I tried submitting this on githib/atom thinking it was an enhancement request, but was redirected here.
I’m attempting to port some code which works in browsers to create a package for Atom. When eval() is used inside Worker code, it generates the standard EvalError due to the Content Security Policy script-src: ‘self’, i.e., no ‘unsafe-eval’.
If the code was on the main thread, it could use the common ‘loophole’ based on the ‘vm’ module. But Node cannot be used inside Worker’s and this is unlikely to change due to thread safety issues (electron Issue #797).
Two possible ways around this problem:
Provide a mechanism by which Workers can use the standard loophole, e.g., pre-install ‘vm’ or equivalent into WorkerGlobalSpace.
Provide a mechanism to redefine the security policy within a package.
But I’m open to other suggestions, including use of some Atom feature that I haven’t found yet. I’m not looking for an alternative to Workers; I’d like to reuse the code that already works in browsers.