Security

Execution Environment

All jobs run in a web worker. This has certain implications; for job script code does not have access to the DOM. Additionally, certain API's are not available in a web worker, for example to use canvas you need to use OffscreenCanvas. Refer to the Web Workers documentation for more information.

The following functions are also not allowed job scripts:

Restricted Domains

[XMLHttpRequest])(https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest) and fetch are also limited. Only GET method is supported and only domains necessary to the functioning of the job are allowed.

Data Privacy

For jobs run in public mode (the default), any worker connected to PeerMR is eligible to process a job. This means that any data being processed is not private, even if you take care to encrypt it and decrypt it during processing. The workers will always have access to whatever data they process. Setting the privateMode of a job execution to true means that only workers you connect to PeerMR with your coordinator account are eligible to process your jobs. This is the only way to ensure data privacy in PeerMR.