[JS] Global Variables

Report · Sep 20, 2010

I have seen a lot of experts here frown upon using global variables. I am very curious as to why. I find them very useful. I have saved myself a lot of pasing parameters to functions by referencing the document, story, and selection as global variables. It makes my functions simpler and saves me typing. So why shouldn't you use global variables?

I know in the SDK land with C++ they have moved from global variables because of multi-processor support. Should we expect scripting to offer multi-processor support?

Report · Sep 20, 2010

The issue with global variables is that they are shared by all users of the engine. If you use the global engine and set i=0, in the meen time a different user using the global engine sets i=3 the change will affect all you too. This is a way to royally mess up your & someone else's scripts.

When using your own engine, then it may just be an issue of style and encapsulation, but not dangerous.

A Happy Week

Steven

Report · Sep 20, 2010

Global variables are useful in a few situations. When you absolutely need some data to be available from any point of your code, you can store them in global variables. That's not forbidden 😉

However, using global variables when it is not necesary is regarded as a bad practice for many reasons. Mainly:

• performance cost: see #1 in http://jonraasch.com/blog/10-javascript-performance-boosting-tips-from-nicholas-zakas

• memory cost: JS cannot release objects from the global scope if they are no longer needed, except if you explicitly use delete this.myGlobal from the global object (but I'm not sure it even works on "implied globals" -- see http://www.adequatelygood.com/2010/2/Finding-Improper-JavaScript-Globals)

• name collisions and security issues: useless global variable names are hard to maintain in a complex script, and sabotage is really easy because any outer code can access/change the value of your global variable

• design issues: global variables are seen as the antithesis of a modular and flexible OOP code, re-using routines and objects becomes pretty difficult.

@+

Marc

Report · Sep 20, 2010

I don't understand, how could outer access variables in my script? The script runs and then it is done. While it is running it can't be accessed, right? Or do you mean if you are using an event listener?

The other reasons you gave are well understood, I wonder just how much of an issue memory is. Performance is important, but I have noticed that interacting with InDesign is where performance takes the major hit.

Report · Sep 20, 2010

Fred Goldman wrote:
I don't understand, how could outer access variables in my script? The script runs and then it is done. While it is running it can't be accessed, right? Or do you mean if you are using an event listener?

I was talking about "complex code," like libraries or session-persistent scripts. Using global variables in your script is probably safe during its execution time. However, there are many ways to include, eval or encapsulate the functionalities that your script implements. Then, all your global variables are exposed to the outside. The most interesting example of security issue is binary JavaScript inclusion. Suppose you have encrypted your script into a jsxbin file, or that your script embeds jsxbin code (as shown here: http://www.indiscripts.com/post/2010/04/binary-javascript-embedment-cs4-cs5). I can easily use #include yourScript.jsx, or eval(yourJsxBinCode), or $.evalFile(yourBinaryScript.jsxbin) from my own script. So I will have complete access to your global objects. I don't see the code, ok, but if you give me full access to your data, I can investigate... Local variables are secure in that they are not visible from the outside.

Report · Sep 20, 2010

Aha, I see, thanks Marc, this is very good to know. I appreciate your help!