What’s the better practice: eval or append script?
eval of the string or I could just append it in a
script-tag to the DOM. Which method would be better?
var dynamicScript="alert(\"Hello world!\');';
Method 1 – Script:
Method 2 – Eval:
What method is better and why? Or is there an ever better alternative?
eval, because it’s generally faster than creating a script tag, and appending it (especially if you wanted to create and insert it using jQuery).
Side note (useful application of a script tag) I also use the script-tag-insertion method: In Google Chrome’s extensions, injecting script-tags is the only way to run code in the scope of a page, because the
window object is sandboxed.
PS. Notion of
jQuery.getScript(). This method might be useful.
Neither method is really that good for what you’re doing. Your AJAX call should be returning data not serialized scripts. Both of your methods open you up to script injection.
eval should be avioded at all costs. It’s slow and dangerous, eval is evil
If the ajax call is returning html with script tags, you can use $.load() to import the script.
The DOM is affected in a different way. Even if the behaviour is transient, the script will be added to the DOM, whereas it would disappear after an XMLHttpRequest callback eval’d it.