将字符串更改为 javascript 中的函数（不是 eval）

Question

var foo = "function (){ alert('meee'); }";
foo();

I have tried the above but it does not work is there any other way to execute that function without using eval?

thnx

Answer 1

you want to use the Function constructor directly, as Anders said. All arguments are strings. The last argument is the body of the function, any leading arguments are the names of the arguments the function takes.

To borrow from Anders' example,

var multiply = new Function("x", "y", "return x * y");

would be like writing

var multiply = function (x,y) {
  return x * y
}

In your case, you have "function (){ alert('meee'); }" and you want to save it as a function to var foo .

var fn = "function (){ alert('meee'); }";
var foo = new Function("return ("+fn+")")();
foo();
// alerts "meee"

The difference between Function and eval is eval runs in the private scope, while Function runs in the global scope.

var x="haha", y="hehe";

function test () {
  var x=15, y=34;
  eval("alert('eval: ' + x + ', ' + y)");
  new Function("alert('Func: ' + x + ', ' + y)")();
} 

test();

// eval: 15, 34
// Func: haha, hehe

Don't try to run it in the console, you'll get a deceiving result (consoles use eval ). Writing it in a <script> tag and loading it in the browser will give the true result.

Answer 2

According to MDC . Use:

var multiply = new Function("x", "y", "return x * y");
var theAnswer = multiply(7, 6);

Answer 3

不是我所知道的......可能有更好的方法来做你想做的事情，而不会让自己容易受到脚本注入攻击，这种攻击不涉及将javascript作为字符串传递。

Answer 4

example js code in string

 var theInstructions = "function sm(){ alert('meee'); } sm()"; var F=new Function (theInstructions); F.apply(null)