var jsonStr="{name:'abc',age:20}";
var jsonObject = (new Function( "return " + jsonStr ) )() ;
console.log(jsonObject);
For further actions, you may consider blocking this person and/or reporting abuse
The Next Generation Developer Platform
Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.
Read next
How to set an authorization bearer token in Postman?
Velan<> -
This is How All Good React Developers Structure Their State.
daniel ukuhor -
🎄 Instant Local Translation with Chrome 🌐
Gen -
Daily JavaScript Challenge #JS-70: Find Missing Letter in Alphabet Sequence
DPC -
Top comments (4)
JSON.parse would yield a syntax error in this example, because jsonStr is not acutally JSON, since JSON requires double quotes for string, and requires the keys to be in string form as well.
But what is much more grave, this function is prone to script injection.
`
yes. this code is also used for script injection.
I have checked jquery parseJSON method in jquery library in 1.x version. It also uses this technique to parse json..
Just to be perfectly clear: script injection is not a feature, it is a security vurnerabilty. And that jQuery, in an apparently rather old version, did this in its days, is no excuse to repeat the mistake in 2018.
right and what would be the best way to do that since JSON.parse doesn't work because it has a function?
I ask that because I have a very similar scenario.