You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@accumulo.apache.org by "Sean Busbey (JIRA)" <ji...@apache.org> on 2017/02/21 16:06:44 UTC

[jira] [Created] (ACCUMULO-4590) Use JSON.parse instead of eval on client side javascript

Sean Busbey created ACCUMULO-4590:
-------------------------------------

             Summary: Use JSON.parse instead of eval on client side javascript
                 Key: ACCUMULO-4590
                 URL: https://issues.apache.org/jira/browse/ACCUMULO-4590
             Project: Accumulo
          Issue Type: Bug
          Components: monitor
    Affects Versions: 1.8.0, 1.7.2, 1.6.6, 2.0.0
            Reporter: Sean Busbey


Right now we rely on "eval" to decode json results in the monitor display:

[vis.js|
https://github.com/apache/accumulo/blob/master/server/monitor/src/main/resources/web/vis.js#L85]

{code}
function handleNewData() {
  if (xmlhttp.readyState!=4) {
    return;
  }
  if (xmlhttp.status!=200 || xmlhttp.responseText==null) {
    xmlReturned = true;
    return;
  }
  var newstats = eval('(' + xmlhttp.responseText + ')');
{code}

We should instead use JSON.parse



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)