I've seen a few other questions that are similar to this question I have, but don't have the answer I am looking for.
I building a website for coding courses (I know there are a lot of them out there already, but I am building it to include all the things I like about the ones already built), and I want to allow people to write code, and be able to share it with others (I know Khan Academy does this, but only for HTML/CSS/JS and [a modified version of] Processing.js, and I know that Replit.com does this for almost every language there is, but I want to have this on my website, if not too difficult).
There are two main problems that I am facing:
- I don't know how to make it run (except for JavaScript, HTML, and CSS, these will be pretty easy to get running since browsers run them).
- I don't know how to limit the use to make it safe to run (I know Khan Academy limits what things you can use in the code, but I don't know what kind of things that I would need to stop from being run).
If I can just do the Web Frontend Pillars, that will be fine, but I at least want to know what and how I can stop unsafe code to be run.
I just had a thought... I don't know a whole lot about it, but if the code (at least JavaScript and HTML/CSS/JavaScript) is run inside an <iframe> will this be safe? Or is it still just as unsafe?