JavaScript Evaluating JavaScript

Help us to keep this website almost Ad Free! It takes only 10 seconds of your time:
> Step 1: Go view our video on YouTube: EF Core Bulk Insert
> Step 2: And Like the video. BONUS: You can also share it!

Introduction

In JavaScript, the eval function evaluates a string as if it were JavaScript code. The return value is the result of the evaluated string, e.g. eval('2 + 2') returns 4.

eval is available in the global scope. The lexical scope of the evaluation is the local scope unless invoked indirectly (e.g. var geval = eval; geval(s);).

The use of eval is strongly discouraged. See the Remarks section for details.

Syntax

  • eval(string);

Parameters

ParameterDetails
stringThe JavaScript to be evaluated.

Remarks

The use of eval is strongly discouraged; in many scenarios it presents a security vulnerability.

eval() is a dangerous function, which executes the code it's passed with the privileges of the caller. If you run eval() with a string that could be affected by a malicious party, you may end up running malicious code on the user's machine with the permissions of your webpage / extension. More importantly, third party code can see the scope in which eval() was invoked, which can lead to possible attacks in ways to which the similar Function is not susceptible.

MDN JavaScript Reference

Additionally:



Got any JavaScript Question?