Does Knockout JS use eval()?
1,069 views
Skip to first unread message
aaronc...@gmail.com
Jun 12, 2013, 11:43:12 PM6/12/13
to knock...@googlegroups.com
Seems completely obvious that it should, but I searched the source code, and I can't find one reference to eval(). How is that possible? Just curious.
Randy Crews
Jun 13, 2013, 9:58:19 AM6/13/13
to knock...@googlegroups.com, aaronc...@gmail.com
I can't speak for the authors but my assumption would be that it is not there because eval() can introduce opportunities for injection, is less readable, makes debugging difficult and some sites even block the eval() function from executing which could cause problems as well. I have read blogs as well where eval() causes code to execute slower when used for string evaluation over code evaluation. As I said I am taking a guess as why it may not be used so I may be completely wrong.
-cheers
-cheers
rpn
Jun 13, 2013, 10:13:57 AM6/13/13
to knock...@googlegroups.com, aaronc...@gmail.com
Knockout does use a Function constructor as described here: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Function, which is similar to using eval. This is strictly used as part of parsing and evaluating the string in a data-bind attribute.
aaronc...@gmail.com
Jun 13, 2013, 10:16:08 AM6/13/13
to knock...@googlegroups.com, aaronc...@gmail.com
Wow. That's great. I never knew such a thing existed, and it makes perfect sense now. Does anyone know how this method compares to straight eval()? Is it more secure? More efficient?
Michael Best
Jun 13, 2013, 3:38:50 PM6/13/13
to knock...@googlegroups.com, aaronc...@gmail.com
Here's some info on the topic.
Michael Best
Jun 13, 2013, 3:39:00 PM6/13/13
to knock...@googlegroups.com, aaronc...@gmail.com
Sorry here's the link: http://stackoverflow.com/questions/4599857/is-eval-and-new-function-the-same-thing
Reply all
Reply to author
Forward
0 new messages