Created
August 17, 2011 20:58
-
-
Save jrburke/1152608 to your computer and use it in GitHub Desktop.
(null,eval)('')
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //Came across this in the es-discuss list, on the "clean scope" thread: | |
| https://mail.mozilla.org/pipermail/es-discuss/2011-August/thread.html#16294 | |
| //I do not understand what the "null," part buys. | |
| //Has to do something with scope(?), but at least in Firebug, | |
| //I can see foo inside the string being evaled. | |
| var foo = 'foo'; | |
| (null,eval)('(function(){console.log(foo);}())'); | |
| //Prints "foo" in Firebug console. |
+1 for @kangax's definitive source on global eval.
http://perfectionkills.com/global-eval-what-are-the-options/#indirect_eval_call_theory
ah... i learn something new everyday ... :)
so its about whether the reference is named or not
eval() would execute in local scope, but any other reference to eval would execute in global scope
the following execute in a global scope
- (null, eval)('')
- (x=eval)('')
- var x=eval; x('')
- var eval=window.eval; eval('')
- window.eval('')
- eval.call(window,'')
edit: and i found this http://perfectionkills.com/global-eval-what-are-the-options/#indirect_eval_call_examples :)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It's absolutely about eval, not about browser quirks. When you write
or even
it's specified in the standard to be a "direct eval" which has access to the local scope. But when you write
it's an "indirect eval," which is evaluated in the global scope.
The null isn't particularly special; it would also work to replace the null with 42 or /someregex/ or "this is a srsly weird language feature".
Dave