Writing methods that should be prohibited in native JS

Block-level functions
Directly modify the prototype of the object
with
callee
caller
eval

Block-level functions

Strict mode should be prohibited before ES6. Available since ES6, the scope of a function is the block in which it is declared. This should be disabled in non-strict mode.

if(true) {
    function test() { //Block-level function console.log(1);
    }
}
test();

Directly modify the prototype of the object

The browser optimizes the prototype and plans the memory location for the object's method in advance before calling the instance. Therefore, the prototype cannot be modified directly. The following two methods should be prohibited

Use Object.setPrototypeOf to modify the prototype

function a(){}
a.prototype = {
  a_prop: "a val"
};
function b(){}
var proto = {
  b_prop: "b val"
};
Object.setPrototypeOf(
  proto, a.prototype
);
b.prototype = proto;
var test = new b;
console.log(test.a_prop); // a val
console.log(test.b_prop); // b val

Directly modify the object's __proto__ attribute

function a(){}
a.prototype = {
  a_prop: "a val"
};
function b(){}
var proto = {
  b_prop: "b val",
  __proto__: a.prototype //directly modify the __prototype__ attribute of object b};
b.prototype = proto;
var test = new b;
console.log(test.a_prop); // a val
console.log(test.b_prop); // b val

with

Usage of with:

var a = {
    p1: 1,
    p2: 2
}
with (a) {
    p1 = 3;
}
console.log(a.p1);

The use of with should be prohibited, for example:

function a(arg1, arg2) {
  with (arg2){
    console.log(arg1); // Can't determine whether to output the first parameter or the arg1 property of arg2}
}
var arg2 = {arg1:1}
a("arg1", arg2)

callee

arguments.callee represents the currently executing function:

function a(arg1) {
    if (arg1 > 1) {
        return arg1 * arguments.callee(arg1 - 1);
    }
    else {
        return 1;
    }
}
console.log(a(3)); // 6

When a function must call itself, use arguments.callee() instead and call the function directly by its name.

function a(arg1) {
    if (arg1 > 1) {
        return arg1 * a(arg1 - 1); // Call directly by function name}
    else {
        return 1;
    }
}
console.log(a(3)); // 6

caller

caller represents the caller of the function and should not be used. This feature is not standard.

function a() {
    console.log(a.caller); // function b() { a(); }
}
function b() {
    a();
}
b();

eval

eval() can execute the passed string parameter as JavaScript code.

eval("var a = 1, b = 2; console.log(a+b)"); // 3

Use of eval is prohibited. Eval is slower than normal JavaScript execution because browsers optimize JavaScript. The eval method is also unsafe because it executes code with the same permissions as the caller, and its scope is exposed when eval() is called. Function should be used instead:

var a = new Function("a", "b", "console.log(a+b)")
a(1,2); // 3

The above is the detailed content of the writing methods that should be prohibited in native JS. For more information about the writing methods that should be prohibited in native JS, please pay attention to other related articles on 123WORDPRESS.COM!

You may also be interested in:

How to write memory-efficient applications with Node.js
A brief discussion on the execution efficiency of js regular literals // and new RegExp
JavaScript checks the code running efficiency console.time() and console.timeEnd() usage
How to improve JavaScript loading and execution efficiency
Several ways to write for loops in JavaScript and their efficiency summary
Efficiency test of several methods for deduplication of JavaScript arrays
How to efficiently remove duplicate items in js array
In-depth exploration of the efficiency issues and related optimizations of for loops in JavaScript
Three methods of determining whether JavaScript is an array and their efficiency comparison

<<: How to solve the mysql ERROR 1045 (28000)-- Access denied for user problem

>>: Nginx configuration cross-domain request Access-Control-Allow-Origin * detailed explanation

About the VMware vcenter unauthorized arbitrary file upload vulnerability (CVE-2021-21972)

Writing methods that should be prohibited in native JS

Table of contents

Block-level functions

Directly modify the prototype of the object

with

callee

caller

eval

About the VMware vcenter unauthorized arbitrary file upload vulnerability (CVE-2021-21972)

Pure CSS to solve the ceiling and bottom suction in H5 layout implementation steps

Tutorial on installing Pycharm and Ipython on Ubuntu 16.04/18.04

Detailed tutorial on installing mysql 8.0.13 (rpm) on Centos7

CSS -webkit-box-orient: vertical property lost after compilation

Discussion on CSS style priority and cascading order

How to use Docker Swarm to build WordPress

Web Design Tutorial (7): Improving Web Design Efficiency

Solve the mysql user deletion bug

Detailed explanation of transactions and indexes in MySQL database

Recommend

MySQL 5.5.27 winx64 installation and configuration method graphic tutorial

Detailed explanation of MySQL trigger trigger example

How to support Webdings fonts in Firefox

How to install MySQL for beginners (proven effective)

MySQL startup error 1067 and invalid recovery after changing character set and restarting

Use Element+vue to implement start and end time limits

How to draw special graphics in CSS

A brief discussion on several situations where adding indexes to MySQL does not take effect

Example of using rem to replace px in vue project

MySQL case when group by example

Solutions to problems related to software package dependency reporting during installation in Linux

Sample code using vue-router in html

MySQL Community Server 8.0.12 installation and configuration method graphic tutorial

Explanation of the precautions for Mysql master-slave replication

Use of MySQL truncate table statement