Shared Library Demo
The Shared Library Demo illustrates how to safely attach a script to an existing Sandbox. In this illustration, we transform a simple Hover Effect, and attach it to all Gadget instances. The library executes with the same permissions and within the same security context as the Gadget. If the library makes any calls that violate the sandbox, the Gadget will fail with a security exception.
This is a different extensiblity mechanism than the one demonstrated by the Map Extensibility Demo. In the Map demo, the Virtual Earth control was loaded as trusted code with full access to the page. When the Gadget interacted with the Virtual Earth API, it was secured via a custom policy.
The Map example assumes you trust the third party code (the VE control) and that you have the knowledge and expertise to build a safe policy to mediate all interactions. In the Shared Library demo, you do not need to trust the library since it is safely transformed and runs within the existing security context.
Which approach you chooses depends on the desired goal. If the library requires complex interactions or needs access to behavior or services outside the sandbox, the library must execute outside of the sandbox and be mediated by a policy. For example, if you want to expose APIs that may provide controlled access to PI or to context shared across multiple gadgets, the policy-driven approach is appropriate. If the library is merely providing abstractions, simplifying development, or is third-party developed helpers (e.g,. Hover Effects, many framework libraries, etc), then tranforming it ensures the code shares the same permissions as the gadget.
Attaching a Shared Library
The Sandbox API supports attaching any existing transformed component to an existing sandbox. The first step is to load the transformed code. Below illustrates how to request a transformed script library using our restful transformation service:
<script type="text/javascript" src="http://www.websandbox-code.org/transform.ashx?
type=script&guid=Shared&ua=IE8&
url=http://www.websandbox-code.org/js/1.1216.07212010_debug/HoverEffect.js"> </script>
This safely loads the library. The next step is to attach the library to an existing sandbox:
// Assumes Gadget with ID="Gadget" has been loaded
var instance = new $Sandbox(document.getElementById('inst'), $Policy.Gadget, 'Gadget', objBlob);
// Attach the shared library to the instance
// Shared is the token past ot GUID in the script element.
instance.attach("Shared");
instance.initialize(); // Run the Gadget
Please see the hosting documentation for more information in how this ties into the using the Sandbox on your site.