-- Marcos Caceres On Tuesday, October 18, 2011 at 9:22 AM, Gerd Wagner wrote: > > > > But there are also some use cases where it is needed, and it would be a pitty if this powerful feature would be dropped from JS (which would decrease its dynamic character). > > eval() can't ever be removed from the Web Platform, as it's a core component and too much content would break. Do you have a pointer to where a browser maker has stated they intend to remove support for it? > > > Yes, in FF 7.0.1 and FF 8.0 beta the flag security.csp.enable, which is true by default, prevents the execution of eval statements (leading to a security exception). Strange, it works for me in both FF 7.0.1 and FF 8.0 beta (no security exception) http://jsfiddle.net/vnsVz/3/ Do you have code of it failing and a link to where Mozilla made such an announcement?Received on Tuesday, 18 October 2011 13:48:25 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:50:27 UTC