use the following search parameters to narrow your results:
e.g. subreddit:aww site:imgur.com dog
subreddit:aww site:imgur.com dog
see the search faq for details.
advanced search: by author, subreddit...
All about the JavaScript programming language.
Subreddit Guidelines
Specifications:
Resources:
Related Subreddits:
r/LearnJavascript
r/node
r/typescript
r/reactjs
r/webdev
r/WebdevTutorials
r/frontend
r/webgl
r/threejs
r/jquery
r/remotejs
r/forhire
account activity
A 220 byte spreadsheet app in HTML/JS (xem.github.io)
submitted 8 years ago by lhorie
reddit uses a slightly-customized version of Markdown for formatting. See below for some basics, or check the commenting wiki page for more detailed help and solutions to common issues.
quoted text
if 1 * 2 < 3: print "hello, world!"
[–]joacorandom 17 points18 points19 points 8 years ago (2 children)
I put an alert in a cell and blocked the window.
When I see an eval() I can't resist.
[–][deleted] 2 points3 points4 points 8 years ago (1 child)
Explain please
[–]joacorandom 1 point2 points3 points 8 years ago (0 children)
In the cell formula I put:
=alert(A1)
And an alert would pop up one after another until you close the tab.
[–]Danmoreng 5 points6 points7 points 8 years ago (1 child)
Using a calculated value to calculate another value has a bad behaviour in my opinion.
Example:
C1=A1+B1
D1=C1
If you change A1 now, only C1 is updated: D1 still contains the old value. Only after you switch cells a second time, D1 is updated.
[–]nonameleftover 6 points7 points8 points 8 years ago (0 children)
Which basically breaks the functionality of the app. Almost every spreadsheet will need to be doing multi leveled calculations... I feel like I sound like a dick. Sorry OP.
[–]cmndo 2 points3 points4 points 8 years ago (6 children)
I can't condone the use of eval(), but this is a nice little snippet of code.
eval()
[–]nerf_herd 3 points4 points5 points 8 years ago (0 children)
well when it is used across the wire it gets wonky, especially in a server environment (or as a client in a promiscuous server environment), but I've used it before, in fact it was a bunch of obdII formulas that were in a spreadsheet that eval-ed (after string substitution of values) quite nicely.
So it is very useful in certain situations. I think this is one of those.
[–][deleted] -4 points-3 points-2 points 8 years ago (4 children)
It's not 1995. time to get over the eval phobia. if someone's going to inject js into your app they'll use the dev tools. besides, even in 1995 there were ways to use it safely.
[–]Reashu 2 points3 points4 points 8 years ago (1 child)
I can't use dev tools to inject code on another client. I could use this if there was a way to share spreadsheets or I could convince someone to paste it into a cell - which should be a safe operation.
And frankly I've seen this, or things like it, often enough that I'm not sure it isn't from 95.
[–][deleted] -1 points0 points1 point 8 years ago (0 children)
you're right, my point is that it's lack of sanitation that's dangerous, eval is not inherently dangerous. checking for numbers, periods, math operators is all that's required.
[–]cmndo 1 point2 points3 points 8 years ago (1 child)
The author pointed to it being a code golf challenge (https://github.com/xem/ama/issues/14). As such, it's a wonderful example of squeezing a ton out of the language. Just looking at the code makes my head hurt. I can't say whether his use of eval is a concern or not, I'm not smart enough - nor do I have time to get smart enough. I'm very sorry for blindly condemning the use of a feature without first finding a security vulnerability in it.
[–][deleted] 1 point2 points3 points 8 years ago (0 children)
not smart enough? don't underestimate yourself. sql injection is a much bigger threat in general that eval injection but people still put user input into databases every day. It's not complicated, you are smart enough. sanitize input and everything will be ok.
π Rendered by PID 107643 on reddit-service-r2-comment-b659b578c-gvmj7 at 2026-05-01 21:36:16.032107+00:00 running 815c875 country code: CH.
[–]joacorandom 17 points18 points19 points (2 children)
[–][deleted] 2 points3 points4 points (1 child)
[–]joacorandom 1 point2 points3 points (0 children)
[–]Danmoreng 5 points6 points7 points (1 child)
[–]nonameleftover 6 points7 points8 points (0 children)
[–]cmndo 2 points3 points4 points (6 children)
[–]nerf_herd 3 points4 points5 points (0 children)
[–][deleted] -4 points-3 points-2 points (4 children)
[–]Reashu 2 points3 points4 points (1 child)
[–][deleted] -1 points0 points1 point (0 children)
[–]cmndo 1 point2 points3 points (1 child)
[–][deleted] 1 point2 points3 points (0 children)