Skip to content
This repository was archived by the owner on Dec 4, 2023. It is now read-only.

Commit d51befb

Browse files
cowboydcowboyd
committed
Update documentation for execution timeout feature
1 parent d202a2e commit d51befb

3 files changed

Lines changed: 40 additions & 2 deletions

File tree

Changelog.md

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,15 @@
11
# Changelog
22

3+
## Current
4+
5+
* add `timeout` option to `V8::Context` to forcibly abort long running scripts (thanks to @SamSaffron)
6+
7+
## 0.12.0 2013/08/20
8+
9+
* upgrade v8 to 3.16.4 (thanks to @ignisf)
10+
* enable native (and functional) weakref implementation for MRI > 2.0
11+
* expose low level interface for `V8::C::HeapStatistics#total_physical_size`
12+
313
## 0.11.1 2013/01/04
414

515
* reintroduce the dependency on libv8

README.md

Lines changed: 27 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -125,6 +125,32 @@ behavior you'd like.
125125

126126
More documentation can be found on the [GitHub wiki](https://github.com/cowboyd/therubyracer/wiki)
127127

128+
### Protecting Your CPU cycles
129+
130+
When running untrusted JavaScript code, you not only have to protect
131+
which functions it has access to, but also how much of your CPU it can
132+
consume. Take this simple, yet thoroughly malicious script:
133+
134+
```javascript
135+
while (true) {}
136+
```
137+
138+
It will loop forever and never return control to the calling Ruby
139+
thread. To protect against such JavaScript code that either
140+
deliberately or accidentally runs longer that it should, you can
141+
set an explicit timeout on your context. If the code runs longer that
142+
the allowed timeout, then it will throw an exception. Note that this
143+
exception could be raised at any point in the execution of the
144+
JavaScript.
145+
146+
To specify the timeout (in milliseconds), pass in the `timeout` option
147+
to the constructor.
148+
149+
```ruby
150+
cxt = V8::Context.new timeout: 700
151+
cxt.eval "while (true);" #= exception after 700ms!
152+
```
153+
128154
### PREREQUISITES
129155

130156
The Ruby Racer requires the V8 Javascript engine, but it offloads the
@@ -173,4 +199,4 @@ TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
173199
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
174200

175201
[1]: https://github.com/cowboyd/libv8
176-
[2]: http://code.google.com/p/v8/wiki/BuildingWithGYP
202+
[2]: http://code.google.com/p/v8/wiki/BuildingWithGYP

lib/v8/context.rb

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
1+
# -*- coding: utf-8 -*-
12
require 'stringio'
23
module V8
34
# All JavaScript must be executed in a context. This context consists of a global scope containing the
@@ -39,7 +40,8 @@ class Context
3940
# @return [V8::C::Context] the underlying C++ object
4041
attr_reader :native
4142

42-
# maximum execution time for script in milliseconds
43+
# @!attribute [r] timeout
44+
# @return [Number] maximum execution time in milliseconds for scripts executed in this context
4345
attr_reader :timeout
4446

4547
# Creates a new context.

0 commit comments

Comments
 (0)