Skip to content

node.js function serialization/deserialization

License

Notifications You must be signed in to change notification settings

eyecuvision/funcster

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

funcster

This library contains utilities for serializing and deserializing functions. It provides recursive traversal to discover both serialized and unserialized functions nested within objects and arrays. This is particularly useful for embedding functions into JSON objects.

Security warning

This package performs the equivalent of eval, and thus should only be used to deserialize functions delivered from trusted sources. Do not use any of the deserialization functions on strings fron untrusted sources.

Installation

npm install funcster

Function reference

serialize(function, [marker])

serialize(function() { return "Hello world!" });
// -> { __js_function: 'function() { return "Hello world!" }' }

deepSerialize(root, [marker])

lib = {
  moduleA: {
    functions: {
      helloWorld: function() { return "Hello world!" }
    }
  },
  moduleB: {
    functions: {
      goodbyeWorld: function() { return "Goodbye world!" }
    }
  },
};

funcster.deepSerialize(lib);

// -> {
//      moduleA: {
//        functions: {
//          helloWorld: { __js_function: 'function() { return "Hello world!" }' }
//        }
//      },
//      moduleB: {
//        functions: {
//          goodbyeWorld: { __js_function: 'function() { return "Goodbye world!" }' }
//        }
//      },
//    }

deepDeserialize(root, [marker, [moduleOpts]])

Security warning

deepDeserialize performs code evaluation on strings, and is susceptible to arbitrary code injection. Please make sure that root comes from a trusted source before using it.

Example

serializedLib = {
  moduleA: {
    functions: {
      helloWorld: { __js_function: 'function() { return "Hello world!" }' }
    }
  },
  moduleB: {
    functions: {
      goodbyeWorld: { __js_function: 'function() { return "Goodbye world!" }' }
    }
  },
};

deserializedLib = funcster.deepDeserialize(serializedLib);
deserializedLib.moduleA.functions.helloWorld(); // -> Hello world!
deserializedLib.moduleB.functions.goodbyeWorld(); // -> Hello world!

Available options:

globals (object)

This option injects objects from the host context into the function evaluation context. The key is the name of the object inside the function evaluation context, and the value is the object in the host context.

deserializedLib = funcster.deepDeserialize(serializedLib, {
  globals: { foo: true }
});

requires (object)

This option injects require-able modules into the function evaluation context. These modules will be re-required in the host context, generating distinct module objects to those that might already exist. This is a safer method of granting serialized functions access to common libraries.

deserializedLib = funcster.deepDeserialize(serializedLib, {
  requires: { _: 'underscore' }
});

About

node.js function serialization/deserialization

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • CoffeeScript 98.5%
  • Makefile 1.4%
  • JavaScript 0.1%