BlockEditor will soon support inputting JavaScript block definitions into the UI via the "Manual JavaScript" setting, but currently the code is eval()ed to realize the preview block. Replace the raw eval() usage with JS-Interpreter to avoid running arbitrary code in the app.
BlockEditor will soon support inputting JavaScript block definitions into the UI via the "Manual JavaScript" setting, but currently the code is
eval()ed to realize the preview block. Replace the raweval()usage with JS-Interpreter to avoid running arbitrary code in the app.See original bug in https://github.com/google/blockly/issues/1269.