http://princetonsns.disqus.com/Secure, Scalable, Self-Organizing, Storage, Self-Managing, Sensing, …enSun, 13 May 2012 08:42:59 -0000http://sns.cs.princeton.edu/2011/11/should-we-extend-conference-qa-with-written-responses/#comment-527823777<p>While you are preparing to choose game design colleges,<br>consider the physical campus and location <br>in addition to the academic<br>strength of the game design programs.</p>tareqSun, 13 May 2012 08:42:59 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-514147842<p>Everything that SpiderMonkey supports, which is all of them from 1.0 to 1.8</p>Jeff TerraceMon, 30 Apr 2012 10:27:25 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-513887320<p>Which version of javascript does js.js support? </p>YanskySun, 29 Apr 2012 22:22:45 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-507210507<p>Switching off the JIT ensures that we have a fair comparison. We wanted to measure the overhead of running the interpreter in JavaScript. There are plenty of benchmarks showing how good the JIT performs, so it's not really interesting to compare to a JIT version.</p>Jeff TerraceMon, 23 Apr 2012 16:43:32 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-506135368<p>So it's over 300ms of pure CPU time to do a hello world (or 1+1) startup-work-shutdown cycle.  That's pretty heavy.  This is on a beefy laptop machine, and not a phone or netbook.</p> <p>What's the justification for switching off the JIT in the native version when doing the speed comparison?  Seems like you are just arbitrarily hobbling the competition there.</p> <p>What I learn from this is that there are good engineering reasons to prefer the approach of restricting the dialect of JS that you support as some of the alternative approaches do.  Perhaps one should go even further and require the to-be-sandboxed code to do without eval.</p>Erik CorrySun, 22 Apr 2012 11:14:05 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-505687768<p>FYI:</p> <p>In Fibonacci, Chrome gives me</p> <p>js.js result for iteration 100: 1990706582<br>Native result for iteration 100: 354224848179262000000</p>GuestSat, 21 Apr 2012 15:12:57 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-504455277<p>Could someone do this for PHP please? </p>ThomasXFri, 20 Apr 2012 17:08:25 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-504248805<p>yo dawg. I heard you like javascript. So we put Javascript in your Javascript so you can write Javascript for your Javascript. :-)</p>Colin FaulkinghamFri, 20 Apr 2012 14:30:24 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-504204030<p>Very good work! </p>Techload Sites Ribeirao PretoFri, 20 Apr 2012 13:45:44 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-504191314<p>Jeff, this is some great code!</p>Andrew FuchsFri, 20 Apr 2012 13:33:30 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-504178048<p>It's not about if it will work its about trying to do something that no one thought about.</p> <p>Excellent work guys keep it up</p>IrishadoFri, 20 Apr 2012 13:21:02 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-504176982<p>Yes, see my reply to Marquier's comment about this</p>Jeff TerraceFri, 20 Apr 2012 13:20:02 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-504171393<p>I think there may be an issue with the Fibonacci demo<br>in js.js for numbers larger than 46. Overflow? Using Chrome 18.</p>ZJMFri, 20 Apr 2012 13:14:44 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-504131833<p>Not really - the interpreter is single-threaded. It potentially could be put it in a background web worker so it wouldn't block the main thread, but DOM access would be difficult from a web worker.</p>Jeff TerraceFri, 20 Apr 2012 12:37:24 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-504127341<p>Would there be an performance increase if you used web workers?</p>larrybattleFri, 20 Apr 2012 12:33:13 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-504054239<p>I'm consistently get this error too.</p>wong2Fri, 20 Apr 2012 11:23:31 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-503989628<p>Wow, It's really amazing! </p>PITFri, 20 Apr 2012 10:05:08 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-503960447<p>Hmm, it would be interesting to do, but the NaCl client version should win by a landslide. It's not really a fair comparison.</p> <p>As for startup time - that's what the first entry is in the table of microbenchmark times.</p>Jeff TerraceFri, 20 Apr 2012 09:23:39 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-503957373<p>This is because I'm converting to an i32 rather than a double. It should be able to be fixed relatively easily.</p>Jeff TerraceFri, 20 Apr 2012 09:18:58 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-503930142<p>Until 46 as iteration number in the Fib demo works fine</p> <p>But starting from 47, the native and js.js buttons give different results :(</p>Guénolé MarquierFri, 20 Apr 2012 08:38:01 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-503918024<p>It seems there is no comparison to the NaCl port of V8.</p> <p>Also, startup times for the pages containing js.js would be interesting.</p>Erik CorryFri, 20 Apr 2012 08:20:04 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-503439243<p>Nice, I would like to see more regarding this, but also It can be achieved with much simpler code</p>wewebukFri, 20 Apr 2012 02:54:07 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-503415040<p>It sounds great, but, it a little bit complicated for a very simple concept in Javascript, is it not?<br>What about simply redefining symbols that should not be accessed?</p>GuestFri, 20 Apr 2012 02:35:58 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-503196893<p>If you check out the paper, we have a related work section where we discuss ADsafe and Caja.</p>Jeff TerraceFri, 20 Apr 2012 00:05:45 -0000http://sns.cs.princeton.edu/2012/04/javascript-in-javascript-js-js-sandboxing-third-party-scripts/#comment-503192041<p>How do allow the Javascript access to useful APIs?  Why did you write your own interpreter instead of taking a verifier approach like ADSafe or a source code rewriter approach like Caja?</p>GuestFri, 20 Apr 2012 00:02:39 -0000