JavaScript Eval

In this chapter, you will see how a JavaScript built-ineval() function works. Normally, it is used for evaluating a JavaScript code, which is represented as a string.

The syntax of the eval() function is the following:

let result = eval(code);

For a better perception, you can check out the following example:

Javascript eval function
let code = 'console.log("Welcome to W3Docs")'; eval(code); // Welcome to W3Docs

Eval is considered a function property of the global object.

As a rule, the eval() function’s argument is a string. In case the latter presents an expression, eval()will evaluate it. In case an argument presents one and more statements, then eval()will evaluate the statements.

You shouldn’t call this function for evaluating an arithmetic expression, as JavaScript evaluates them automatically. In the cases when the argument is not a string, eval() will return the argument unchanged. Here is an example:

Javascript eval function
console.log(eval(new String('1 + 2'))); // returns a String object containing "1 + 2" console.log(eval('1 + 2')); // returns 3

Such a limitation can be worked around with the help of toString() like this:

Javascript eval function with toString method
let exp = new String('1 + 2'); console.log(eval(exp.toString())); // returns 3

Generally, eval’s result is equivalent to the result of the last statement. It is demonstrated below:

Javascript eval function
let value1 = eval('1+2'); console.log(value1); // 3 let value2 = eval('let i = 1; ++i'); console.log(value2); // 2

In case the code is executed within the current lexical environment, outer variables can be seen by it:

Javascript eval function outer variables
let val = 1; function fn() { let val = 10; eval('console.log(val)'); // 10 } fn();

In addition, those variables can be modified by it:

Javascript eval function
let x = 10; eval("x = 20"); console.log(x); // 10, value modified

Eval has its own lexical environment in the strict mode. So, no one can see the functions and variables, declared in it:

Javascript eval function
//'use strict' is enabled in runnable examples by default eval("let x = 10; function fn() {}"); console.log(typeof x); // undefined, no such variable // function fn is not visible

Be Careful with Eval!

It is essential to note that eval() is quite a dangerous function. That’s why in modern programming the phrase “eval is evil” is so actual. So, using it is a bad practice for a programmer.

In case you run it with a string, which may be impacted by a malicious party, it can lead to malicious code on the user’s device with the permissions of your page or extensions.

Luckily, in modern JavaScript, there is an opportunity to replace it with JavaScript Module or other modern language constructs.

Practice Your Knowledge

What does the eval() function in JavaScript do?

Quiz Time: Test Your Skills!

Ready to challenge what you've learned? Dive into our interactive quizzes for a deeper understanding and a fun way to reinforce your knowledge.

Do you find this helpful?