🐛 处理一些特殊的沙盒关键字

Author: CodFrm

src/app/service/content/create_context.ts

@@ -285,6 +285,11 @@ export const createProxyContext = <const Context extends GMWorldContext>(context
     ...unscopables,
   };
 
+  // 处理特殊关键字，不能穿越出沙盒，也不能被外部修改
+  for (const key of ["define", "module", "exports"]) {
+    mySandbox[key] = undefined;
+  }
+
   // 脚本window设置
 
   // 把 GM Api (或其他全域API) 复製到 脚本window

src/app/service/content/exec_script.test.ts

@@ -132,12 +132,10 @@ describe("sandbox", () => {
     scriptRes2.code = `
     !function(t, e) {
       "object" == typeof exports ? module.exports = exports = e() : "function" == typeof define && define.amd ? define([], e) : t.CryptoJS = e()
-      // console.log("object" == typeof exports,"function" == typeof define)
   } (this, function () {
       return { test: "ok3" }
   });
-  // console.log(CryptoJS)
-  return ((typeof CryptoJS === "object") ? CryptoJS?.test : undefined);`;
+  return CryptoJS.test;`;
     sandboxExec.scriptFunc = compileScript(compileScriptCode(scriptRes2));
     const ret = await sandboxExec.exec();
     expect(ret).toEqual("ok3");
@@ -569,6 +567,14 @@ describe("沙盒环境测试", async () => {
     expect(Object.prototype.hasOwnProperty.call(_this, "test")).toEqual(false);
   });
 
+  it("特殊关键字不能穿透沙盒", async () => {
+    expect(_global["define"]).toEqual("特殊关键字不能穿透沙盒");
+    expect(_this["define"]).toBeUndefined();
+    _this["define"] = "ok";
+    expect(_this["define"]).toEqual("ok");
+    expect(_global["define"]).toEqual("特殊关键字不能穿透沙盒");
+  });
+
   it("RegExp", async () => {
     const script = Object.assign({}, scriptRes2) as ScriptLoadInfo;
     // @ts-ignore

tests/vitest.setup.ts

@@ -115,3 +115,6 @@ global.sandboxTestValue2 = "sandboxTestValue2";
 global.ttest1 = 1;
 //@ts-ignore
 global.ttest2 = 2;
+
+//@ts-ignore
+global.define = "特殊关键字不能穿透沙盒";