Eval: run a code string
The built-in eval function allows to execute a string of code.
let code = 'alert("Hello")'; eval(code); // Hello
A string of code may be long, contain line breaks, function declarations, variables and so on.
The result of eval is the result of the last statement.
let value = eval('1+1'); alert(value); // 2
let value = eval('let i = 0; ++i'); alert(value); // 1
The eval’ed code is executed in the current lexical environment, so it can see outer variables:
It can change outer variables as well:
let x = 5; eval("x = 10"); alert(x); // 10, value modified
In strict mode, eval has its own lexical environment. So functions and variables, declared inside eval, are not visible outside:
// reminder: 'use strict' is enabled in runnable examples by default eval("let x = 5; function f() <>"); alert(typeof x); // undefined (no such variable) // function f is also not visible
Without use strict , eval doesn’t have its own lexical environment, so we would see x and f outside.
Using “eval”
In modern programming eval is used very sparingly. It’s often said that “eval is evil”.
The reason is simple: long, long time ago JavaScript was a much weaker language, many things could only be done with eval . But that time passed a decade ago.
Right now, there’s almost no reason to use eval . If someone is using it, there’s a good chance they can replace it with a modern language construct or a JavaScript Module.
Please note that its ability to access outer variables has side-effects.
Code minifiers (tools used before JS gets to production, to compress it) rename local variables into shorter ones (like a , b etc) to make the code smaller. That’s usually safe, but not if eval is used, as local variables may be accessed from eval’ed code string. So minifiers don’t do that renaming for all variables potentially visible from eval . That negatively affects code compression ratio.
Using outer local variables inside eval is also considered a bad programming practice, as it makes maintaining the code more difficult.
There are two ways how to be totally safe from such problems.
If eval’ed code doesn’t use outer variables, please call eval as window.eval(. ) :
This way the code is executed in the global scope:
Eval: выполнение строки кода
Встроенная функция eval позволяет выполнять строку кода.
let code = 'alert("Привет")'; eval(code); // Привет
Строка кода может быть большой, содержать переводы строк, объявления функций, переменные и т.п.
Результатом eval будет результат выполнения последней инструкции.
let value = eval('1+1'); alert(value); // 2
let value = eval('let i = 0; ++i'); alert(value); // 1
Код в eval выполняется в текущем лексическом окружении, поэтому ему доступны внешние переменные:
Значения внешних переменных можно изменять:
let x = 5; eval("x = 10"); alert(x); // 10, значение изменено
В строгом режиме у eval имеется своё лексическое окружение. Поэтому функции и переменные, объявленные внутри eval , нельзя увидеть снаружи:
// напоминание: режим 'use strict' включён по умолчанию во всех исполняемых примерах eval("let x = 5; function f() <>"); alert(typeof x); // undefined (нет такой переменной) // функция f тоже невидима
Без use strict у eval не будет отдельного лексического окружения, поэтому x и f будут видны из внешнего кода.
Использование «eval»
В современной разработке на JavaScript eval используется весьма редко. Есть даже известное выражение – «eval is evil» («eval – это зло»).
Причина такого отношения достаточно проста: давным-давно JavaScript был не очень развитым языком, и многие вещи можно было сделать только с помощью eval . Но та эпоха закончилась более десяти лет назад.
На данный момент нет никаких причин, чтобы продолжать использовать eval . Если кто-то всё ещё делает это, то очень вероятно, что они легко смогут заменить eval более современными конструкциями или JavaScript-модулями.
Пожалуйста, имейте в виду, что код в eval способен получать доступ к внешним переменным, и это может иметь побочные эффекты.
Минификаторы кода (инструменты, используемые для сжатия JS-кода перед тем, как отправить его конечным пользователям) заменяют локальные переменные на другие с более короткими именами для оптимизации. Обычно это безопасная манипуляция, но не тогда, когда в коде используется eval , так как код из eval может изменять значения локальных переменных. Поэтому минификаторы не трогают имена переменных, которые могут быть доступны из eval . Это ухудшает степень сжатия кода.
Использование внутри eval локальных переменных из внешнего кода считается плохим решением, так как это усложняет задачу по поддержке такого кода.
Существует два пути, как гарантированно избежать подобных проблем.
Если код внутри eval не использует внешние переменные, то вызывайте его так – window.eval(. ) :
В этом случае код выполняется в глобальной области видимости:
Java script eval function
This section introduces the Java Scripting API and describes how the Java Scripting API (defined by JSR 223) is used to embed scripts in your Java applications. It also provides a number of examples with Java classes, which demonstrate the features of the Java Scripting API.
The Nashorn engine is deprecated in JDK 11 in preparation for removal in a future release.
The JavaScript Package
The Java Scripting API consists of classes and interfaces from the javax.script package. It is a relatively small and simple package with the ScriptEngineManager class as the starting point. A ScriptEngineManager object can discover script engines through the JAR file service discovery mechanism, and instantiate ScriptEngine objects that interpret scripts written in a specific scripting language.
The Nashorn engine is the default ECMAScript (JavaScript) engine bundled with the Java SE Development Kit (JDK). The Nashorn engine was developed fully in Java by Oracle as part of an OpenJDK project, Project Nashorn.
Although Nashorn is the default ECMAScript engine used by the Java Scripting API, you can use any script engine compliant with JSR 223, or you can implement your own. This document does not cover the implementation of script engines compliant with JSR 223, but at the most basic level, you must implement the javax.script.ScriptEngine and javax.script.ScriptEngineFactory interfaces. The abstract class javax.script.AbstractScriptEngine provides useful defaults for a few methods in the ScriptEngine interface.
How to Use the Java Scripting API to Embed Scripts
To use the Java Scripting API:
- Create a ScriptEngineManager object.
- Get a ScriptEngine object from the manager.
- Evaluate the script using the script engine’s eval() method.
Java Scripting API Examples with Java Classes
The following examples show you how to use the Java Scripting API in Java. To keep the examples simple, exceptions are not handled. However, there are checked and runtime exceptions thrown by the Java Scripting API, and they should be properly handled. In every example, an instance of the ScriptEngineManager class is used to request the Nashorn engine (an object of the ScriptEngine class) using the getEngineByName() method. If the engine with the specified name is not present, null is returned. For more information about using the Nashorn engine, see the Nashorn User’s Guide .
Each ScriptEngine object has its own variable scope; see Using Multiple Scopes.
In this example, the eval() method is called on the script engine instance to execute JavaScript code from a String object.
import javax.script.*; public class EvalScript < public static void main(String[] args) throws Exception < ScriptEngineManager manager = new ScriptEngineManager(); ScriptEngine engine = manager.getEngineByName("nashorn"); // evaluate JavaScript code engine.eval("print('Hello, World')"); >>
In this example, the eval() method takes in a FileReader object that reads JavaScript code from a file named script.js . By wrapping various input stream objects as readers, it is possible to execute scripts from files, URLs, and other resources.
import javax.script.*; public class EvalFile < public static void main(String[] args) throws Exception < ScriptEngineManager manager = new ScriptEngineManager(); ScriptEngine engine = manager.getEngineByName("nashorn"); // evaluate JavaScript code engine.eval(new java.io.FileReader("script.js")); >>
Exposing a Java Object as a Global Variable
In this example, a File object is created and exposed to the engine as a global variable named file using the put() method. Then the eval() method is called with JavaScript code that accesses the variable and calls the getAbsolutePath() method.
The syntax to access fields and call methods of Java objects exposed as variables depends on the scripting language. This example uses JavaScript syntax, which is similar to Java.
import javax.script.*; import java.io.*; public class ScriptVars < public static void main(String[] args) throws Exception < ScriptEngineManager manager = new ScriptEngineManager(); ScriptEngine engine = manager.getEngineByName("nashorn"); // create File object File f = new File("test.txt"); // expose File object as a global variable to the engine engine.put("file", f); // evaluate JavaScript code and access the variable engine.eval("print(file.getAbsolutePath())"); >>
Invoking a Script Function
In this example, the eval() method is called with JavaScript code that defines a function with one parameter. Then, an Invocable object is created and its invokeFunction() method is used to invoke the function.
Not all script engines implement the Invocable interface. This example uses the Nashorn engine, which can invoke functions in scripts that have previously been evaluated by this engine.
import javax.script.*; public class InvokeScriptFunction < public static void main(String[] args) throws Exception < ScriptEngineManager manager = new ScriptEngineManager(); ScriptEngine engine = manager.getEngineByName("nashorn"); // evaluate JavaScript code that defines a function with one parameter engine.eval("function hello(name) < print('Hello, ' + name) >"); // create an Invocable object by casting the script engine object Invocable inv = (Invocable) engine; // invoke the function named "hello" with "Scripting!" as the argument inv.invokeFunction("hello", "Scripting!"); > >
Invoking a Script Object’s Method
In this example, the eval() method is called with JavaScript code that defines an object with a method. This object is then exposed from the script to the Java application using the script engine’s get() method. Then, an Invocable object is created, and its invokeMethod() method is used to invoke the method defined for the script object.
Not all script engines implement the Invocable interface. This example uses the Nashorn engine, which can invoke methods in scripts that have previously been evaluated by this engine.
import javax.script.*; public class InvokeScriptMethod < public static void main(String[] args) throws Exception < ScriptEngineManager manager = new ScriptEngineManager(); ScriptEngine engine = manager.getEngineByName("nashorn"); // evaluate JavaScript code that defines an object with one method engine.eval("var obj = new Object()"); engine.eval("obj.hello = function(name) < print('Hello, ' + name) >"); // expose object defined in the script to the Java application Object obj = engine.get("obj"); // create an Invocable object by casting the script engine object Invocable inv = (Invocable) engine; // invoke the method named "hello" on the object defined in the script // with "Script Method!" as the argument inv.invokeMethod(obj, "hello", "Script Method!"); > >
Implementing a Java Interface with Script Functions
In this example, the eval() method is called with JavaScript code that defines a function. Then, an Invocable object is created, and its getInterface() method is used to create a Runnable interface object. The methods of the interface are implemented by script functions with matching names (in this case, the run() function is used to implement the run() method in the interface object). Finally, a new thread is started that runs the script function.
import javax.script.*; public class ImplementRunnable < public static void main(String[] args) throws Exception < ScriptEngineManager manager = new ScriptEngineManager(); ScriptEngine engine = manager.getEngineByName("nashorn"); // evaluate JavaScript code that defines a function with one parameter engine.eval("function run() < print('run() function called') >"); // create an Invocable object by casting the script engine object Invocable inv = (Invocable) engine; // get Runnable interface object Runnable r = inv.getInterface(Runnable.class); // start a new thread that runs the script Thread th = new Thread(r); th.start(); th.join(); > >
Implementing a Java Interface with the Script Object’s Methods
In this example, the eval() method is called with JavaScript code that defines an object with a method. This object is then exposed from the script to the Java application using the script engine’s get() method. Then, an Invocable object is created, and its getInterface() method is used to create a Runnable interface object. The methods of the interface are implemented by the script object’s methods with matching names (in this case, the run method of the obj object is used to implement the run() method in the interface object). Finally, a new thread is started that runs the script object’s method.
import javax.script.*; public class ImplementRunnableObject < public static void main(String[] args) throws Exception < ScriptEngineManager manager = new ScriptEngineManager(); ScriptEngine engine = manager.getEngineByName("nashorn"); // evaluate JavaScript code that defines a function with one parameter engine.eval("var obj = new Object()") engine.eval("obj.run = function() < print('obj.run() method called') >"); // expose object defined in the script to the Java application Object obj = engine.get("obj"); // create an Invocable object by casting the script engine object Invocable inv = (Invocable) engine; // get Runnable interface object Runnable r = inv.getInterface(obj, Runnable.class); // start a new thread that runs the script Thread th = new Thread(r); th.start(); th.join(); > >
In this example, the script engine’s put() method is used to set the variable x to a String object hello . Then, the eval() method is used to print the variable in the default scope. Then, a different script context is defined, and its scope is used to set the same variable to a different value (a String object world ). Finally, the variable is printed in the new script context that displays a different value.
A single scope is an instance of the javax.script.Bindings interface. This interface is derived from the java.util.Map interface. A scope is a set of name and value pairs where the name is a non-empty, non-null String object. The javax.script.ScriptContext interface supports multiple scopes with associated Bindings for each scope. By default, every script engine has a default script context. The default script context has at least one scope represented by the static field ENGINE_SCOPE . Various scopes supported by a script context are available through the getScopes() method.
import javax.script.*; public class MultipleScopes < public static void main(String[] args) throws Exception < ScriptEngineManager manager = new ScriptEngineManager(); ScriptEngine engine = manager.getEngineByName("nashorn"); // set global variable engine.put("x","hello"); // evaluate JavaScript code that prints the variable (x = "hello") engine.eval("print(x)"); // define a different script context ScriptContext newContext = new SimpleScriptContext(); newContext.setBindings(engine.createBindings(), ScriptContext.ENGINE_SCOPE); Bindings engineScope = newContext.getBindings(ScriptContext.ENGINE_SCOPE); // set the variable to a different value in another scope engineScope.put("x", "world"); // evaluate the same code but in a different script context (x = "world") engine.eval("print(x)", newContext);