Y
Hacker News
new
|
ask
|
show
|
jobs
by
angry-hacker
3528 days ago
Why doesn't Firefox simply disallow eval? You would get an error in console explaining and that's it.
2 comments
kevingadd
3528 days ago
Lots of perfectly sensible JavaScript code uses eval for things like feature detection and runtime code generation. If you removed eval they'd just use 'new Function' instead, which has most of the same problems.
link
AgentME
3528 days ago
There are legitimate uses of eval. And there are plenty of other ways for extensions to be insecure besides by using eval!
link