Thursday, April 7, 2011

Another Post about eval() is Evil

Not only eval() is evil, the following functions are something you need to be careful when using it (Basically those four functions are coming from the same family).

eval() // the famous "evil"
Function()
setTimeout()
setInterval()

Please do not use those function to evaluate string. Because everytime when you do that, the javascript needs to evaluate the string, parse it, and then execute using the compiler. And this will cause you a so called "double evaluation penalty" which will slow down your script.(well, of course, you don't need to care if you are just a small website).  And also, using those functions give you access to compiler which could pose security issues.

In short
So stop using eval() and Function() if possible. Well, there is no problem to use setTimeout() and setInterval(), the only catch is, please avoid passing string to these 2 functions.

No comments:

Post a Comment