JavaScript ScriptEngine encapsulation break?

Discussion in 'Plugin Development' started by cakenggt, Feb 4, 2015.

Thread Status:
Not open for further replies.
  1. Offline

    cakenggt

    I have created a plugin called SpellScript that lets users do certain things in Minecraft with JavaScript. However, I currently can't recommend to anyone that they run this plugin on a production server due to the possibility that the encapsulation I have set up with wrapper classes might be broken. If anyone is up for it, I would appreciate more sets of eyes searching for ways that a malicious user might wreak havoc using this plugin.

    The bukkit-dev page is here (includes a working version of the plugin): http://dev.bukkit.org/bukkit-plugins/spellscript/
    The github is here: https://github.com/cakenggt/SpellScript
    The creation of the ScriptEngine is here: https://github.com/cakenggt/SpellSc.../aleclownes/SpellScript/NodeRunnable.java#L22
    The JavaDocs are here: http://aleclownes.com/jd/SpellScript/
     
    Last edited: Feb 4, 2015
Thread Status:
Not open for further replies.

Share This Page