如何重写javascript中的eval函数?
例如:
(function() {
var proxied = window.eval;
window.eval = function() {
return proxied.apply(this, arguments);
};
})();
但是这段代码不起作用。
For example:
(function() {
var proxied = window.eval;
window.eval = function() {
return proxied.apply(this, arguments);
};
})();
But this code is not working.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(6)
eval很神奇。与“真实”函数不同,它可以在调用者中读取和写入局部变量:将
eval替换为代理函数,您就会遇到问题:a+= 1> 在proxied函数而不是foo的范围内执行。根据评估代码中发生的情况,可能会导致值丢失、代理本地损坏、意外全局变量等等。因此,不可能用完全工作的代理替换
eval。 (对于不需要当地人的简单情况,你可以侥幸逃脱。)evalis magic. Unlike a ‘real’ function, it can read and write local variables in the caller:Replace that
evalwith a proxied function and you've got a problem: thea+= 1executes in the scope of theproxiedfunction instead offoo. Depending on what's happening in the evaled code that could cause values to go missing, damage to the proxy's local, accidental globals, and so on.It is, therefore, impossible to replace
evalwith a fully-working proxy. (For simple cases which don't need the locals, you can kind of get away with it.)你不能。 (有一种有限的方法来做到这一点,但它非常有限,并且不能保持bobince 谈论。)
eval至少在一个主要实现中不是真正的 JavaScript 函数(IE 的 JScript,至少不是通过 IE7;还没有测试新的 IE8 版本),所以马上你就会遇到麻烦,因为你将无法通过apply 调用原始版本(这对于 eval 来说并不重要)。最近的 ECMAScript 5 规范明确禁止在严格模式下重写 eval(并不是说您在那里使用严格模式),这让我怀疑有非常充分的理由不这样做覆盖它。
You can't. (There is a limited way of doing it, but it's quite limited and doesn't maintain the magic that bobince talks about.)
evalisn't a real JavaScript function in at least one major implementation (IE's JScript, at least not through IE7; haven't tested the new IE8 version), so right off the bat you're going to run into trouble, because you won't be able to call the original viaapply(not that that really matters foreval).The recent ECMAScript 5 specification specifically disallows overriding
evalin strict mode (not that you're using strict mode there), which makes me suspect that there are very good reasons for not overriding it.虽然不可移植,但以下方法在某些地方可以工作,否则无法工作(因为它满足 ES5 的要求,A)它作为 MemberExpression 中的引用而不是值进行检索,B)它会产生“标准内置函数” .' — ES5 #15.1.2)
这显然仅适用于您可以包装客户端代码的情况在 with() 语句中;尽管在很多情况下,这应该不难。显然,同样的方法可以用另一个对象及其所有属性和 getter 代理的
eval来隐藏window。不支持SpiderMonkey的
get语句的环境也许能够使用ES5的defineProperty。你自己看看吧。Although not portable, the following approach works in some places where it otherwise wouldn't (as it satisfies ES5's requirements that A) it be retrieved as a Reference in a MemberExpression, not a Value and B) it results in the ‘standard builtin function.’ — ES5 #15.1.2)
This obviously only applies if you can wrap the client code in a with() statement; though in many situations, that shouldn't be hard. Obviously, the same approach can shadow
windowwith another object with all of its' properties, and a getter-proxiedeval.Environments that don't support SpiderMonkey's
getstatement, may be able to use ES5'sdefineProperty. Look into that yourself.我在 FireFox 3.6.2 中尝试过,它似乎有效。
我直接在 FireBug 命令行中输入:
I tried this in FireFox 3.6.2 and it appears to work.
I typed this directly in the FireBug command line:
也许我没有正确理解这个问题,但我通过创建一个具有原始
eval()< 的myEval()函数来“覆盖”eval()/code> 并执行myEval()中的附加步骤。Maybe I didn't understand the question correctly, but I "override"
eval()by creating amyEval()function that has the originaleval()inside it and execute addition steps inmyEval().你不仅不应该这样做,而且我认为你可能也不能这样做。首先, eval 是一个全局函数,因此不是 window 的成员(正如您上面尝试的那样)。其次,作为一个全局函数,它很可能被硬连接到虚拟机中并且无法被覆盖。
Not only should you not do this, but I also think you probably can't. First, eval is a global function, and as such is not a member of window (as you tried above). Secondly as a global function it is highly likely that it is hard-wired into the VM and can't be overwritten.