move js evaluation to sandboxed iframe, remove debug logs

Author: samolego

tools/server/webui/src/assets/iframe_sandbox.html

@@ -0,0 +1,78 @@
+<!doctype html>
+<html>
+  <head>
+    <title>JS Sandbox</title>
+    <script>
+      // Capture console.log output within the iframe
+      const iframeConsole = {
+        _buffer: [],
+        log: function (...args) {
+          this._buffer.push(args.map(String).join(' '));
+        },
+        getOutput: function () {
+          const output = this._buffer.join('\n');
+          this._buffer = [];
+          return output;
+        },
+        clear: function () {
+          this._buffer = [];
+        },
+      };
+      // Redirect the iframe's console.log
+      const originalConsoleLog = console.log; // Keep a reference if needed
+      console.log = iframeConsole.log.bind(iframeConsole);
+
+      window.addEventListener('message', (event) => {
+        if (!event.data || !event.source || !event.source.postMessage) {
+          return;
+        }
+
+        if (event.data.command === 'executeCode') {
+          const { code, call_id } = event.data;
+          let result = '';
+          let error = null;
+          iframeConsole.clear();
+
+          try {
+            result = eval(code);
+            if (result !== undefined && result !== null) {
+              try {
+                result = JSON.stringify(result, null, 2);
+              } catch (e) {
+                result = String(result);
+              }
+            } else {
+              result = '';
+            }
+          } catch (e) {
+            error = e.message || String(e);
+          }
+
+          const consoleOutput = iframeConsole.getOutput();
+          const finalOutput = consoleOutput
+            ? consoleOutput + (result && consoleOutput ? '\n' : '') + result
+            : result;
+
+          event.source.postMessage(
+            {
+              call_id: call_id,
+              output: finalOutput,
+              error: error,
+            },
+            event.origin === 'null' ? '*' : event.origin
+          );
+        }
+      });
+
+      if (window.parent && window.parent !== window) {
+        window.parent.postMessage(
+          { command: 'iframeReady', call_id: 'initial_ready' },
+          '*'
+        );
+      }
+    </script>
+  </head>
+  <body>
+    <p>JavaScript Execution Sandbox</p>
+  </body>
+</html>

tools/server/webui/src/utils/app.context.tsx

@@ -5,7 +5,7 @@ import {
   Conversation,
   Message,
   PendingMessage,
-  ToolCall,
+  ToolCallRequest,
   ViewingChat,
 } from './types';
 import StorageUtils from './storage';
@@ -276,14 +276,12 @@ export const AppContextProvider = ({
         }
       } else {
         const responseData = await fetchResponse.json();
-        if (isDev) console.log({ responseData });
         if (responseData.error) {
           throw new Error(responseData.error?.message || 'Unknown error');
         }
 
         const choice = responseData.choices[0];
         const messageFromAPI = choice.message;
-        console.log({ messageFromAPI });
         let newContent = '';
 
         if (messageFromAPI.content) {
@@ -296,21 +294,21 @@ export const AppContextProvider = ({
           // Store the raw tool calls in the pendingMsg
           pendingMsg = {
             ...pendingMsg,
-            tool_calls: messageFromAPI.tool_calls as ToolCall[],
+            tool_calls: messageFromAPI.tool_calls as ToolCallRequest[],
           };
 
           for (let i = 0; i < messageFromAPI.tool_calls.length; i++) {
-            const tc = messageFromAPI.tool_calls[i] as ToolCall;
-            if (tc) {
+            const toolCall = messageFromAPI.tool_calls[i] as ToolCallRequest;
+            if (toolCall) {
               // Set up call id
-              tc.call_id ??= `call_${i}`;
+              toolCall.call_id ??= `call_${i}`;
 
-              if (isDev) console.log({ tc });
+              if (isDev) console.log({ tc: toolCall });
 
               // Process tool call
-              const toolResult = AVAILABLE_TOOLS.get(
-                tc.function.name
-              )?.processCall(tc);
+              const toolResult = await AVAILABLE_TOOLS.get(
+                toolCall.function.name
+              )?.processCall(toolCall);
 
               const toolMsg: PendingMessage = {
                 id: lastMsgId + 1,
@@ -368,13 +366,7 @@ export const AppContextProvider = ({
       // if message ended due to "finish_reason": "tool_calls"
       // resend it to assistant to process the result.
       if (shouldContinueChain) {
-        console.log('Generating followup message!');
         lastMsgId = await generateMessage(convId, lastMsgId, onChunk);
-        console.log('Generating - done!');
-
-        // Fetch messages from DB for debug
-        const savedMsgs = await StorageUtils.getMessages(convId);
-        console.log({ savedMsgs });
       }
 
       setPending(convId, null);

tools/server/webui/src/utils/tool_calling/agent_tool.ts

@@ -18,11 +18,21 @@ export abstract class AgentTool {
    * @param call The tool call object from the API response.
    * @returns The tool call output or undefined if the tool is not enabled.
    */
-  public processCall(call: ToolCallRequest): ToolCallOutput | undefined {
+  public async processCall(
+    call: ToolCallRequest
+  ): Promise<ToolCallOutput | undefined> {
     if (this.enabled) {
-      return this._process(call);
+      try {
+        return await this._process(call);
+      } catch (error) {
+        console.error(`Error processing tool call for ${this.id}:`, error);
+        return {
+          type: 'function_call_output',
+          call_id: call.call_id,
+          output: `Error during tool execution: ${(error as Error).message}`,
+        } as ToolCallOutput;
+      }
     }
-
     return undefined;
   }
 
@@ -55,5 +65,5 @@ export abstract class AgentTool {
    * The actual tool call processing logic.
    * @param call: The tool call object from the API response.
    */
-  protected abstract _process(call: ToolCallRequest): ToolCallOutput;
+  protected abstract _process(call: ToolCallRequest): Promise<ToolCallOutput>;
 }

tools/server/webui/src/utils/tool_calling/js_repl_tool.ts

@@ -2,15 +2,34 @@ import StorageUtils from '../storage';
 import { ToolCallRequest, ToolCallOutput, ToolCallParameters } from '../types';
 import { AgentTool } from './agent_tool';
 
+// Import the HTML content as a raw string
+import iframeHTMLContent from '../../assets/iframe_sandbox.html?raw';
+
+interface IframeMessage {
+  call_id: string;
+  output?: string;
+  error?: string;
+  command?: 'executeCode' | 'iframeReady';
+  code?: string;
+}
+
 export class JSReplAgentTool extends AgentTool {
   private static readonly ID = 'javascript_interpreter';
-  private fakeLogger: FakeConsoleLog;
+  private iframe: HTMLIFrameElement | null = null;
+  private iframeReadyPromise: Promise<void> | null = null;
+  private resolveIframeReady: (() => void) | null = null;
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  private rejectIframeReady: ((reason?: any) => void) | null = null;
+  private pendingCalls = new Map<string, (output: ToolCallOutput) => void>();
+  private messageHandler:
+    | ((event: MessageEvent<IframeMessage>) => void)
+    | null = null;
 
   constructor() {
     super(
       JSReplAgentTool.ID,
       () => StorageUtils.getConfig().jsInterpreterToolUse,
-      'Executes JavaScript code in the browser console. The code should be self-contained valid javascript. You can use console.log(variable) to print out intermediate values.',
+      'Executes JavaScript code in a sandboxed iframe. The code should be self-contained valid javascript. You can use console.log(variable) to print out intermediate values, which will be captured.',
       {
         type: 'object',
         properties: {
@@ -22,53 +41,134 @@ export class JSReplAgentTool extends AgentTool {
         required: ['code'],
       } as ToolCallParameters
     );
-    this.fakeLogger = new FakeConsoleLog();
+    this.initIframe();
   }
 
-  _process(tc: ToolCallRequest): ToolCallOutput {
-    const args = JSON.parse(tc.function.arguments);
+  private initIframe(): void {
+    if (typeof window === 'undefined' || typeof document === 'undefined') {
+      console.warn(
+        'JSReplAgentTool: Not in a browser environment, iframe will not be created.'
+      );
+      return;
+    }
 
-    // Redirect console.log which agent will use to
-    // the fake logger so that later we can get the content
-    const originalConsoleLog = console.log;
-    console.log = this.fakeLogger.log;
+    this.iframeReadyPromise = new Promise<void>((resolve, reject) => {
+      this.resolveIframeReady = resolve;
+      this.rejectIframeReady = reject;
+    });
 
-    let result = '';
-    try {
-      // Evaluate the provided agent code
-      result = eval(args.code);
-      if (result) {
-        result = JSON.stringify(result, null, 2);
-      } else {
-        result = '';
+    this.messageHandler = (event: MessageEvent<IframeMessage>) => {
+      if (
+        !event.data ||
+        !this.iframe ||
+        !this.iframe.contentWindow ||
+        event.source !== this.iframe.contentWindow
+      ) {
+        return;
       }
-    } catch (err) {
-      result = String(err);
-    }
 
-    console.log = originalConsoleLog;
-    result = this.fakeLogger.content + result;
+      const { command, call_id, output, error } = event.data;
+      if (command === 'iframeReady' && call_id === 'initial_ready') {
+        if (this.resolveIframeReady) {
+          this.resolveIframeReady();
+          this.resolveIframeReady = null;
+          this.rejectIframeReady = null;
+        }
+        return;
+      }
+      if (typeof call_id !== 'string') {
+        return;
+      }
+      if (this.pendingCalls.has(call_id)) {
+        const callback = this.pendingCalls.get(call_id)!;
+        callback({
+          type: 'function_call_output',
+          call_id: call_id,
+          output: error ? `Error: ${error}` : (output ?? ''),
+        } as ToolCallOutput);
+        this.pendingCalls.delete(call_id);
+      }
+    };
+    window.addEventListener('message', this.messageHandler);
 
-    this.fakeLogger.clear();
+    this.iframe = document.createElement('iframe');
+    this.iframe.style.display = 'none';
+    this.iframe.sandbox.add('allow-scripts');
 
-    return { call_id: tc.call_id, output: result } as ToolCallOutput;
-  }
-}
+    // Use srcdoc with the imported HTML content
+    this.iframe.srcdoc = iframeHTMLContent;
 
-class FakeConsoleLog {
-  private _content: string = '';
+    document.body.appendChild(this.iframe);
 
-  public get content(): string {
-    return this._content;
+    setTimeout(() => {
+      if (this.rejectIframeReady) {
+        this.rejectIframeReady(new Error('Iframe readiness timeout'));
+        this.resolveIframeReady = null;
+        this.rejectIframeReady = null;
+      }
+    }, 5000);
   }
 
-  // Use an arrow function for log to correctly bind 'this'
-  public log = (...args: any[]): void => {
-    // Convert arguments to strings and join them.
-    this._content += args.map((arg) => String(arg)).join(' ') + '\n';
-  };
+  async _process(tc: ToolCallRequest): Promise<ToolCallOutput> {
+    let error = null;
+    if (
+      typeof window === 'undefined' ||
+      !this.iframe ||
+      !this.iframe.contentWindow ||
+      !this.iframeReadyPromise
+    ) {
+      error =
+        'Error: JavaScript interpreter is not available or iframe not ready.';
+    }
+
+    try {
+      await this.iframeReadyPromise;
+    } catch (e) {
+      error = `Error: Iframe for JavaScript interpreter failed to initialize. ${(e as Error).message}`;
+    }
+
+    let args;
+    try {
+      args = JSON.parse(tc.function.arguments);
+    } catch (e) {
+      error = `Error: Could not parse arguments for tool call. ${(e as Error).message}`;
+    }
+
+    const codeToExecute = args.code;
+    if (typeof codeToExecute !== 'string') {
+      error = 'Error: "code" argument must be a string.';
+    }
+
+    if (error) {
+      return {
+        type: 'function_call_output',
+        call_id: tc.call_id,
+        output: error,
+      } as ToolCallOutput;
+    }
+
+    return new Promise<ToolCallOutput>((resolve) => {
+      this.pendingCalls.set(tc.call_id, resolve);
+      const message: IframeMessage = {
+        command: 'executeCode',
+        code: codeToExecute,
+        call_id: tc.call_id,
+      };
+      this.iframe!.contentWindow!.postMessage(message, '*');
+    });
+  }
 
-  public clear = (): void => {
-    this._content = '';
-  };
+  // public dispose(): void {
+  //   if (this.iframe) {
+  //     document.body.removeChild(this.iframe);
+  //     this.iframe = null;
+  //   }
+  //   if (this.messageHandler) {
+  //     window.removeEventListener('message', this.messageHandler);
+  //     this.messageHandler = null;
+  //   }
+  //   this.pendingCalls.clear();
+  //   this.resolveIframeReady = null;
+  //   this.rejectIframeReady = null;
+  // }
 }