Safely sandbox and execute user submitted JavaScript?

Question

I would like to have the ability to let users submit arbitrary JavaScript code, which is then sent to a Node.JS server and safely executed before the output is sent back to

Answer 1

Under Node.js you may create a sandboxed child process, but you also need to append the code with "use strict";, otherwise it is possible to break the sandbox with arguments.callee.caller.

Not sure why you need to send it to the server, because the code may also be executed in a sandboxed web-worker.

Also take a look at my Jailed library which simplifies everything just mentioned for both Node.js and web-browser, and additionally provides an opportunity to export a set of functions into the sandbox.