For security reasons, I need to run native javascript code through a trusted source. Could someone tell me how I can generate a native JavaScript library to run code through it instead of the one generated by default by the page?
there's a way that a user suggested loading an <iframe>
element into the page which also generates a new window
element and document
and then through .contentWindow
and .contentDocument
solves the problem, but it's still not secure because it uses the window
and document
objects loaded in the parent element.
Another way I've apparently found it is using the WebAssembly JavaScript API
, but I still haven't figured out how to import the latest version through it.
Could someone help me generate a Native JavaScript Library in the best way possible?
Provisory solution found:
window.console.log = maliciousCode;
console.log("it's not a secure Native JavaScript");
const iframe = document.createElement('iframe');
document.body.appendChild(iframe);
iframe.contentWindow.console.log("it's more safe but still isn't a secure Native JavaScript");