New course! Every coder should learn Generative AI!

Try a free lesson

+ 7

Why eval() is evil?

I just saw a youtube content about the eval() function and read some stuffs about eval() in google. I can see eval() is pretty useful to use evaluate strings to js code. But they say that using eval() is "evil" and dangerous and I don't get it why.

javascript eval

7th Nov 2019, 6:11 AM

Nootnoot

5 Answers

+ 8

Eval is considered risky and harmful. It is slow, and can contain malicious code like infinite loops, XSS(cross site scripting) attacks etc. It should be never used or only in very specific secured applications. Personally I disable it in Content-Security-Policy(CSP) so it is not possible to use it. https://en.wikipedia.org/wiki/Content_Security_Policy

7th Nov 2019, 6:47 AM

Michal Straka

+ 4

https://www.sololearn.com/post/97586/?ref=app https://code.sololearn.com/WKKkpq0efxai/?ref=app

7th Nov 2019, 8:49 AM

Gordon

+ 4

https://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html

21st Jan 2020, 3:53 PM

Janusz Bujak 🇵🇱 🇺🇦

+ 2

Michal Straka Mirielle🐶 [Inactive] thank youuu uwu. maybe i should disable that

7th Nov 2019, 8:51 AM

Nootnoot

+ 2

Mirielle🐶 [Inactive] oh. i thought it can be disabled. But thanks again uwu

7th Nov 2019, 10:48 AM

Nootnoot

Hot today

Can someone please help me with this python code?

2 Votes

Strange narrowing conversion error from FLTK Color to Color Struct, Stroustrup's header Graph.h

0 Votes

[SOLVED] What problem in this program..?

2 Votes

I need help with beginner level of python

0 Votes

Effects on HTML and JavaScript

0 Votes

Encryption and Decryption

1 Votes

no se cual es la respuesta de esta

0 Votes

Izzy the iguana

0 Votes

Any good alternative to do this

2 Votes

Can anyone help me with this?

0 Votes