Sandboxed JavaScript is a simplified subset of the JavaScript language that
provides a safe way to execute arbitrary JavaScript logic from Google Tag
Manager's custom templates. To provide a safe execution environment, some
features of JavaScript are restricted or removed. Sandboxed JavaScript is based
on ECMAScript 5.1. Some ECMAScript 6 features such as arrow functions and
const
/let
declarations are available.
Global execution environment
Sandboxed JavaScript is not executed in the standard global execution
environment like normal JavaScript, so the window
object and its properties
are not available. This includes methods defined in the global scope like
encodeURI
or setTimeout
, global values like location
or document
, and
global values defined by loaded scripts. In place of these, a global require
function is available to all sandboxed JavaScript that provides many of these
functions. Values can be read from the window with the
copyFromWindow
utility.
Simplified type system
Sandboxed JavaScript supports the following types: null
, undefined
,
string
, number
, boolean
, array
, object
, and function
. Arrays and
objects are created using the literal syntax ( [] {}
), and because there's no
access to the standard global execution environment, global constructors like
String()
and Number()
aren't available. There is no new
keyword in
sandboxed JavaScript, and functions do not have access to the this
keyword.
Some native type methods have also been removed. See standard library for an
exhaustive list of supported native type methods.
Custom template code format
The code written to implement a custom template represents the body of a
function that will be executed whenever your tag is fired or your variable is
evaluated. This function has a single data parameter (data
) that holds all the
values configured in the UI for that tag or variable instance, with the keys set
to the names of the template parameters specified in the custom template.
Sample beacon tag implementation
const sendPixel = require('sendPixel');
const encodeUri = require('encodeUri');
const encodeUriComponent = require('encodeUriComponent');
let url = encodeUri(data['url']);
if (data['useCacheBuster']) {
const encode = require('encodeUriComponent');
const cacheBusterQueryParam = data['cacheBusterQueryParam'] || 'gtmcb';
const last = url.charAt(url.length - 1);
let delimiter = '&';
if (url.indexOf('?') < 0) {
delimiter = '?';
} else if (last == '?' || last == '&') {
delimiter = '';
}
url += delimiter +
encodeUriComponent(cacheBusterQueryParam) + '=' + encodeUriComponent(data['randomNumber']);
}
sendPixel(url, data['gtmOnSuccess'], data['gtmOnFailure']);