Eval, literal eval, safe eval

Thaddee Tyl thaddee.tyl at gmail.com
Mon Dec 1 01:16:32 PST 2014

Michał: Thanks for pointing this out. Strict mode doesn't quite work
like I expected it to. I wonder if anything can be done for that
Function('')() behaviour. (Weirdly, I was able to fix the function(){
this.a } behaviour.)

Additionally, this technique, at least for now, cannot be applied to
the global object: it leads to strange errors like
'NS_ERROR_NOT_AVAILABLE: prompt aborted by user' emanating from
nsPrompter.js in Firefox. It does work fine in Chrome, although
everything on the page gets reset, the page gets redrawn, even the
devtools seem to reload. Also, running a simple `Function('1+1')()`
results in a weird "TypeError: object is not a function", which is
odd, considering that `Function instanceof Function` is true. (That
said, `Function.name` returns 'Object'.)

Florian: it turns out that the Chrome DevTools did eventually rely on
a more robust sandbox, not sure when. A simple ([]).__proto__.push
reset used to suffice.

More information about the es-discuss mailing list