Permalink
Browse files

Updating eval()'s description

  • Loading branch information...
1 parent 1c59831 commit 134fe7361c5c4508efc6e6cfac4d5071556f176f @ehynds ehynds committed with paulirish Feb 18, 2011
Showing with 18 additions and 0 deletions.
  1. +18 −0 index.html
View
@@ -741,6 +741,24 @@ <h3>JavaScript</h3>
<code><a href="https://developer.mozilla.org/en/JavaScript/Reference/Global_Objects/eval" rel="external">eval</a>()</code>
certainly does not parse a string to determine whether or not it's JavaScript.
</p>
+ <p>
+ W3Schools recently updated their description, but it is still wrong.
+ </p>
+ <blockquote>
+ If the argument is an expression, eval() evaluates the expression. If the argument is one or more JavaScript statements, eval()
+ executes the statements.
+ </blockquote>
+ <p>
+ You do not pass an expression or a JavaScript statement to <code>eval()</code>, but rather a string, which typically
+ represents an expression or statement. The expression/statement represented by the string is executed.
+ </p>
+ <p>
+ If fact, if you do not pass a string to <code>eval()</code>, the argument is returned unchanged.
+ </p>
+ <p>
+ W3Schools irresponsibility fails to educate users on why <code>eval()</code> is a <a href="https://developer.mozilla.org/en/JavaScript/Reference/Global_Objects/eval#section_5">dangerous function to use</a>
+ and is inappropriate for most use cases. Nor is there any mention of safer alternatives.
+ </p>
</li>
<li id="js_statements">

0 comments on commit 134fe73

Please sign in to comment.