Some of the important features of the NoEval - Disable Eval() addon are listed below. This is followed by an overview of this addon. This summary contains few words about the addon, its function, and its features. Next is FAQ, this section is useful to get information about how this addon works in your browser. If you couldn’t find a specific answer, please fill the bug report form on this page or the contact form on the homepage to let us know about your question. Following the FAQ, is the bug report form. It is designed to collect user feedbacks and bugs about this addon. Users can suggest improvements or feature requests through this form too. The next section is for submitting comments about this addon which uses the Facebook comments plugin. The last section is dedicated to reports submitted through the GitHub website. We hope the information provided on this page, could help you get all the basics you need about this addon and enable you to have a better experience with NoEval - Disable Eval().
In short, NoEval - Disable Eval() is a lite addon that let you easily disable eval and similar methods (i.e. new Function(), setTimeout() and setInterval()).
4 Reasons to Use NoEval - Disable Eval()
Has toolbar popup with few buttons including a test page.
The addon is always active and cannot be disabled.
A lite addon with minimal RAM and CPU usage.
Available for Firefox, Chrome and Opera browsers on all operating systems.
Frequently Asked Questions
1. What is NoEval?
This addon lets you easily block window.eval() and other similar methods in your browser. These methods, if used improperly, can be harmful and cause XSS attacks on some websites, therefore it is always a good idea to block or limit the functionality of them. According to this page, eval is a dangerous function as it can execute any code that passes to it with the privilege of the caller. Other similar methods such as - new Function() - can have the same shortcoming if used improperly. Moreover, window.setTimeout() and window.setInterval() when the input argument is of type - String - can also be harmful and have the same security issue as eval. NoEval addon can disable all these 4 methods and potentially improve your online security. Please note that, due to security issues and the nature of this addon, it does not have an ON/OFF switch or a whitelisting feature.
2. How can I work with this addon?
Simply add the addon to your browser and start browsing the internet. This addon is always active and can not be disabled via toolbar popup. However, you can always disable the addon via the extensions page in your browser. Please note that, because eval and other similar methods are disabled when this addon is inactive, some websites may have errors or problems when loading. So please disable the addon temporarily when visiting those websites or use other browsing tools for visiting specific websites that have problem with this addon.
3. How can I download the source code for NoEval - Disable Eval()?
To download the source code for this extension from Chrome Web Store, it is recommended to use Extension Source Downloader. With this addon, you can download the source code as a ZIP or CRX format to your machine. If you want to download the source code from the Firefox addons store, please open the firefox download link (if available) in the Firefox browser and then right-click on the - Add to Firefox - button and select - Save Link As... - item. Choose the destination folder on your machine and then save the file in XPI format. You can then rename the XPI format to a RAR or ZIP file. Some extensions may have a GitHub repo address, which you can use to download the source code as well. But, it may not be the latest version of the addon. Therefore, downloading the source code from the official web stores is the best option as it always gives you the latest version of the addon.
4. What happens when a website dangerously uses eval?
When a website uses eval and similar methods (mentioned above) dangerously, it may cause XSS attacks in your browser. Cross-site scripting or XSS is a type of security vulnerability that happens when attackers inject malicious script into webpages and execute them via eval if the website is using it improperly. Therefore it is very important to take care of these kinds of vulnerabilities and eliminate them as much as possible. One way to tackle this problem is to limit or completely disable these methods, this is what this addon does. Of course, some websites may have problems loading when this addon is active but on the other hand, it can potentially improve your online security when you are surfing the internet. Please read this article about cross-site scripting to get more info about XSS attacks.
5. Can I whitelist a website in this addon?
No, unfortunately currently there is no way to whitelist a website with this addon. When the add-on is active, eval and similar methods are blocked in all websites.
6. How can I turn the add-on ON or OFF?
No, unfortunately, due to the nature of this addon, it does not support an ON/OFF feature.
7. Does this addon has any options or settings to adjust?
No, this addon has no settings or options to adjust. All the controls are available in toolbar popup UI.
8. Should I keep the addon active all the time?
Yes, it is recommended to keep the addon active as long as you have no problem when browsing. In case a certain website is not loading properly, please disable the addon from the extensions page in your browser. Once you are done browsing, please activate the addon again.
Your feedback goes a long way towards making this addon even better. With this bug report form, you can submit bugs or suggest enhancements for the functionality or performance of this addon. Please note, this bug report form will be sent to the developer(s) of this addon. You will not get an immediate or personal response at the moment. However, the developer(s) may contact you through the email address provided in this form for further clarifications or requesting additional information regarding the reported bug(s).
Reviews | Discussions
Please note: keep these reviews/discussions clean, and avoid the usage of derogatory or inappropriate language or terminology in references to individuals or groups based on race, national or ethnic origin, color, religion, age, gender, etc. Do not submit bugs in your reviews, use the above bug-report section instead. Also, never post any personal information in these reviews.