Sonar Plugins

Rule: Avoid usage of eval

Details

  • Type: New Feature New Feature
  • Status: Closed Closed
  • Priority: Major Major
  • Resolution: Fixed
  • Affects Version/s: None
  • Fix Version/s: JAVASCRIPT-1.0
  • Component/s: JavaScript
  • Labels:
    None
  • Number of attachments :
    0

Issue Links

depends upon

New Feature - A new feature of the product, which has yet to be developed. SONARPLUGINS-1788 Provide JavaScript rule engine based on SSLR

  • Major - Major loss of function.
  • Closed - The issue is considered finished, the resolution is correct. Issues which are not closed can be reopened.

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Freddy Mallet added a comment - - edited

Works well Evgeny.

Could you just update the description as follows :

<p>The eval() function in javascript is a way to run arbitrary code at run-time. In almost all cases, eval should never be used. If it exists in your page, there is almost always a more correct way to accomplish what you are doing.

The rule is, "Eval is evil." Don't use it unless you are an experienced developer and know that your case is an exception.</p>

<p>
The following code snippet illustrates this rule :
</p>

<pre>
var myCode = 'alert("Howdy?");';
eval(myCode);     //NOK
</pre>
Show
Freddy Mallet added a comment - - edited Works well Evgeny. Could you just update the description as follows : <p>The eval() function in javascript is a way to run arbitrary code at run-time. In almost all cases, eval should never be used. If it exists in your page, there is almost always a more correct way to accomplish what you are doing. The rule is, "Eval is evil." Don't use it unless you are an experienced developer and know that your case is an exception.</p> <p> The following code snippet illustrates this rule : </p> <pre> var myCode = 'alert("Howdy?");'; eval(myCode); //NOK </pre>
Hide
Permalink
Evgeny Mandrikov added a comment -

Done.

Show
Evgeny Mandrikov added a comment - Done.
Hide
Permalink
Freddy Mallet added a comment -

Manually tested !

Show
Freddy Mallet added a comment - Manually tested !

People

  • Assignee:
    Evgeny Mandrikov
    Reporter:
    Evgeny Mandrikov
Vote (0)
Watch (0)

Dates

  • Created:
    Updated:
    Resolved: