quickredfox · March 16, 2012 17:31
diff --git a/dirty-sandboxing.js b/dirty-sandboxing.js
 var callForJS  = $.ajax( {
    complete: function( jqXhr ){
       var unsafeResponse = jqXhr.responseText
           , empty = {};
       new Function( '', jqXhr.responseText ).call( empty ) // empty object as scope

    }
 } );

 // Safer, if you want to restrict access to some globals

 var callForJS  = $.ajax( {
    complete: function( jqXhr ){
       var unsafeResponse = jqXhr.responseText
           , empty = {};
       new Function( 'window', 'jquery', '$', jqXhr.responseText ).call( empty, empty, empty, empty ) // re-define scope and sensitive objects
    }
 } );
	var callForJS = $.ajax( {
	complete: function( jqXhr ){
	var unsafeResponse = jqXhr.responseText
	, empty = {};
	new Function( '', jqXhr.responseText ).call( empty ) // empty object as scope

	}
	} );

	// Safer, if you want to restrict access to some globals

	var callForJS = $.ajax( {
	complete: function( jqXhr ){
	var unsafeResponse = jqXhr.responseText
	, empty = {};
	new Function( 'window', 'jquery', '$', jqXhr.responseText ).call( empty, empty, empty, empty ) // re-define scope and sensitive objects
	}
	} );