Thanks,
There is an option to allow/disallow some aspects of the language, and you can provide the local variables you want to the expression. Claude From: Jordan Harband <[email protected]> Sent: Tuesday, June 19, 2018 10:59 PM To: doodad-js Admin <[email protected]> Cc: es-discuss <[email protected]> Subject: Re: Proposal: safeEval What value does this add, when you can already do `function safeEval(...args) { return Function(...args)(); }`, or similar? On Tue, Jun 19, 2018 at 7:29 PM, doodad-js Admin <[email protected] <mailto:[email protected]> > wrote: Hi, I take a chance to valorize “eval” again by proposing “safeEval”. function safeEval(expression, [locals], [options]) { ...... }; So that you can: safeEval(“1 + a”, {a: 2}); // returns “3” safeEval(“1 + a()”, {a: function() {return 2}}, {allowFunctions: true}); // also returns “3” but: safeEval(“1 + a()”, {a: function() { return 2}}); // throws whatever you want because “allowFunctions” is denied etc. Note that local variables are specified in argument. Also note that “options” mainly gives/denies permissions. I’m not sure if we should be whitelisting or blacklisting features there though, or a mix of default enabled and disabled ones... Very incomplete, but as for inspiration (and very useful to me): https://www.npmjs.com/package/@doodad-js/safeeval Claude <http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient> Virus-free. <http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient> www.avg.com _______________________________________________ es-discuss mailing list [email protected] <mailto:[email protected]> https://mail.mozilla.org/listinfo/es-discuss --- This email has been checked for viruses by AVG. https://www.avg.com
_______________________________________________ es-discuss mailing list [email protected] https://mail.mozilla.org/listinfo/es-discuss
