Stack Overflow has a new "Run snippet" button

2 min. read

As every other developer and their dog, I crash from time to time in SO for answers to questions of Life, the Universe and Everything Else.

The other day I came across a question that had a button I hadn't seen before. The button was below a code snippet, and when I clicked it, the snippet executed against an HTML5 sandboxed iframe inserted in the post:

Stack Overflow new run snippet button

I found this so AWESOME that I had to search the origins of it. And I fell into this Stack Overflow post that explains it all.

When I read how they do it, it reminded me of a recent CodePen podcast where the creators of the site explained how they create a secure environment for the execution of scripts. Basically:

  • They use HTML5 sandboxed iframes in order to prevent many forms of malicious attack.
  • They render the Snippets on an external domain (stacksnippets.net) in order to ensure that the same-origin policy is not in effect and to keep the snippets from accessing your logged-in session or cookies.

It's gonna be great to be able to see the results of a snippet without having to copy and paste and save and compile and run in your own computer :-)

Comments