String passed to setInterval
or setTimeout
can cause the JavaScript engine to evaluate, which can lead to a security risk. It uses the eval()
function, which evaluates JavaScript code represented as a string and returns its completion value. We recommend that you not pass a string to these methods.