CODEWITHSUNDEEP
javascriptconditional-statements
evanmcdonnal
evanmcdonnal

Reputation: 48076

true == false evaluates to true somehow?

I've been working to scrape some webpage that is using the OWASP CRSFGuard project for protection. The library seems to be causing one of my requests to get a 401 so I started digging through their code and noticed the following;

function isValidDomain(current, target) {
    var result = false;

    /** check exact or subdomain match **/
    if(current == target || current == 'localhost') {
        result = true;
    } else if(true == false) {
        if(target.charAt(0) == '.') {
            result = current.endsWith(target);
        } else {
            result = current.endsWith('.' + target);
        }
    }

    return result;
}

From what I can tell, there must be instances where this code is executed; result = current.endsWith('.' + target);. Given true == false is inherently false, how would the code reach that statement? Is this some JS oddity (I know we're not using the strict === equality, but seriously...)?

Upvotes: 1

Views: 177

Answers (2)

JLRishe
JLRishe

Reputation: 101652

I would say that Blazemonger is most likely correct.

That else if probably had some other condition at some point, and for whatever reason, they decided they didn't want that block of code to execute anymore, so they changed the condition to something that is always false.

It's also not entirely uncommon to see programmers use 1 === 0 as an indication for false. Why they would want to do this is anybody's guess.

Upvotes: 1

talves
talves

Reputation: 14343

Answer: It will never reach that code block. 

function isValidDomain(current, target) {
  var result = false;

  /** check exact or subdomain match **/
  if (current == target || current == 'localhost') {
    result = true;
  } else if (true == false) {
    if (target.charAt(0) == '.') {
      result = current.endsWith(target);
    } else {
      result = current.endsWith('.' + target);
    }
  }

  return result;
}

var trueFalse = document.getElementById('trueFalse');
trueFalse.innerHTML = isValidDomain('true', 'false') ? 'WTF!' : 'All is good in the JS World';

trueFalse.addEventListener('click', function(e) {
  trueFalse.innerHTML = (true == false) ? 'WTF!' : 'All is good in the JS World Still';
});
<div id="trueFalse"></div>

Upvotes: 1

Related Questions