Sanitizing user supplied javascript using Google Caja - sanitization

A similar question was posted here, but doesn't provide a working code example.
I want to sanitize user-submited Javascript so I can execute it in-browser. I'm following the example code here:
```
caja.initialize({
cajaServer: 'https://caja.appspot.com/',
debug: true
});
caja.load(undefined, undefined, function(frame) {
frame.code('return function f(x) { return 1; }', 'application/javascript')
.run();
});
```
I get:
Uncaught script error: Uncaught SyntaxError: Failed to parse program: SyntaxError: Unexpected token (1:15) in source: "return function f(x) { return 1; }" at line: -1
...any ideas?

Related

ImportJSON for Google Scripts error: "TypeError: transformFunc is not a function"

I am trying to get a JSON file to a google spreadcheet.
The the API call is made and the JSON file is retrieved with the "ImportJSONAdvanced" function from ImportJSON bradjasper version 1.5.
But when it reaches line 422, it gives an error saying "TypeError: transformFunc is not a function".
These are the arguments I am passing:
const URL_query = 'URL1='+ myquery
const API_Call = {
headers: { 'method_for_key': 'my_apy_key' },
json: true,
gzip: true,
}
var parsedJSON = ImportJSONAdvanced(URL_query, API_Call)
if you check the source code, you'll see that you are obviously missing some arguments to ImportJSONAdvanced. Specifically, the error message is complaining about missing the last argument, transformFunc but probably this is not the only error you will get.

Uncaught SyntaxError: Unexpected token o in JSON at position 1 I have this exception but I donĀ“t know what is this

some errors on Chrome after run my jsp, I don't know what happens:
adblock-onpage-icon-cs.js:172 Uncaught ReferenceError: browser is not defined
at onScriptLoad (adblock-onpage-icon-cs.js:172)
at adblock-onpage-icon-cs.js:183globalstorage:1
Uncaught SyntaxError: Unexpected token o in JSON at position 1
at JSON.parse (<anonymous>)
at handleRequest (globalstorage:47)
This is the code in js but, the but I can't understand the mistake.
$(document).ready(function() {
alert("json");
$.ajax({
//connect to a Servlet
url: "ServletReportes",
type:"POST",
dataType:"json",
success: function( result ) {
console.log(result);
}
});
});
Just in case it helps someone else, the first error has nothing to do with your code. This error shows sometimes when you have the adblock extension installed on your browser.
It is often fixed just by uninstalling and installing again the extension, otherwise you can dismiss the error as should not affect your code.
The second error also does not seem an error in your code but in the response, probably the response of the ajax call not being a valid JSON format.

Why am I getting an undefined value when calling these scripts in Google App Maker?

I do not understand why when I am calling a ServerScript method from a ClientScript method, I am getting a value of undefined.
ClientScript:
function clientScript() {
var message;
message = google.script.run.test();
console.log("Message: " + message);
}
ServerScript:
function serverScript() {
return "hello";
}
I expected the console to print: Message: hello. However, I am getting this printed to my console: Message: undefined. Why am I getting an undefined value in my ClientScript method when I am returning a defined value in my ServerScript method? Thank you!
Because server calls are asynchronous. In order to handle server response you need to pass callback. Here is a snippet from Apps Script docs:
function onSuccess(numUnread) {
console.log(numUnread);
}
google.script.run.withSuccessHandler(onSuccess)
.getUnreadEmails();
Just in case AMs docs interpretation of the same thing - https://developers.google.com/appmaker/scripting/client#call_a_server_script

uncaught exception: INVALID_TOKEN | (intermediate value).forEach is not a function with AJAX response(JSON format)

I am getting error uncaught exception: INVALID_TOKEN (intermediate value).forEach is not a function
My code is:
$('#start')
.on('click', function() {
$.getJSON('/twillio-new/token.php', {
name: $('#my-name')
.val(),
identity: $('#my-identity')
.val()
}, function(data) {
// Create the endpoint, and then initialize the main calling app
var endpoint = new Twilio.Endpoint(data.token);
$('#startDiv')
.hide();
$('#callDiv')
.show();
init(endpoint);
});
});
JSON Response:
{"name":"cool
room","identity":"test","token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImN0eSI6InR3aWxpby1mcGE7dj0xIn0.eyJqdGkiOiJlMWE3NTI4YzYyMzdiMGE0MmZlYTc0NDk2MjRlOTFiNC0xNTA3MjEwNjQyIiwiaXNzIjoiZTFhNzUyOGM2MjM3YjBhNDJmZWE3NDQ5NjI0ZTkxYjQiLCJzdWIiOiJBQzVlMTVhMDg5NjVkNWRjM2ZkOWI3YmNiOGMyM2FhMjgxIiwiZXhwIjoxNTA3MjE0MjQyLCJncmFudHMiOnsiaWRlbnRpdHkiOiJ0ZXN0IiwidmlkZW8iOnsicm9vbSI6IiRuYW1lIn19fQ.pvfGEoVripcjq588p8l3QixuVJ4sHBjMdmWa8tspTtY"}
I am generating and getting access token for Twilio Video calling api using this. Please let me know what is wrong with this code?
Which SDK do you have installed? I have seen this error when the code being used was for the incorrect SDK. Looks like the code you are using is for the version 5. Do you have version 5 installed? There have been numerous version based issues with Twilio

Problems with bootstrap autocomplete plugin

Use this plugin: https://github.com/nicolasbize/magicsuggest
I'm trying load json file, but have some troubles with it.
If I try such construction :
$('#').magicSuggest({
data: 'cities.json',
ajaxConfig: {
xhrFields: {
withCredentials: true
}
}
});
get an error:
POST http://...../cities.json 405 (Method Not Allowed)
Uncaught Could not reach server
When i'm change:
ajaxConfig: { method: 'GET' }
and try to put some letters into input field got such error:
Uncaught TypeError: Cannot read property 'toLowerCase' of undefined
How can I fix this?