This PR updates the implementation of the calculate function in calculator.js to improve security by avoiding the use of the eval function. Instead of eval, the Function function is now used to evaluate mathematical expressions more safely.
Changes made
Replaced the use of eval with the Function function to evaluate mathematical expressions.
The result is converted to a string before being displayed in the result-display.
Errors are handled more explicitly, displaying 'Error' in case of an exception.
Context
This change addresses security related to the use of eval. By making this change, we improved the robustness and security of the code, while maintaining the expected functionality of the calculator.
Functionality Check
Testing has been performed to ensure that calculator functionality is not adversely affected and that changing the calculate function works as expected.
Description
This PR updates the implementation of the
calculate
function incalculator.js
to improve security by avoiding the use of theeval
function. Instead ofeval
, theFunction
function is now used to evaluate mathematical expressions more safely.Changes made
eval
with theFunction
function to evaluate mathematical expressions.result-display
.Context
This change addresses security related to the use of
eval
. By making this change, we improved the robustness and security of the code, while maintaining the expected functionality of the calculator.Functionality Check
Testing has been performed to ensure that calculator functionality is not adversely affected and that changing the
calculate
function works as expected.https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/eval