This a test page for dojox.secure.sandbox. dojox.secure.sandbox is intended to safely execute
untrusted scripts, and allow the scripts to access only a certain sub-tree of the DOM.
Eventually, this can be used to safely load ads and untrusted widgets.
All attempts to subvert the security of this system
are greatly appreciated. If you find any holes, any ways that you can access the DOM or the
enhancement ticket. To test secure load,
have access to the DOM within the floating div below. The sandbox element is available
for more detailed instructions on what facilities are available within the sandbox.
Note that these require a proxy file in order to load:
Use of eval, with, ==, and != are not allowed.
the subscript operator  may only be used be used if the opening bracket is followed by a +.
Limited access to this and global variables.
These properties may not be used: apply arguments call callee caller constructor eval prototype
this unwatch valueOf watch and anything beginning or ending with __.
The following global variables are accessible:
element - This the root element of the sandbox. Sandboxed elements do not have
access to relational properties (parentNode, firstSibling, nextSibling, etc.). You can still
use DOM methods and string properties like innerHTML. The style object can also be
used (accessed and modified) as well.
document - This is a sandboxed document object that provides node creation
and basic element searching facilities. The sandboxed document provides the following
methods: getElementById, createElement, createTextNode, and write.
may be called. They may only be used in call position, they may not be accessed
setTimeout - This will only accept a function (not a string)
setInterval - This will only accept a function (not a string)
get(obj,prop) - This is a special function to handle accessing properties in lieu of the  operator. Calling get(obj,prop) is equivalent to obj[prop].
set(obj,prop,value) - This is a special function to handle modifying properties in lieu of the  operator. Calling set(obj,prop,value) is equivalent to obj[prop]=value.
forEach(obj,func) - This is a special function to iterate through all the properties in an object, or items in an array.
For each item, the func function will be called with the item as the first argument, the index as the second,
and the obj as the third
Class(superclass..., properties, classProperties) -
The this operator may only be used in class definitions. secure.sandbox provides Class as a
class constructor. The following argument are accepted:
There may be zero or more superclass arguments. The constructed class
will inherit from any provided superclasses, protypically from the first,
via mixin for the subsequent. Later arguments
will override properties/methods from earlier arguments
"class" will also have the methods/properties defined in this argument.
These methods may utilize the this operator, and they
are only the code that has access to this. Inner functions
are also prohibited from using this.
If no superclasses are provided, this object will be the prototype of the
constructed class (no copying
will be done). Consequently you can "beget" by calling new (Class(obj)).
All methods are "bound", each call results in |this| safety checking call.
This properties will be copied to the new class function.
Note that neither dojo.declare nor dojo.extend are acceptable class constructors as
they are unsecure. This class constructor is conceptually based on declare
but also somewhat influenced by base2, prototype, YUI, resig's patterns, etc.
The following functions for DOM manipulation and extra language features are
provided by the Dojo library. This represents a safe subset of Dojo. All Dojo library
functions are provided as top level functions,
namespacing is unnecessary because scripts do have access to modify the global object,
and can't define global variables. Thus, you can call Dojo functions directly, for example you
can call mixin(obj,mixinObj). You may also use the traditional syntax (dojox.mixin(...)).
Here are a list of available functions:
query - This will only search within the sandbox.
body - This returns the root element of the sandbox