Sandboxing
Sandboxing is a technique to restrict the usage of Java code in WebApps and RestApps. The purpose is to ensure reliable and robust execution of WebApps/RESTApps and to make sure that only techniques that will be available in future releases of Sitevision is being used in custom applications.
Server-side Javascript execution in WebApps/RESTApps is sandboxed and only explicitly white-listed Java classes will be allowed.
- WebApps/RESTApps in Sitevision Cloud
All WebApps and RESTApps running in Sitevision cloud will be sandboxed as of Sitevision 5. - WebApps/RESTApps on-premise
WebApps and RESTApps of Add-ons created in Sitevision 5 or later will be sandboxed. Apps that are deployed to Add-ons created before Sitevision 5 will continue to execute outside the sandbox.
Java Whitelist
The white-list basically contains all interfaces/classes/enums/exceptions of the the Sitevision Public API. It also contains all core Java classes/enums/exceptions that is thrown or used as argument or as return value of the Public API.
Sitevision Public API
All interfaces/classes/enums/exceptions in a Public API package: |
|---|
javax.jcr.* |
senselogic.sitevision.api.* |
Core classes
Class | Since |
|---|---|
java.lang.Boolean | |
java.lang.Byte | |
java.lang.Character | |
java.lang.Double | |
java.lang.Float | |
java.lang.Integer | |
java.lang.Long | |
java.lang.Number | 6.1 |
java.lang.Object | 5.0.1 |
java.lang.Short | 5.1 |
java.lang.String | |
java.util.Date | |
java.util.Calendar | |
java.util.Locale | |
java.math.BigDecimal | |
java.math.BigInteger |
Collection-related classes
Class | Since |
|---|---|
java.util.ArrayDeque | 5.1 |
java.util.ArrayList | |
java.util.Arrays | |
java.util.Collections | |
java.util.ConcurrentHashMap | |
java.util.EnumMap | |
java.util.EnumSet | |
java.util.HashSet | |
java.util.HashMap | |
java.util.Hashtable | |
java.util.LinkedHashMap | |
java.util.LinkedHashSet | 5.0.2 |
java.util.LinkedList | 5.1 |
java.util.Stack | 5.1 |
java.util.TreeMap | 5.0.1 |
java.util.TreeSet | 5.0.2 |
java.util.Vector | |
java.util.stream.Collectors | 5.0.1 |
IO-related classes
Class | Since |
|---|---|
java.io.BufferedInputStream | |
java.io.BufferedReader | 5.0.1 |
java.io.ByteArrayInputStream | 5.0.1 |
java.io.CharArrayReader | 5.0.1 |
java.io.DataInputStream | 5.0.1 |
java.io.InputStreamReader | 5.0.1 |
java.io.PrintWriter | |
java.io.StringWriter |
Formatting-related classes
Class | Since |
|---|---|
java.text.SimpleDateFormat | |
java.time.format.DateTimeFormatter | |
java.time.format.DateTimeFormatterBuilder | |
java.time.FormatStyle |
Time-related classes
Class | Since |
|---|---|
java.util.GregorianCalendar | |
java.util.TimeZone | |
java.util.SimpleTimeZone | |
java.util.concurrent.TimeUnit | |
java.time.Instant | |
java.time.Duration | |
java.time.Period | |
java.time.LocalDate | |
java.time.LocalDateTime | |
java.time.LocalTime | |
java.time.OffsetDateTime | |
java.time.OffsetTime | |
java.time.ZonedDateTime | |
java.time.ZoneOffset | |
java.time.ZoneId | |
java.time.Year | |
java.time.YearMonth | |
java.time.Month | |
java.time.MonthDay | |
java.time.DayOfWeek | |
java.time.temporal.ChronoUnit | |
java.time.temporal.ChronoField | |
java.time.temporal.IsoFields | |
java.time.temporal.WeekFields | |
java.time.temporal.TemporalAdjusters | |
java.time.zone.ZoneRules | |
java.time.zone.ZoneRulesProvider | 8 |
java.time.zone.ZoneOffsetTransition | |
java.time.zone.ZoneOffsetTransitionRule |
Misc classes
Class | Since |
|---|---|
java.lang.Math | 5.0.1 |
java.lang.StringBuffer | |
java.lang.StringBuilder | |
java.util.Base64 | |
java.util.Objects | 5.0.1 |
java.util.Optional | |
java.util.Random | 5.0.1 |
java.util.UUID | |
java.util.regex.Matcher | |
java.util.regex.Pattern | |
java.net.InetAdress | |
java.nio.charset.Charset | |
java.nio.charset.StandardCharsets | |
java.security.SecureRandom | 5.0.1 |
java.text.Collator | 5.1 |
java.text.Normalizer | |
java.text.Normalizer.Form |
Core interfaces
Class | Since |
|---|---|
java.lang.Comparable | 5.0.1 |
java.lang.Iterable | 5.0.1 |
java.util.Comparator | |
java.util.Iterator | 5.0.1 |
java.util.concurrent.Callable | 5.0.1 |
java.util.function.BiConsumer | 5.0.1 |
java.util.function.BiFunction | 5.0.1 |
java.util.function.Consumer | 5.0.1 |
java.util.function.Function | 5.0.1 |
java.util.function.Predicate | 5.0.1 |
java.util.function.Supplier | 5.0.1 |
Exceptions
Class | Since |
|---|---|
java.lang.ArithmeticException | 5.0.1 |
java.lang.ArrayIndexOutOfBoundsException | 5.0.1 |
java.lang.ClassCastException | 5.0.1 |
java.lang.Exception | 5.0.1 |
java.lang.IndexOutOfBoundsException | 5.0.1 |
java.lang.IllegalArgumentException | |
java.lang.IllegalStateException | 5.0.1 |
java.lang.NegativeArraySizeException | 5.0.1 |
java.lang.NullpointerException | |
java.lang.NumberFormatException | 5.0.1 |
java.lang.RuntimeException | |
java.lang.StringIndexOutOfBoundsException | 5.0.1 |
java.lang.UnsupportedOperationException | |
java.text.ParseException | 6.1 |
java.util.ConcurrentModificationException | 5.0.1 |
java.util.EmptyStackException | 5.0.1 |
java.util.NoSuchElementException | 5.0.1 |
java.util.regex.PatternSyntaxException | 5.0.1 |
java.io.CharConversionException | 5.0.1 |
java.io.EOFException | 5.0.1 |
java.io.InterruptedIOException | 5.0.1 |
java.io.IOException | |
java.io.NotSerializableException | 5.0.1 |
java.io.UncheckedIOException | 5.0.1 |
java.io.UnsupportedEncodingException | 5.0.1 |
java.nio.charset.IllegalCharsetNameException | 5.0.1 |
java.nio.charset.UnsupportedCharsetException | 5.0.1 |
java.security.NoSuchAlgorithmException | |
java.time.DateTimeException | |
java.time.format.DateTimeParseException | |
java.time.temporal.UnsupportedTemporalTypeException | 8 |
java.time.zone.ZoneRulesException | 8 |