How to remove java apis from Nashorn-engine?

Question

Is it possible to hide or remove java api\'s from nashorn-engine? So that it could only see or use \"default\" ECMAScript 262 Edition 5.1 with some especially exposed functi

Answer 1

You can run "jjs" tool with --no-java option to prevent any explicit Java package/class access from scripts. That said Nashorn platform is secure and uses Java standard URL codebase based security model ('eval'-ed script without known URL origin is treated like untrusted, unsigned code and so gets only sandbox permissions.