Forked from SVN and revision 696

http://code.google.com/p/es-lab/source/browse/trunk/src/ses/

README.md

@@ -0,0 +1,58 @@
+
+# Secure EcmaScript
+
+SES is a tool that allows mutually suspicious programs to share a single
+EcmaScript 5 compliant JavaScript context without interfering with each
+other.  It does this by freezing everything that is accessible in global
+scope, removing interfaces that would allow programs to interfe with
+each-other, and providing the ability to evaluate arbitrary code in
+isolation.
+
+SES is a part of the Google Caja project.  For JavaScript contexts that
+do not support EcmaScript 5, Caja depends on compiling JavaScript to a
+JavaScript subset with static verification and run-time assertions to
+maintain isolation.  With EcmaScript 5, it is possible to run isolated
+code without a compilation step or run-time checks.
+
+Initialize SES by executing these scripts in order.
+
+-   `logger.js`
+-   `repairES5.js`
+-   `WeakMap.js`
+-   `debug.js`
+-   `StringMap.js`
+-   `whitelist.js`
+-   `atLeastFreeVarNames.js`
+-   `startSES.js`
+-   `ejectorsGuardsTrademarks.js`
+-   `hookupSESPlus.js`
+
+This is an example of initializing SES in a web page.
+
+```html
+<script src="logger.js"></script>
+<script src="repairES5.js"></script>
+<script src="WeakMap.js"></script>
+<script src="debug.js"></script>
+<script src="StringMap.js"></script>
+<script src="whitelist.js"></script>
+<script src="atLeastFreeVarNames.js"></script>
+<script src="startSES.js"></script>
+<script src="ejectorsGuardsTrademarks.js"></script>
+<script src="hookupSESPlus.js"></script>
+```
+
+This is an example of initializing SES in Node.
+
+```javascript
+var FS = require("fs");
+var VM = require("vm");
+
+var source = FS.readFileSync("initSes.js");
+var script = new VM.Script(source);
+script.runInThisContext();
+
+var f = cajaVM.compileExpr("console.log('hi')");
+f({console: console});
+```
+

StringMap.js

@@ -0,0 +1,62 @@
+// Copyright (C) 2011 Google Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+/**
+ * @fileoverview Implements StringMap - a map api for strings.
+ *
+ * @author Mark S. Miller
+ * @author Jasvir Nagra
+ * @overrides StringMap
+ */
+
+var StringMap;
+
+(function() {
+   "use strict";
+
+   var create = Object.create;
+   var freeze = Object.freeze;
+   function constFunc(func) {
+     func.prototype = null;
+     return freeze(func);
+   }
+
+   function assertString(x) {
+     if ('string' !== typeof(x)) {
+       throw new TypeError('Not a string: ' + String(x));
+     }
+     return x;
+   }
+
+   StringMap = function StringMap() {
+
+     var objAsMap = create(null);
+
+     return freeze({
+       get: constFunc(function(key) {
+         return objAsMap[assertString(key) + '$'];
+       }),
+       set: constFunc(function(key, value) {
+         objAsMap[assertString(key) + '$'] = value;
+       }),
+       has: constFunc(function(key) {
+         return (assertString(key) + '$') in objAsMap;
+       }),
+       'delete': constFunc(function(key) {
+         return delete objAsMap[assertString(key) + '$'];
+       })
+     });
+   };
+
+ })();