I want to define a “Simple JS” language that’s a subset of JS functionality. Then I’d like to analyze a small JS file and evaluate if it adheres to only using Simple JS functionality. This subset would be quite limited and be an “allowlist” of functionality rather than a “blocklist”.
More specifically, I want to check that the JS file only uses “vanilla” / “basic” functionality like:
- Setting/modifying variables
- Functions
Examples of “advanced” JS functionality that would not be in the Simple JS subset include:
- Async/await
- Eval
- Networking
How would I implement such a Simple JS analyzer?
CodePudding user response:
This is one of those things that has a lot of caveats, and is EXTREMELY hard to do securely. If Simple JS is just a fun project, then you can learn a little of how compilers work by using a library like estree
mentioned above to generate an AST. Then you would simply traverse the AST and verify that each node is on the "allow" list, or at least not on a "deny" list.
If this will take untrusted user scripts and run them in a full JS interpreter, realize that you will absolutely not do it securely. Generating an AST is static analysis, but if the code can find any covert way to modify itself while running (eval as an example, but there is a lot of ways) then it will have total access to the full JS language.