Why do people say that javascript eval() is evil but you get no objections against setTimeout and setInterval etc?
-
28-09-2019 - |
Pergunta
if I am not mistaken eval executes valid code in a given string
eval("alert('hey')");
and
setTimeout("alert('hey')",1000);
does just about the same thing, only with a timer. is set timeout just as risky as eval?
Solução
I'd say you hear the same objections. setTimeout (with string and not function parameters) is pretty much the same as eval.
If possible,
setTimeout(function(){ alert ("hey") ; }, 1000);
Outras dicas
Because when people say "eval", they mean "eval and any function that is more or less equivalent to eval", but the former is much shorter to say. So the answer to your question is yes, it is as risky.
Licenciado em: CC-BY-SA com atribuição
Não afiliado a StackOverflow