Does Retool really have to run all JS queries in a sandbox?

The documentation lists the following reason

If JavaScript ran directly on your page, other people in your org could XSS you. To prevent that, we execute all JavaScript in a separate iframe, on a different domain.

But if someone is part of your Retool account doesn't that mean that you already trust them?

If only certain people are allowed to modify the JS code, won't this be enough?

Hi @vangelov

assuming there aren't security concerns, what is the additional benefits running js within the main app?

You would have access to the DOM API for the actual app.

I.e. you can add event listeners to the document, call any APIs you want and generally be able to implement anything that's possible in a standard web app and is not yet in Retool.

For example: scrolling the window or showing an alert before closing the app.