发表新帖
发表新帖

Security risks of using eval() to execute user input in JavaScript

前端 未结
关注
7 1454
伪装坚强ぢ
伪装坚强ぢ 2020-12-07 02:31

I\'m planning on throwing together a quick web page for my students to teach them about JavaScript programming. On this page, I\'d like to give them a text box and allow the

7条回答
  • 夕颜
    夕颜 (楼主)
    2020-12-07 02:45

    I would recommend you to sandbox all the user input evaling, to prevent the evaluated code to access all of the global (window) object properties and methods.

    Give a look to the following resources:

    • Sandboxing JavaScript Using