This week's book giveaways are in the Jython/Python and Object-Oriented programming forums. We're giving away four copies each of Machine Learning for Business: Using Amazon SageMaker and Jupyter and Object Design Style Guide and have the authors on-line! See this thread and this one for details.
I didn't know where else to ask this. Sorry admins if it's in the wrong place.
Can anyone give me a scenario where it's useful to have a JS engine in the VM?
I once used it in a project where our software needed to read files in some proprietary format, with a complicated structure in the file. The data in the file had to be transformed into a collection of Java objects in our software. The problem was that we got the input files from different companies, and the different companies would put their data into the files in slightly different ways. So, for the files comping from each company we had to perform slightly different logic to convert them correctly.
But that's just one example out of my own experience.
Jason Ross wrote:Thank you, Jesper. Is it considered "safe" to allow the client to do that?
That ofcourse entirely depends on what exactly you mean by "safe", who the client is, who the users of the software are etc. In that project I did, this software was only going to be used by a few technically-minded people inside the company I was developing it for, so there was no big need to put all kinds of security measures into it.
If your software is going to allow random people who can access your system through the Internet to run scripts, then ofcourse you would have to make sure that those scripts cannot do malicious things. Never allow random scripts to be executed on your server.
We have a front end development team that started to use dust.js which is a js templating engine for prototypes and demos. It fits right into the fe dev stack/tools, close to logic less, and meshes with json well. A new project was started using java and wanted to reuse the templates that already have been developed so we needed to find a way to render those templates on the server. Writing a light piece of code we converted our java objects to json and then render the dust template in rhino.
If you would need to do a server side check then you will need to implement a similar validation rule onthe server side in Java.
posted 5 years ago
posted 5 years ago
yes that correct in many ways. But i was just stating some simple case.