Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
A Vite plugin to generate untrusted certificates for HTTPS dev servers
vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules.
Capability-style filesystem roots for Node.js apps that handle untrusted relative paths.
Secure iframe rendering for untrusted content using SafeContentFrame
Sanitize untrusted CSS with a configuration specified by a Whitelist. 根据白名单过滤CSS
No description provided.
Here's the scenario: You want to build a secure means of some untrusted site opening a window, which loads content at a trusted site. Then you want the untrusted dude to be able to pass in parameters. Then you want the trusted code to do any amount of
vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Securely!
vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Securely!
## Process untrusted regexes in JavaScript, with the power of Rust!
Run untrusted code in a seperate process using VM2 module. With timeout and memory limit management
Cleans & validates untrusted data, with TypeScript & Flow support
Encrypted GPU inference on untrusted infrastructure
Helps you call untrusted contracts safely
Simple HTML purifier/cleaner for untrusted HTML.
Lightweight VM sandboxes for Node.js — run AI agents and untrusted code with hardware-level isolation.
nodevm is a sandbox that can run untrusted code with whitelisted Node's built-in modules
execute untrusted code with custom permissions
JavaScriptCore-native sandbox for Bun — heap-isolated execution for untrusted code, isolated-vm-shaped API
Sandboxed bash for untrusted command execution
Secure WASM runtime to execute untrusted code
Safely run untrusted code
Sandboxed bash for untrusted command executions
Safe, fast, zero-panic, zero-crashing, zero-allocation parsing of untrusted inputs in Rust.
This crate aim to provide a type-safe way to handle and sanitize potentially untrusted values like user input.
This crate aim to provide a type-safe way to handle and sanitize potentially untrusted values like user input.
This crate aim to provide a type-safe way to handle and sanitize potentially untrusted values like user input.
AXON — the formal cognitive language: a deterministic, proof-carrying AI runtime. Native Rust lexer/parser/type-checker/IR generator (re-exported from axon-frontend) plus the runtime: typed channels (π-calculus mobility, capability extrusion), algebraic effects via Free Monad CPS handlers, lease kernel + reconcile loop, the Epistemic Security Kernel, Trust Types, Proof-Carrying Code (independently verifiable proof objects), and the closed-catalog extension mechanism. Crate publishes as `axon-lang`; library import is `use axon::*` so existing call sites keep working unchanged.
Untrusted or host IO implementation for SGX enclaves
Implements the Benaloh Challenge (also known as an Interactive Device Challenge), a crytographic technique to ensure the honesty of an untrusted device.
Ensure that files can only be read or written by trusted users
Untrustended - Untrusted Extended. A compilation of primitives for parsing values from untrusted input.
Sandbox a cargo build command using firejail or bwrap
Safely and explicitly parse untrusted / dangerous data
Automated mirror of untrusted - Safe, fast, zero-panic, zero-crashing, zero-allocation parsing of untrusted inputs in Rust.
This gem provides a module called SanitizeUrl, which you can mix-in anywhere you like. It provides a single method: sanitize_url, which accepts a URL and returns one with JavaScript removed. It also prepends the http:// scheme if no valid scheme is found.
The goal of this gem is to avoid depending on potentially forgeable headers down the line by configuring the deploy target properly.
Evaluates ruby code by writing it to a tempfile and spawning a child process. Uses a allowlist of methods and constants to keep, for example one cannot run system commands in the environment created by this gem. The environment created by the untrusted code does not leak out into the parent process.
Safely run untrusted Javascript from Ruby
Ensure the character encoding in Strings coming from untrusted sources.
Trusted Sandbox makes it simple to execute classes that eval untrusted code in a resource-controlled docker container
The goal of this gem is to avoid depending on potentially forgeable headers down the line by configuring the deploy target properly. Forks https://github.com/pusher/rack-headers_filter to allow more configuration options when initializing the headers. Personally disagree with the restrictive list of headers in this component which is used here in a more general purpose way
RubyBox allows the execution of untrusted Ruby code safely in a sandbox.
kobako provides an in-process Wasm sandbox (wasmtime + mruby) with a MessagePack-based host/guest RPC, allowing Ruby applications to execute untrusted mruby scripts under capability-based Service injection.
Security API to block unwanted access from Tor browser and untrusted IPs in one line of code.
Radioactive wraps Net::HTTP with defenses against SSRF, DNS rebinding, slowloris, response and decompression bombs, redirect chains into private addresses, and disallowed schemes. Safe-by-default for use cases like link previews, image proxies, webhook delivery, and metadata extraction from user-supplied URLs.
Safely evaluate arithmetic, comparison, and boolean expressions from untrusted input. Uses a custom parser with no eval, send, or method_missing. Includes timeout support.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.