Open In App

JavaScript eval() Function

Last Updated : 05 Mar, 2024
Improve
Improve
Like Article
Like
Save
Share
Report

The eval() method in JavaScript evaluates or executes its argument. If the argument is an expression, it evaluates the expression. If it’s one or more JavaScript statements, eval() executes the statements.

Note:

eval(): This function was used to evaluate a string as JavaScript code, but it is now considered deprecated because it can introduce security vulnerabilities and is often unnecessary.

Example

Input : eval(new String('2 + 2'));
Output: returns a String object containing "2 + 2"

Input : eval(new String('4 + 4'));
Output: returns a String object containing "4 + 4"

eval() Function Syntax

eval(string);

eval() Function Parameters

This function accepts a single parameter as mentioned above and described below:

  • String: A string representing a JavaScript expression, statement, or sequence of statements. The expression can include variables and properties of existing objects.

Return Value of eval() Function

The completion value of evaluating the given code is returned by using eval(). If the completion value is empty, undefined is returned.

Direct and indirect eval 

Direct eval: It’s called by the eval identifier directly.

Indirect eval: It’s invoked via another property, such as window.eval() or when using setTimeout, setInterval, or the Function constructor.

Direct and indirect eval Example:

Here’s an example demonstrating both direct and indirect eval() functions in JavaScript:

Javascript




// Direct eval
let directEvalResult = eval("2 + 2");
console.log("Direct eval result:", directEvalResult);
 
// Indirect eval
let indirectEval = "eval";
let indirectEvalResult = window[indirectEval]("3 + 3");
console.log("Indirect eval result:", indirectEvalResult);


Output:

Direct eval result: 4
Indirect eval result: 6

Explanation:

In the direct eval() call, the expression "2 + 2" is directly evaluated, resulting in 4. In the indirect eval(), the expression "3 + 3" is evaluated after accessing the eval function through the window object, also resulting in 6.

eval() Function Example:

Below is an example of eval().

Javascript




// JavaScript to illustrate eval() function
function func() {
 
    // Original string
    let a = 4;
    let b = 4;
 
    // Finding the multiplication
    let value = eval(new String(a * b));
    console.log(value);
}
// Driver code
func();


Output

[String: '16']


Explanation:

The `func` function defines variables `a` and `b`, both set to `4`. It then uses `eval()` to evaluate the multiplication expression of `a` and `b`, converting the result to a string. The output will be `16`, as `4 * 4 = 16`. This demonstrates using `eval()` for dynamic code execution.

eval() Function Example:

Below is an example of eval().

Javascript




// JavaScript to illustrate eval() function
function func() {
 
    // Original string
    let a = 2;
    let b = 2;
 
    // Finding the sum
    let value = eval(new String(a + b));
    console.log(value);
}
// Driver Code
func();


Output

[String: '4']


Explanation:

The func function defines variables a and b, both set to 2. It then uses eval() to evaluate the summation expression of a and b, converting the result to a string. The output will be 4, as 2 + 2 = 4. This demonstrates using eval() for dynamic code execution.

eval() Function Example

Below is an example of eval().

Javascript




// JavaScript to illustrate eval() function
function func() {
 
    // Original string
    let a
    let b
 
    // Finding the Summation
    let value = eval(new String(a + b));
    console.log(value);
}
// Driver code
func();


Output

[String: 'NaN']


Explanation:

The func function defines two variables a and b. Then, it uses eval() to evaluate the summation expression of a and b. However, there’s a mistake as a and b are undefined, resulting in a runtime error. This code illustrates using eval() for dynamic code execution.

DO NOT USE eval()

  1. Security Risk: Evaluated code poses security vulnerabilities.
  2. Performance Impact: Slows down execution due to runtime parsing.
  3. Readability: Decreases code readability and maintainability.
  4. Strict Mode Compatibility: Not allowed in strict mode.
  5. Alternatives: Safer alternatives are available for dynamic code execution.

We have a complete list of Javascript Function methods, to check those please go through this Javascript Function Complete reference article.

Supported Browsers:



Like Article
Suggest improvement
Previous
Next
Share your thoughts in the comments

Similar Reads