3108alternatives to eval for user-supplied functions
- Jan 29, 2013I need to support user-supplied math functions. Are there any good alternatives to using eval, or, more likely, the Function constructor?
I could write js code to evaluate js expression parse trees, though I suspect the performance wouldn't be acceptable.
It looks like ADsafe is a bit like this (running 3rd party code safely), but I don't really understand ADsafe usage. Are you expected to run jslint on a server, before serving the js to the browser? If so, that doesn't help. I could run jslint in the browser, but then wouldn't I still need to eval the code if it passed? In that case I can use something simpler and much more restrictive than jslint.