in the browser, we can go a step further and try to create a

     

       104
        
         // new JS context and globals in a separate iframe

     

       105
       +
         vmGlobals = trueGlobal;

     

       106
        
         let iframe: HTMLIFrameElement | void;

     

       107
        
         if (typeof document !== 'undefined') {

     

       108
        
           try {

     
···

       177
        
         const safeGlobal = makeSafeGlobal();

     

       178
        
         const code = args.pop();

     

       179
        
       

     

       180
       +
         // Retrieve Function constructor from vm globals

     

       181
       +
         const Function = vmGlobals.Function as FunctionConstructor | void;

     

       182
       +
         const Object = vmGlobals.Object as ObjectConstructor;

     

       183
       +
         const createFunction = (Function || Object.constructor.constructor) as FunctionConstructor;

     

       184
       +
       

     

       185
        
         // We pass in our safe global and use it using `with` (ikr...)

     

       186
        
         // We then add a wrapper function for strict-mode and a few closing

     

       187
        
         // statements to prevent the code from escaping the `with` block;

     

       188
       +
         const fn = createFunction(

     

       189
        
           'globalThis',

     

       190
        
           ...args,

     

       191
        
           'with (globalThis) {\n"use strict";\nreturn (function () {\n' +