From af79e803e8144cc8e8933714438a5c77ad1549c1 Mon Sep 17 00:00:00 2001
From: hideheader <hideheader@mail.com>
Date: Thu, 12 Mar 2015 14:28:52 -0400
Subject: [PATCH] Remove `eval` from css-lint

Evaluate string token with `RegExp.exec()` instead of `eval()`.
---
 csslint/csslint.js | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/csslint/csslint.js b/csslint/csslint.js
index d253dbb5..f392ff6f 100644
--- a/csslint/csslint.js
+++ b/csslint/csslint.js
@@ -4565,9 +4565,12 @@ function PropertyValuePart(text, line, col){
         this.type   = "function";
         this.name   = RegExp.$1;
         this.value  = text;
-    } else if (/^["'][^"']*["']/.test(text)){    //string
+//    } else if (/^["'][^"']*["']/.test(text)){    //string
+//        this.type   = "string";
+//        this.value  = eval(text);
+    } else if (/^(["'])[^\1]*\1/.test(text)){    //string
         this.type   = "string";
-        this.value  = eval(text);
+        this.value  = /^(["'])([^\1]*)\1/.exec(text)[2];
     } else if (Colors[text.toLowerCase()]){  //named color
         this.type   = "color";
         temp        = Colors[text.toLowerCase()].substring(1);