HomeIdentityEngineeringContact
Back to All Projects
MAJOR06 / 10

Online Compiler

Multi-language cloud code execution sandbox with admin monitoring dashboard, regex-based security scanning, and real-time WebSocket output streaming.

FlaskWebSocketNode.jsPythonDockerRegex
View Source
Solo Project
10+
Languages Supported
Real-time
WebSocket Streaming
Admin
Monitoring Dashboard
Regex
Security Scanning
// Problem Statement

The Challenge

Existing online compilers batch-process code and return output only after completion. They lack real-time streaming, admin observability, and security isolation for educational environments.

  • No real-time output — users wait for full execution before seeing any output
  • No admin monitoring — no way to see what code is being executed across the platform
  • Security risk — users can run harmful system commands (rm -rf, fork bombs, network access)
  • No system usage visibility — no CPU/memory monitoring for resource-heavy executions
// My Approach

Engineering Thinking

Built a two-application system: the compiler frontend/backend for code execution, and a separate admin dashboard for monitoring all executions, system resources, and security alerts.

The security layer uses regex pattern matching to detect harmful code patterns before execution — system calls, filesystem operations, network access, and infinite loop patterns. Flagged code is blocked and logged for admin review.

Supports all text-based languages (Python, C, C++, Java, Go, Rust, etc.) and HTML/CSS/JS for web preview. UI-based frameworks like Flutter, Swift, React are excluded since they need build toolchains beyond simple compilation.

CHOSEN

Separate admin dashboard + compiler

Decoupled monitoring from execution. Admin sees all sessions, resource usage, and security flags in real-time.

CHOSEN

Regex pre-execution security scan

Pattern-match dangerous code before it runs. Block system calls, fork bombs, and network access attempts.

// Technical Deep-Dive

Key Systems

Multi-Language Execution Engine

  • 10+ languages: Python, C, C++, Java, Go, Rust, JS, etc.
  • HTML/CSS/JS web preview with sandboxed iframe
  • Phase-based execution: Init → Compile → Execute → Done
  • Memory/timeout limits per execution session

Admin Monitoring Dashboard

  • Real-time view of all active execution sessions
  • CPU and RAM usage monitoring per process
  • Security alert feed with flagged code snippets
  • Force-terminate capability for runaway processes

Regex Security Scanner

  • Pre-execution pattern matching for dangerous code
  • Detects: system(), exec(), rm, fork bombs, network calls
  • Flagged code blocked + logged for admin review
  • Language-specific rule sets for each supported language

WebSocket Streaming

  • Persistent WebSocket per session
  • stdout/stderr streamed line-by-line in real-time
  • Execution phase updates pushed to frontend
  • Admin dashboard receives all streams simultaneously
// Challenges & Failures

What Broke & What I Learned

Challenge 01
Regex Can't Catch Everything
Regex-based security scanning catches known patterns, but obfuscated code can bypass it — base64 encoded system calls, dynamic imports, and eval() chains. Had to layer regex with process-level sandboxing (restricted filesystem + network) for defense in depth.
Lesson: Static analysis is necessary but not sufficient. Always combine with runtime isolation for true security.
Challenge 02
WebSocket Scaling with Concurrent Users
Each code execution opens a persistent WebSocket connection. With multiple concurrent users, the server had to manage dozens of streams simultaneously while keeping admin dashboard updated in real-time. Required careful connection pooling and message routing.
Lesson: WebSocket servers need explicit connection lifecycle management. Unlike HTTP, connections persist and consume resources continuously.
// Results & Impact

What It Achieved

Outcome
10+ Language Support
Full compilation and execution for all major text-based programming languages plus HTML/CSS/JS web preview.
Outcome
Dual Application Architecture
Separate admin monitoring dashboard with real-time visibility into all code executions, system resources, and security alerts.
Outcome
Security-First Design
Multi-layer security: regex pre-scan + sandboxed execution + resource limits + admin force-terminate.
// Demo & Evidence

Screenshots

Online compiler code editor
Code Editor — Multi-Language Execution
*Note: These images are generated by AI, the images will be replaced new very soon
Admin monitoring dashboard
Admin Dashboard — Execution Monitoring & Security Alerts
*Note: These images are generated by AI, the images will be replaced new very soon
Previous
TruFleet Next
Student ERP