3

So I am trying to use a really weird API, the call gets a response of a javascript eval code, this code contains the javascript object which I trimmed in this fashion:

var obj = resp.substring(0, resp.length-9);

Thus getting the object like this:

"{name: "Jon", code: 123, info: [{blah blah}, {blah blah}]}"

This "object" is recognized as a string and I am unable to extract it.

JSON parsing won't works as it is no JSON.

new Object(obj); won't aswell, it outputs the object trimmed by every character.

Any suggestions?

EDIT: 1 So replacing every <"> with a <'> does not solve the problem. Further JSON-parsing the result prints an error at position 1 with unexpected token n at position 1.

Keep trying new things.

Improve this question
5
  • Use obj = eval(obj) Commented May 15, 2018 at 9:34
  • 1
    Yes, this is no JSON. There isn’t really any way other than using eval. Commented May 15, 2018 at 9:34
  • 3
    You probably want to be careful using eval on data returned through the API if at all possible as it leaves you open to code injection Commented May 15, 2018 at 9:36
  • You can write your own "parse" function, this can avoid using eval, which is not safe enough. Commented May 15, 2018 at 9:47
  • I suggest transforming that "object" into json and then use parse. After all that isn't that far from json Commented May 15, 2018 at 9:53

2 Answers 2

Reset to default
1

You really should be cautious about using eval when getting data from an external source.

I'd suggest trying to fix the string to be proper regex instead of calling eval, one way of doing this would be to create a regex which will match the property names and surround them in quotations: 

let a = `{name: "Jon", code: 123, info: [{}, {}]}`;
let obj = JSON.parse(a.replace(/(\w|\d)+(?=\:)/g, "\"$&\""));

console.log(obj)

Obviously this example would need improving if you can expect to see colons inside your object's property values

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

BTW there's no reason to use backticks :D
I suppose, there should be another try {} catch (e) {} that wraps JSON.parse() to handle exceptions if there was not a stringified object. Because, this is a data from an external source :)
@MatíasFidemraizer yeah it was just because of the quotes around Jon, I like to use the back ticks
Yeah Expired Data, also the language I work on uses double and single quotation marks.
1

Eval function invokes many serious security problems in your code. Instead what you can do is, since you got a string, just replace every double quotes(") with a single quote inside the string. And then parse it.

JSON.parse only fails when the javascript parser is not getting a perfect object level string.

Code:

var objStr = "{name: "Jon", code: 123, info: [{blah blah}, {blah blah}]}";
var obj = JSON.parse(objStr.replace(/"/g, "'"));
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.