ShadowRealm is a TC39 proposal to add an in-process, synchronous way to create a new global environment with its own global object and its own set of built-ins and intrinsics. See the proposal explainer at https://github.com/tc39/proposal-shadowrealm/blob/main/explainer.md

Motivation

The ShadowRealm API provides a way to run trusted code in a fresh global environment, which has use cases for virtualization, virtual DOM, and other execution of trusted 3rd party code. Please note that because ShadowRealm is a synchronous, in-process (e.g. no separate address space protection) API, it is not a sufficient security boundary for many threat models. It is not a generic sandboxing primitive for security purposes.

Documentation

Specification

Specification link


Specification currently under development in a Working Group

Status in Chromium

Blink>JavaScript>Language


No active development (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

Owner

Last updated on 2022-05-05