如何在javascript中覆盖eval函数？

Question

For example:

(function() {
      var proxied = window.eval;
      window.eval = function() {
        return proxied.apply(this, arguments);
      };
    })();

But this code is not working.

Answer 1

eval is magic. Unlike a 'real' function, it can read and write local variables in the caller:

function foo() {
    var a= 1;
    eval('a+= 1');
    alert(a); // 2
}

Replace that eval with a proxied function and you've got a problem: the a+= 1 executes in the scope of the proxied function instead of foo . Depending on what's happening in the evaled code that could cause values to go missing, damage to the proxy's local, accidental globals, and so on.

It is, therefore, impossible to replace eval with a fully-working proxy. (For simple cases which don't need the locals, you can kind of get away with it.)

Answer 2

You can't. (There is a limited way of doing it, but it's quite limited and doesn't maintain the magic that bobince talks about .)

eval isn't a real JavaScript function in at least one major implementation (IE's JScript, at least not through IE7; haven't tested the new IE8 version), so right off the bat you're going to run into trouble, because you won't be able to call the original via apply (not that that really matters for eval ).

The recent ECMAScript 5 specification specifically disallows overriding eval in strict mode (not that you're using strict mode there), which makes me suspect that there are very good reasons for not overriding it.

Answer 3

Although not portable, the following approach works in some places where it otherwise wouldn't (as it satisfies ES5's requirements that A) it be retrieved as a Reference in a MemberExpression, not a Value and B) it results in the 'standard builtin function.' — ES5 #15.1.2)

(function() {
  var proxied = window.eval
  with({get eval(){ console.log('eval called'); return proxied }}) {
    /* client code */
  }
})()

This obviously only applies if you can wrap the client code in a with() statement; though in many situations, that shouldn't be hard. Obviously, the same approach can shadow window with another object with all of its' properties, and a getter-proxied eval .

Environments that don't support SpiderMonkey's get statement, may be able to use ES5's defineProperty . Look into that yourself.

Answer 4

I tried this in FireFox 3.6.2 and it appears to work.

I typed this directly in the FireBug command line:

var proxied = eval;
eval = function() { alert("ha"); return proxied.apply(this, arguments);};
eval(7);

Answer 5

Maybe I didn't understand the question correctly, but I "override" eval() by creating a myEval() function that has the original eval() inside it and execute addition steps in myEval() .

function myEval = function(value){
    //do your stuff here
    //for example
    try {
        value = eval(value)
    } catch (error) {
        console.log(error)
        value = NaN
    }
    return value
}

Answer 6

Not only should you not do this, but I also think you probably can't. First, eval is a global function, and as such is not a member of window (as you tried above). Secondly as a global function it is highly likely that it is hard-wired into the VM and can't be overwritten.