Script sandbox environment

  • Release version: Zurich
  • Updated May 5, 2026
  • 2 minutes to read

    • The script sandbox environment is a restricted execution context in which untrusted, client-generated scripts run on the server using one of two evaluators: the guarded script evaluator or the script sandbox evaluator.

    Script sandbox environment overview

    When a script is sent to the server, a server-side script evaluator determines whether the script is trusted. Trusted scripts run in the JavaScript engine. Untrusted scripts run in the restricted sandbox environment instead.

    Note:
    The sandbox does not apply to script includes, which run in the application scope outside of the sandbox, or to client-side scripts.
    Untrusted scripts are client-generated and sent to the server for evaluation in the following ways:
    • Filter or query parameters: Filter and query parameters in URLs can send scripts to the server with HTTP requests, such as when a logged-out user follows a link containing a javascript: filter parameter.
    • System APIs: The AJAXEvaluate API call allows the client to run arbitrary scripts on the server and receive a response.
    Within the sandbox, the following restrictions apply to scripts:
    • Only business rules marked Client callable can be called.
    • Only script includes marked Sandbox enabled can be called.
    • Certain API calls, mostly limited to ones dealing with direct database access, aren’t allowed.
    • Data can’t be inserted, updated, or deleted from within the sandbox. For example, any calls to current.update() are ignored.
    Note:
    Beginning with the Xanadu release, script includes marked as Glide AJAX enabled (previously named Client callable) aren’t accessible within the sandbox. Only those marked Sandbox enabled are available within the sandbox. When upgrading to the Zurich release from the Washington DC release or earlier, any script includes marked as Client callable are also marked as Sandbox enabled.

    Script sandbox evaluators

    Beginning with the Zurich Patch 9 release, the sandbox uses two evaluators to enforce different levels of restrictions:

    • Guarded script evaluator: Enhances instance security by supporting only a restricted scripting language and rejecting untrusted scripts that are incompatible. Guest transactions are fully enforced immediately. Scripts sent by authenticated users are evaluated differently depending on the instance type.
    • Script sandbox evaluator: Helps prevent executing untrusted scripts on an instance by limiting the APIs available to scripts.
    Table 1. Comparison of the guarded script evaluator and script sandbox evaluator
    Characteristic Guarded script evaluator Script sandbox evaluator
    Purpose Provides enhanced security for scripts that run in the sandbox. Uses a domain-specific language (DSL) that permits only a small set of JavaScript features. Supports additional JavaScript but restricts certain APIs for scripts.
    JavaScript support Only a single simple expression or function call and only certain APIs. Features supported by the JavaScript engine except for certain API and method restrictions.
    When it runs Evaluates untrusted scripts that haven't been granted a guarded-script exemption. Evaluates untrusted scripts under the following conditions:
    • A script has been granted a guarded-script exemption (manually or automatically).
    • When guarded script is in Phase 1: Detection, and a script is sent to the server by an authenticated user.
    Script includes Not applicable: script includes run outside the sandbox in the application scope Not applicable: script includes run outside the sandbox in the application scope

    For details about each evaluator, including JavaScript restrictions, see the following topics and the Server-Side Sandbox Runtime Replacement [KB2944435] article on the Now Support Knowledge Base.