Ben, thank you so much for replying, and I'm sorry it took so long. Your explanation was very helpful!
On Sunday, May 5, 2013 5:32:52 AM UTC-4, Ben Noordhuis wrote: > > On Sun, May 5, 2013 at 9:04 AM, Andrew Petersen > <[email protected]<javascript:>> > wrote: > > If I do in REPL: > > > > ```` > >> f = Function('a', 'b', 'c', 'd', 'e', "console.log('what what')") > > [Function] > >> f.toString() > > 'function anonymous(a,b,c,d,e\n/**/) {\nconsole.log(\'what what\')\n}' > > ```` > > > > Notice how the function arguments have an extra /**/ in them? Not sure > where > > this is coming from, but it broke a few (admittedly fragile) tests of > mine. > > Is this change going to stick for sure in 0.11, or only temporary? Is > there > > anymore info as to why this is happening? > > > > This happens in the REPL or in plain code, and does not occur in 0.6, > 0.8, > > or 0.10. > > It's because of [1] and [2]. It's hardening against arbitrary code > execution from inside the Function constructor: > > $ v0.10/node -e 'Function("", "});console.log(\"OWNED\");(function(){")' > OWNED > > $ master/node -e 'Function("", > "});console.log(\"OWNED\");(function(){")' > undefined:4 > }) > ^ > SyntaxError: Parse error > at Function (<anonymous>) > > > I'm not sure if the change in the toString() output should be > considered a regression; I believe the spec only mandates that the > result can be evaluated with eval(). Please open a V8 issue if you > feel strongly about it. :-) > > [1] https://code.google.com/p/v8/issues/detail?id=2470 > [2] https://github.com/v8/v8/blob/762ba9c/src/v8natives.js#L1707-1713 > -- -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
