aboutsummaryrefslogtreecommitdiffhomepage
path: root/worker/php/lib.mjs
diff options
context:
space:
mode:
Diffstat (limited to 'worker/php/lib.mjs')
-rw-r--r--worker/php/lib.mjs11
1 files changed, 11 insertions, 0 deletions
diff --git a/worker/php/lib.mjs b/worker/php/lib.mjs
index d877856..a5f10ab 100644
--- a/worker/php/lib.mjs
+++ b/worker/php/lib.mjs
@@ -9,6 +9,17 @@ const PRELUDE = `
const BUFFER_MAX = 10 * 1024;
+const FORBIDDEN_CONSTRUCTS = [/\beval\b/i];
+
+export function validateCode(code) {
+ for (const pattern of FORBIDDEN_CONSTRUCTS) {
+ if (pattern.test(code)) {
+ return `Forbidden: eval() is not allowed`;
+ }
+ }
+ return null;
+}
+
export function preprocessCode(originalCode) {
if (originalCode.startsWith("<?php")) {
return PRELUDE + originalCode.slice(5);
generated by cgit v1.3.1 (git 2.54.0) at 2026-06-03 23:48:24 +0000