|
|
|
|
|
|
by ingenter
3675 days ago
|
|
|
This reminds me of my multiple attempts in writing a declarative scrapper framework. In the end, I've chosen to just write the code. What I see is a crappy ad-hoc scripting language. I feel bad saying so, but I can only view this project as a bad solution to whatever problem you have. You could have chosen to send actual code, be it JavaScript, Python, Java or even Linux binaries, executed with limited privileges. How would that look like? AWS Lambda. |
|
|
Sending code in some existing general purpose or scripting language makes it either difficult/inefficient to parse, or insecure (if, e.g. JavaScript or bash eval is used), or both. Limited privileges only partially protect the host and usually leave some vulnerabilities...
JSONScript is both very easy and efficient to parse (a JSON-Schema is used to evaluate the script) and it is secure because it executes the script in a "sandbox" having access only to those system resources that the host environment explicitly exposed to the interpreter.
My two main use cases are 1) scripted processing on top of existing API (implemented) and 2) proxy allowing scripted processing across multiple APIs in the same location (soon).