Broad Network

Miscellaneous Insecurities and Prevention in ECMAScript

ECMAScript Insecurities and Prevention – Part 6

ECMAScript 6

Foreword: In this part of the series, I talk about Miscellaneous Insecurities and Prevention.

By: Chrysanthus Date Published: 16 Jul 2016


This is part 6 of my series, ECMAScript Insecurities and Prevention. The word, miscellaneous, means features that do not really fit into a particular category. In this part of the series, I talk about Miscellaneous Insecurities and Prevention. You should have read the previous parts of the series before coming here, as this is a continuation.

Regular Expression
ECMAScript’s regular expression can rather easily consume large amounts of both time and memory if the regular expression may match in several ways. Careful crafting of the regular expressions can help but quite often there really is not much you can do.

The eval Function
The syntax for the eval() function is:


where x is a non-string literal or a string (quotes) consisting of one or more statements separated by semicolons.

If x has input at runtime, then any unsafe code can be injected.

Whether a file is an operating system file (command) or a different user’s file, do not use any file you do not trust as input to your program. Validate input from any file you do not trust.

First Preventive Measure
The first preventive measure to take for any program is not to give any user or group that you do not trust, write permission. If you do that, they can rewrite your program for you to their advantage.

That is it for this part of the series.


Related Links

ECMAScript Basics
ECMAScript Operators
Expressions in ECMAScript
Statements in ECMAScript
Custom Objects in ECMAScript
Functions in ECMAScript
ECMAScript Date Object
The ECMAScript String Object
ECMAScript String Regular Expressions
ECMAScript Template Literal
The ECMAScript Array
ECMAScript Sets and Maps
ECMAScript Number
Scopes in ECMAScript
Mastering the ECMAScript (JavaScript) eval Function
Sending Email with ECMAScript
ECMAScript Insecurities and Prevention
Advanced Course
Advanced ECMAScript Regular Expressions
Promise in ECMAScript 2015
Generator in ECMAScript 2015
ECMAScript Module
More Related Links
Node Mailsend
Node.js Web Development Course
Major in Website Design
Low Level Programming - Writing ECMAScript Module
ECMAScript Course



Become the Writer's Follower
Send the Writer a Message