Sandboxed DSL


I’m investigating different technologies to create a DSL that must allow for the runtime and sandboxed execution of dynamic scripts. Kotlin seems to be a very interesting option but I don’t full understand if it can satisfy the “sandbox” part of the requirement. I need to be able to significantly restrict the functionality of the DSL (e.g. no I/O operations, no thread spawning, no use of unauthorized libraries, etc.) while allowing for rich data manipulation features (e.g. GitHub - jOOQ/jOOX: jOOX - The Power of jQuery Applied to W3C DOM Like JDBC, DOM is a powerful, yet very verbose low-level API to manipulate XML. The HTML DOM an be manipulated with the popular jQuery product, in JavaScript. Why don't we have jQuery in Java? jOOX is jQuery's XML parts, applied to Java. or JSONPath - XPath for JSON).

I would appreciate any type of feedback on the above before I allocate time to understand Kotlin in details .

Thank you in advance.


Kotlin has no provisions for DSL sandboxing at this time. Kotlin supports internal DSLs, and those DSLs have full access to all of the available language and library features.

The JVM has some sandboxing features you can use to get something similar, but they are hard to use.