Terrarium is not a security sandbox and is trivially easy to exploit.
transform: It then uses js-traverse to walk every node in the esprima-generated AST, finding comment nodes. Each comment is transformed into an instrumentation call. In node, that means using process.send.
Terrarium provides two APIs:
Terrarium.Node. They have the same
behavior on separate platforms.
iframeand calling functions in
Terrarium.Browser is designed to be used with browserify.
Terrarium.Browser API also accepts an options object to its constructor.
The options include:
var t = ;// or var t = new Terrarium.Node();t;t;t;// later...t; // shut down