js-worker-sandbox
Advanced tools
Note: Since version 3.0.0, WorkerSandbox supports browser environment. This feature is still experimental and currently implemented based on
iframe.
Node.js's vm module allows us to compile and run code within V8 contexts, providing an isolated environment for code execution, also known as a "sandbox". When conducting security research or testing specific code, it's often necessary to evaluate code snippets' behavior without affecting the main system. The vm module provides an ideal environment for observing and analyzing code behavior.
This project uses the vm module to create a JavaScript Worker execution sandbox, implementing the following features:
vm module;fetch event handling mechanism;console data printing for development and debugging;npm i js-worker-sandbox -D
const { WorkerSandbox } = require("js-worker-sandbox");
async function run() {
const ws = new WorkerSandbox({
script: `
addEventListener("fetch", (event) => {
console.log(event.request.url);
event.respondWith(new Response("Hello WorkerSandbox!"));
});`,
});
const res = await ws.dispatchFetch("http://localhost:8000/");
console.log(await res.text());
ws.dispose();
}
run();
const { WorkerSandbox } = require("js-worker-sandbox");
async function run() {
const ws = new WorkerSandbox({
script: `
addEventListener("fetch", (event) => {
console.log(event.request.url);
event.respondWith(new Response("Hello WorkerSandbox!"));
});`,
});
const res = await ws.dispatchFetch("http://localhost:8000/");
console.log(await res.text());
ws.dispose();
}
run();
import { WorkerSandbox } from "js-worker-sandbox/dist/broswer";
async function run() {
const ws = new WorkerSandbox({
script: `
addEventListener("fetch", (event) => {
console.log(event.request.url);
event.respondWith(new Response("Hello WorkerSandbox!"));
});`,
});
const res = await ws.dispatchFetch("http://localhost:8000/");
console.log(await res.text());
ws.dispose();
}
run();
import { WorkerSandbox } from "js-worker-sandbox/dist/broswer";
async function run() {
const ws = new WorkerSandbox({
script: `
addEventListener("fetch", (event) => {
console.log(event.request.url);
event.respondWith(new Response("Hello WorkerSandbox!"));
});`,
});
const res = await ws.dispatchFetch("http://localhost:8000/");
console.log(await res.text());
ws.dispose();
}
run();
WorkerSandboxscript is the JavaScript code to be executed;fetch event, triggering event listeners;FAQs
Lightweight JS Worker Execution Sandbox
We found that js-worker-sandbox demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Node.js patched a crash bug where AsyncLocalStorage could cause stack overflows to bypass error handlers and terminate production servers.
Research
/Security News
A malicious Chrome extension steals newly created MEXC API keys, exfiltrates them to Telegram, and enables full account takeover with trading and withdrawal rights.
Security News
CVE disclosures hit a record 48,185 in 2025, driven largely by vulnerabilities in third-party WordPress plugins.