Sometimes you might want to make your UI customizable by the players, so you would let them add MOD files. In those cases, you would want to prevent malicious scripts from running. To be sure that the files are safe you can disable or restrict the execution of JavaScript code. In order to prevent abuse from players we suggest:

Running files added by the player in an <iframe> that is in sandbox mode like so:

<iframe src="PlayerMadeContent.html" title="iframe example 1" width="400" height="300" sandbox>
</iframe>

Making a custom resource handler that inherits our ResourceHandler and stops any access to the filesystem outside of the MOD files, setting Coherent::UIGT::ViewInfo::InterceptResourceLoading to true and overloading the Coherent::UIGT::ResourceHandler::OnShouldLoadResourceRequest method. This would stop potentially harmful resources from loading and "hiding" any potentially harmful DOM API like so:
```
window.WebSocket = function () { throw 'forbidden'; }
```

The script above can be called by either Coherent::UIGT::View::ExecuteScript or by directly adding it to the user made pages.