Uncaught error when evaluating improper level formula, causing the page to break

[SKevo18]

flarum-custom-levels/js/src/forum/components/LevelBar.js

Line 33 in 3e700da

while (n < eval(levelFormula.replace('[level]', n))) {

The use of eval here is unsafe (XSS, etc.). The evaluation will fail if the formula is not defined properly, causing the page to break. I recommend that you apply error handling to this part of the code, ensure that all the inputs contain the necessary variables that need to be replaced, or even better, not use raw eval at all (although I understand that finding a suitable replacement without introducing too much complexity to the existing code is not ideal).

[FoskyM]

Okay. I'll try to handle the error if available. And adding a verification for the formula input seems to be a good choice as well?

This extension was first made for myself. Though I know that eval is unsafe actually, but as you said, I can't find a suitable alternative until now.

Thanks!

[SKevo18]

Thank you for your response, I understand :)
Decided to report this, as couple of users occasionally run into this issue at FreeFlarum and don't know what to do because their forum breaks for no apparent reason (so some error handling would definitely be nice so that the page may continue loading)