From f381e95452de4778cac3e89f4c9340f64f6c8ce2 Mon Sep 17 00:00:00 2001
From: Jeremy Ruston <jeremy@osmosoft.com>
Date: Wed, 28 Dec 2011 16:09:49 +0000
Subject: [PATCH] Note about JavaScript sanitisation

---
 js/Sandbox.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/js/Sandbox.js b/js/Sandbox.js
index 3acab652a..3d8d8097a 100644
--- a/js/Sandbox.js
+++ b/js/Sandbox.js
@@ -37,7 +37,7 @@ var sandbox = function(code,globals) {
 	out.push(";})");
 	// Parse the code
 	var tree = uglify.parser.parse(out.join(""));
-	// XXX: Sanitise the code by checking for references to globals
+	// XXX: Sanitise the code by checking for references to globals, stripping out eval()
 	// Recompile the code
 	var compiledCode = uglify.uglify.gen_code(tree);
 	// Execute it