`delete eval` and `delete Function`; effects on JS injection attacks

159 views Asked by At

I discovered today that you can delete eval and delete Function in JavaScript.

Is this an effective measure of hindering the kind of JS injection attacks relying on obfuscated code?

Are there significant downsides (i.e., breaking popular libraries that utilize these but possibly shouldn't)?

It certainly doesn't stop the effects of someone inserting a script tag on your page, but it might make it much more difficult to get that script tag inserted?

0

There are 0 answers