Monday, September 9, 2013

Why should not use eval in Javascript

- Open up code for injection attack
- Hard to deubg

Code example:
<script>
eval("x=10;y=20;document.write(x*y)");
document.write("<br>" + eval("2+2"));
document.write("<br>" + eval(x+17));
</script>
Reference:
http://stackoverflow.com/questions/86513/why-is-using-the-javascript-eval-function-a-bad-idea


at 1:14 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)