Skip to content

Commit a9169ec

Browse files
vouillonvouillon
committed
Runtime: improve eval functions
- Use indirect eval (faster and avoid variable captures) - Put expressions within parentheses to allow arbitrary expressions without confusion with statements. Add a `"use strict"` directive since this is not inherited from the enclosing function with indirect eval.
1 parent 27c593b commit a9169ec

File tree

1 file changed

+11
-4
lines changed

1 file changed

+11
-4
lines changed

runtime/js/jslib.js

Lines changed: 11 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -280,7 +280,7 @@ function caml_js_var(x) {
280280
//console.error("Js.Unsafe.eval_string")
281281
}
282282
// biome-ignore lint/security/noGlobalEval:
283-
return eval(x);
283+
return eval?.(x);
284284
}
285285
//Provides: caml_js_call (const, mutable, shallow)
286286
//Requires: caml_js_from_array
@@ -478,24 +478,31 @@ function caml_js_strict_equals(x, y) {
478478
//Provides: caml_js_eval_string (const)
479479
//Requires: caml_jsstring_of_string
480480
function caml_js_eval_string(s) {
481+
// Uses an indirect eval through the optional chaining operator.
482+
// (see https://mdn.dev/docs/Web/JavaScript/Reference/Global_Objects/eval)
483+
// This is faster and avoid variable captures.
484+
// Also prepends `"use strict"` directive since this is not inherited
485+
// from the enclosing function with an indirect eval.
481486
// biome-ignore lint/security/noGlobalEval:
482-
return eval(caml_jsstring_of_string(s));
487+
return eval?.('"use strict";' + caml_jsstring_of_string(s));
483488
}
484489

485490
//Provides: caml_js_expr (const)
486491
//Requires: caml_jsstring_of_string
487492
function caml_js_expr(s) {
488493
console.error("caml_js_expr: fallback to runtime evaluation\n");
494+
// We add parentheses to avoid the ambiguity between expressions
495+
// and statements.
489496
// biome-ignore lint/security/noGlobalEval:
490-
return eval(caml_jsstring_of_string(s));
497+
return eval?.('"use strict";(' + caml_jsstring_of_string(s) + ")");
491498
}
492499

493500
//Provides: caml_pure_js_expr const (const)
494501
//Requires: caml_jsstring_of_string
495502
function caml_pure_js_expr(s) {
496503
console.error("caml_pure_js_expr: fallback to runtime evaluation\n");
497504
// biome-ignore lint/security/noGlobalEval:
498-
return eval(caml_jsstring_of_string(s));
505+
return eval?.('"use strict";(' + caml_jsstring_of_string(s) + ")");
499506
}
500507

501508
//Provides: caml_js_object (object_literal)

0 commit comments

Comments
 (0)