plv8 disable execute and prepare function in eval()

351 Views Asked by Alexandre At 17 April 2025 at 14:17

How could I deactivate the access to plv8 functions in my eval?

create or replace function
js(src text, input json) returns json as $$
  plv8.elog(NOTICE, 'test');
  //--plv8 = null; // this would disable permanently plv8, also after another call of the function
  var evalRes = eval('var output=null; ' + src + '; output;');
  return JSON.stringify(evalRes);
$$ LANGUAGE plv8;

Original Q&A

There are 1 best solutions below

Alexandre On 09 June 2015 at 06:17

I finally found the solution:

create or replace function
public.js(src text, input json) returns json as $$
  //-- select js('var a = input.test; var output = []; for(k in a) { output.push(10+a[k]); };', '{"test": [1,2,3]}'::json)
  //-- select public.js('plv8.elog(NOTICE, "yoyo");', null) // should not be possible
  plv8.elog(NOTICE, 'test');
  var evalRes = null;
  (function() {
        var plv8 = null; //-- In order to disable execute, prepare...
        evalRes = eval('var output=null; ' + src + '; output;');
  })();
  plv8.elog(NOTICE, 'test2');
  return JSON.stringify(evalRes);
$$ LANGUAGE plv8;

plv8 disable execute and prepare function in eval()

There are 1 best solutions below

Related Questions in JAVASCRIPT

Related Questions in POSTGRESQL

Related Questions in PLV8

Trending Questions

Popular # Hahtags

Popular Questions