Skip to content
This repository has been archived by the owner on Dec 10, 2022. It is now read-only.

BlockEditor: Replace eval() with JS-Interpreter #278

Open
AnmAtAnm opened this issue Oct 7, 2017 · 0 comments
Open

BlockEditor: Replace eval() with JS-Interpreter #278

AnmAtAnm opened this issue Oct 7, 2017 · 0 comments
Labels
low priority type: code cleanup

Comments

@AnmAtAnm
Copy link
Contributor

AnmAtAnm commented Oct 7, 2017

BlockEditor will soon support inputting JavaScript block definitions into the UI via the "Manual JavaScript" setting, but currently the code is eval()ed to realize the preview block. Replace the raw eval() usage with JS-Interpreter to avoid running arbitrary code in the app.

See original bug in google/blockly#1269.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
low priority type: code cleanup
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@AnmAtAnm