Source Code:
(back to article)
Submit
Result:
Report an issue
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>eval() Security Risk Example</title> </head> <body> <div> <p>Hit 'Run Code' button!</p> <input type="text" id="userInput" placeholder="Enter code" value="alert('Hacked!')"> <!-- User input field --> <button onclick="evaluateUserInput()">Run Code</button> <!-- Button to run code --> </div> <div id="userInputResult"></div> <!-- Element to display result --> <script> function evaluateUserInput() { const input = document.getElementById('userInput').value; // Get user input try { const result = eval(input); // Evaluate the user input document.getElementById('userInputResult').textContent = `Result: ${result}`; // Display the result } catch (e) { document.getElementById('userInputResult').textContent = 'Error in evaluation'; // Handle evaluation error } } </script> </body> </html>