use safer indirect eval

2024-12-03 11:25:16 -08:00 · 2024-12-03 11:25:16 -08:00 · 8ff81537f2
commit 8ff81537f2
parent 027670c21c
1 changed files with 1 additions and 1 deletions
--- a/reflex/.templates/web/utils/state.js
+++ b/reflex/.templates/web/utils/state.js
@ -214,7 +214,7 @@ export const applyEvent = async (event, socket) => {
    a.href = event.payload.url;
    // Special case when linking to uploaded files
    if (a.href.includes("getBackendURL(env.UPLOAD)")) {
-      a.href = eval(
+      a.href = eval?.(
        event.payload.url.replace(
          "getBackendURL(env.UPLOAD)",
          `"${getBackendURL(env.UPLOAD)}"`