7 replies

Is there any way to allow for eval() on a worker?

I understand that there are serious security issues with using eval() as a general rule. My problem is that I'm using a library called

serialize-javascript

serialize-javascript

to be able to stringify structures beyond what JSON.stringify(). Specifically, serialize-javascript allows for serializing dates, maps, sets, functions, regex and bigint. However, it doesn't provide any deserialize method, and simple states to use eval(). Which works perfectly well and has for years... but trying to port my db wrapper to a worker-supported version has cause me a fair share of grief.

I would rather not remove functionality from my module due to this limitation, though I do understand that the distinction is that the context of running in a worker means we're not only dependendent on the user's system and security, but yours.

Cloudflare Developers•3y ago•

7 replies

<Alterion.Dev>

Is there any way to allow for eval() on a worker?

I understand that there are serious security issues with using eval() as a general rule. My problem is that I'm using a library called

serialize-javascript

serialize-javascript

Is there any way to allow for eval() on a worker?

Similar Threads

Is there any way to allow for eval() on a worker?

Similar Threads

Similar Threads

Similar Threads