On Aug 21, 5:10 am, Peter van der Zee <[email protected]> wrote: > On Sat, Aug 20, 2011 at 8:22 PM, Nick Morgan <[email protected]> wrote: > > Hi guys > > > Thought I'd share a little toy I just made, to see what you thought: > > ... > > It gives you access to the value of private vars via a safe eval. > > Thought it might come in useful for testing occasionally. I'm not > > suggesting using it in production code, just thought it was a nice > > idea :) So, what do you think? > > Personally I'd never use a construct like this. Just expose private > variables as you go.
Yes. > Using eval is dangerous, How? Will it burn your house down? Seriously, using eval in this case is no worse than a user having access to the javascript pseudo-protocol in the address bar, or running a Greasemonkey script, or Firebug. The security issues of eval (if that's what "dangerous" means) are often grossly overstated. > especially because I > don't quite see the point of the regex. That doesn't make it dangerous, just unclear (to you). -- Rob -- To view archived discussions from the original JSMentors Mailman list: http://www.mail-archive.com/[email protected]/ To search via a non-Google archive, visit here: http://www.mail-archive.com/[email protected]/ To unsubscribe from this group, send email to [email protected]
