ShadowRealm is a TC39 proposal to add an in-process, synchronous way to create a new global environment with its own global object and its own set of built-ins and intrinsics. See the proposal explainer at https://github.com/tc39/proposal-shadowrealm/blob/main/explainer.md

Motivation

The ShadowRealm API provides a way to run trusted code in a fresh global environment, which has use cases for virtualization, virtual DOM, and other execution of trusted 3rd party code. Please note that because ShadowRealm is a synchronous, in-process (e.g. no separate address space protection) API, it is not a sufficient security boundary for many threat models. It is not a generic sandboxing primitive for security purposes.

Documentation

• https://docs.google.com/document/d/1SWFGpiSdrBwErDNot8rqMyBjKGC3WDArcLnGg7MX6SE/edit?usp=sharing
• https://docs.google.com/document/d/1k9OZxtbKmzENOMzahmm2C0uBNRc_pVLXMSoKsrkJJBw/edit?usp=sharing

Specification

Specification link

Status: Specification currently under development in a Working Group

Status in Chromium

Blink components: Blink>JavaScript>Language

Implementation status: No active development (tracking bug)

Consensus & Standardization

• Firefox: In development
• Safari: In development
• Web Developers: Positive

Owner

• syg@chromium.org

Last updated on 2022-05-05