js中常用eval()函数将一个字符串当作一个JavaScript表达式一样去执行,但在安全漏洞上是存在隐患的,现找到eval函数的替代方法:
let a = "{custId:'9860131056',custName:'',custAdd:'',}"
const result = eval("(" + a + ")");
console.log(result) //{custId: '9860131056', custName: '', custAdd: ''}
可以用new Function来代替
let a = "{custId:'9860131056',custName:'',custAdd:'',}"
let resultObj = new Function("return " + a)();
console.log(resultObj) // {custId: '9860131056', custName: '', custAdd: ''}