From 6333d2856bab6b03d40e4d1af8809a6ab4094230 Mon Sep 17 00:00:00 2001
From: Marko Lahma <marko.lahma@gmail.com>
Date: Thu, 16 Mar 2023 20:49:17 +0200
Subject: [PATCH] Add Options extension method for DisableStringCompilation
 (#1498)

---
 Jint.Tests/Runtime/EngineTests.cs |  8 +++++---
 Jint/Options.Extensions.cs        | 10 ++++++++++
 Jint/Runtime/Host.cs              |  2 +-
 3 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/Jint.Tests/Runtime/EngineTests.cs b/Jint.Tests/Runtime/EngineTests.cs
index f2b4ac6599..8e5c6892b4 100644
--- a/Jint.Tests/Runtime/EngineTests.cs
+++ b/Jint.Tests/Runtime/EngineTests.cs
@@ -2890,14 +2890,16 @@ public void CanDisableCompilation()
         {
             var engine = new Engine(options =>
             {
-                options.StringCompilationAllowed = false;
+                options.DisableStringCompilation();
             });
 
+            const string ExpectedExceptionMessage = "String compilation has been disabled in engine options";
+
             var ex = Assert.Throws<JavaScriptException>(() => engine.Evaluate("eval('1+1');"));
-            Assert.Equal("String compilation is not allowed", ex.Message);
+            Assert.Equal(ExpectedExceptionMessage, ex.Message);
 
             ex = Assert.Throws<JavaScriptException>(() => engine.Evaluate("new Function('1+1');"));
-            Assert.Equal("String compilation is not allowed", ex.Message);
+            Assert.Equal(ExpectedExceptionMessage, ex.Message);
         }
 
         [Fact]
diff --git a/Jint/Options.Extensions.cs b/Jint/Options.Extensions.cs
index b6015962e9..6c682fb1a2 100644
--- a/Jint/Options.Extensions.cs
+++ b/Jint/Options.Extensions.cs
@@ -99,6 +99,16 @@ public static Options LocalTimeZone(this Options options, TimeZoneInfo timeZoneI
             return options;
         }
 
+        /// <summary>
+        /// Disables calling 'eval' with custom code and function constructors taking function code as string.
+        /// By default eval and function code parsing is allowed.
+        /// </summary>
+        public static Options DisableStringCompilation(this Options options, bool disable = true)
+        {
+            options.StringCompilationAllowed = !disable;
+            return options;
+        }
+
         public static Options AddExtensionMethods(this Options options, params Type[] types)
         {
             options.Interop.ExtensionMethodTypes.AddRange(types);
diff --git a/Jint/Runtime/Host.cs b/Jint/Runtime/Host.cs
index 21db7c3eba..10fb4df887 100644
--- a/Jint/Runtime/Host.cs
+++ b/Jint/Runtime/Host.cs
@@ -110,7 +110,7 @@ public virtual void EnsureCanCompileStrings(Realm callerRealm, Realm evalRealm)
         {
             if (!Engine.Options.StringCompilationAllowed)
             {
-                ExceptionHelper.ThrowJavaScriptException(callerRealm.Intrinsics.TypeError, "String compilation is not allowed");
+                ExceptionHelper.ThrowJavaScriptException(callerRealm.Intrinsics.TypeError, "String compilation has been disabled in engine options");
             }
         }