Is there a difference between single/double quoted strings passed to javascript's eval?

i have a server message sent via 开发者_开发百科web-sockets. that message is a json (validated) string. when it gets to the browser i check that it is a string with typeof(data) and it tells me that it is, in fact, a string. When finally i do var some_obj = eval( '(' + data + ')' ); it gives me an Uncaught SyntaxError: Unexpected token ILLEGAL error.

also, before using eval(), i console.log(data) and it displays correctly, although an alert(data) won't show anything on the dialog.

i can't understand what's happening.

i also tried var myJson = '{ "x": "Hello, World!", "y": [1, 2, 3] }'; and then var myObj = eval( '(' + myJson + ')' ); and it works, so i really can't understand why mine can't be evaluated (parsed).

the string received via web-sockets is this:

received 37 bytes » { "cmd": "setname", "params": "ok" }

where data = { "cmd": "setname", "params": "ok" } (with quotes i suppose, because of typeof(data) being = string).

any tips? thanks

edit1 » with web-sockets, you have to prepend a null char (0 ascii) and append a escape char (255 ascii) to the output string from the server. i assume the client (browser) as it implements web-sockets must deal with this and unwrap the string correctly (as the standard) and as i do in my server. thing is, there might be some escape char left and it doesn't deal with it correctly. but the problem only started when i tried to send json strings to be eval()ed. otherwise they work properly as any other string.

No, there's no difference between " and ' for quoting strings other than that you can use " without escaping it inside a string quoted with ' and vice-versa. But I don't think that (the title of your question) actually has anything to do with the problem you're having.

Re your edit, if you want to ensure that there are no characters with the value 0 or 255 in the string, you can do that like this:

data = data.replace(/[\u0000\u00ff]/g, '');

...before passing it to eval. And it sounds like you might want to do that, since your thing is saying it's received 37 bytes but the string is only 36 characters long and doesn't use any characters requiring two bytes (or perhaps it just has a space at the end I can't see).

Off-topic: It's best not to use eval to deserialize JSON. Instead, use a library that handles it directly. Crockford has two different non-eval libs on his github page, one (json_parse.js) that uses a recursive-descent parser and another (json_parse_state.js) that uses a state machine. If you really, really want to use eval to parse JSON, take a look at his implementation in json2.js, which at least takes a couple of steps to weed out malicious stuff.

Off-topic 2: Re

where data = { "cmd": "setname", "params": "ok" } (with quotes i suppose, because of typeof(data) being = string).

We only use quotes to quote string literals in code; there are no quotes around actual string data itself in memory. If I do this:

var foo = "bar";

...the string that foo points to consists entirely of the characters b, a, and r. There are no quotes; the quotes are only there in the code to tell the parser that what follows is a string literal.