admin管理员组文章数量:1202597
Using JSlint to validate my javascript.
I am getting an error saying eval is evil! Why is this and is there an alternative I can use?
Here is an example of where I am using eval and would like a workaround for it.
I have an array like this:
var Resources = {
message_1: 'Message 1',
message_2: 'Message 2',
message_3: 'Message 3',
message_4: 'Message 4'
};
I have a function (functionResult) that returns a number, either 1, 2, 3 or 4. So what I want to do in the following line of code is get the Resource in the array that there message ends in the result of my function.
$('#divPresenter').html(eval($.validator.format('Resources.message_{0}', functionResult)));
Any ideas how I could remove eval and replace with something else?
Using JSlint to validate my javascript.
I am getting an error saying eval is evil! Why is this and is there an alternative I can use?
Here is an example of where I am using eval and would like a workaround for it.
I have an array like this:
var Resources = {
message_1: 'Message 1',
message_2: 'Message 2',
message_3: 'Message 3',
message_4: 'Message 4'
};
I have a function (functionResult) that returns a number, either 1, 2, 3 or 4. So what I want to do in the following line of code is get the Resource in the array that there message ends in the result of my function.
$('#divPresenter').html(eval($.validator.format('Resources.message_{0}', functionResult)));
Any ideas how I could remove eval and replace with something else?
Share Improve this question edited Oct 25, 2010 at 0:57 amateur asked Oct 20, 2010 at 23:31 amateuramateur 44.6k71 gold badges196 silver badges324 bronze badges 2 |6 Answers
Reset to default 9Instead of:
eval($.validator.format('Resources.message_{0}', functionResult))
just use:
Resources["message_" + functionResult]
All objects in JavaScript are really associative arrays (aka hashes), and the dot syntax (a.b) is just syntactic sugar for looking something up in the hash (a['b']). So you don't need eval at all; just build the key as a string, and look up your value using that key.
Link
In the majority of cases, eval is used like a sledgehammer swatting a fly -- it gets the job done, but with too much power. It's slow, it's unwieldy, and tends to magnify the damage when you make a mistake.
It's evil because it lets you execute a string as code, and who knows where that string came from or what it contains.
And yes, 99.9% of the time, there are better alternatives (what exactly these are depends on what you're using eval for). The remaining 0.1% of the time, you really have no choice but to use eval, and in such cases, you need to be extremely cautious.
JS Lint incorporates what Douglas Crockford considers to be the best practices for JavaScript. One of the functions he strongly discourages the use of is eval. I believe he considers it to be slow and insecure.
There could be many potential alternatives, depending on the code in question. If you'd like to post the section of your code which uses eval, we can give more specific advice.
If you are trying to use eval to turn strings into JSON objects, perhaps try a JSON parser lib (I've never used it but it looks reasonable).
I'm not entirely clear on what you're doing, but it looks like
$('#divPresenter').html(eval($.validator.format('Resources.message_{0}', functionResult)));
can be written as
$('#divPresenter').html(Resources["message_" + functionResult]);
本文标签: javascripteval is evil issueStack Overflow
版权声明:本文标题:javascript - eval is evil issue - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1738655149a2105097.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
eval? – Peter Ajtai Commented Oct 20, 2010 at 23:34