The `securable-module` module allows for the recursive loading
and sandboxing of
[CommonJS Modules](http://wiki.commonjs.org/wiki/Modules/1.0)
(formerly called SecurableModules). This allows, for instance,
the creation of "mini platforms" that manage the sandboxed evaluation of code.
## Loader Objects ##
Loader objects encapsulate the sandboxed loading of SecurableModules
and the execution of code that relies upon them.
Loader.**runScript**(*options*)
Runs JavaScript code in the context of the Loader. *options* is an
object with the following keys:
contents |
A string of JavaScript code. |
filename |
An absolute URL naming the file from which the code
originates; useful for error reporting and debugging. If omitted,
this option defaults to "<string>" . |
lineNo |
An integer representing the line from the file which the
beginning of the code corresponds to. If ommitted, this option
defaults to 1 . |
jsVersion |
A string representing the JavaScript version that the code
should be interpreted under. If omitted, this options defaults to
the latest version of JavaScript supported by the platform. |
This method returns the most recent value evaluated by the given code.
Loader.**runScript**(*code*)
If *code* is a string of JavaScript code, this is a convenient
shorthand for `Loader.runScript({contents: code}}`.
Loader.**require**(*module*)
This loads the given module name using the standard `require()`
semantics and returns the loaded module.
## Functions ##
securable-module.**Loader**(*options*)
Creates a new SecurableModule Loader. *options* is an object with
the following keys:
rootPaths |
A list of absolute URLs that will be searched, in order, for
SecurableModules when require() is called by any code
executing within the context of the Loader. |
rootPath |
A single absolute URL; this is a convenience option,
synonymous with setting rootPaths to an array containing
a single URL. |
defaultPrincipal |
A string representing the default principal given to any code
that is executed by the Loader. This can be "system" , in
which case code executed has full chrome access (including access
to the Components object which allows it to access the
Mozilla platform unrestricted).
Alternatively, it can be a URL, such as "http://www.foo.com" ,
in which case it is treated like web content. If left unspecified,
the default value of this option is "http://www.mozilla.org" .
|
globals |
An object containing the names and values of all variables
that will be injected into the global scope of all code executed
by the Loader. |