1

I'm trying to figure out how to transmit a JS (not JSON) over a REST API, basically the idea is that the client can send the object with functions () that will provide the functionality for posterior execution.

For example How to transmit

var jsObj = {
 a: 1
 b: function () { console.log("B") }
}

from Node A to Node B, so that now Node B knows how to execute b()

Thank you

Improve this question
4
  • I guess transferring the file with the javascript and then doing eval would work, not sure if that's the best way to work it around :( Commented Aug 28, 2013 at 0:37
  • How can you trust what the client sends is safe to execute? As an example, they could use the child_process module to spawn an executable to wreak havoc on your system. Commented Aug 28, 2013 at 1:11
  • LOL you said "posterior execution" ;). David is right, eval() would be the only way to make that work, but that could get messy. This sounds like a usecase for JSONP with an authentication token. It would probably be cleaner to just authenticate a <script> transfer then it would just be evaluated normal. I'm pretty sure this idea is not something associate with REST or CRUD, I could be wrong. Commented Aug 28, 2013 at 1:29
  • "posterior execution" Ahah that's what happens when you try to speak english thinking in portuguese XD Currently I'm not worried about command injection, I can always authenticate the data with PubKey and avoid replay attacks with vector clocks later @Dylan I'm trying to pull this off with Node.js node to Node.js node, no script tags in the middle, JSONP could be it, but so far it's dropping the JSON functions, could you show me an example? Thank you! Commented Aug 28, 2013 at 1:54

1 Answer 1

Reset to default
1

If you are in control of both services, why not just have Node A report a string API endpoint to Node B that Node B can hit with certain data? Like

var jsObj = {
    a: 1
    b: "http://api.somedomain.com/api/b/"
};

And then have Node B call that endpoint with whatever data is necessary (in this example with mikeal's request module):

request.get(jsObj.b + "helloworld");

And have a route in Node B that matches /api/b/:param and a function to handle it (not sure what you're using for routing - this is sort of an express specific example).

This is kind of the idea behind service oriented architecture: each service knows how to handle a subset of functionality and the services talk to each other to complete tasks.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thank you @tandrewnichols , the thing is that I really want to pass functionality, this is an hardware thing, the code on remote depends on the devices attached, and it has to be modular enough that everyone can write tiny easy controllers for all sorts of things and deploy them, I guess I will have to go with a file transfer(cipher, signed, all the security things) and then require it like a node module to make this happen.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.