[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: Maximally Consumable Data
>> But, you have to 'eval' it making a >> potential security threat. More accurately, you can 'eval' it, making it a potential security threat. You don't have to, but I still notice that about half of the JSON articles and tutorials I read suggest using eval() rather than evalJSON(). I suspect more than half of JSON processing scripts in the wild use eval() rather than safer options. You simply can't get around the fact that JSON was delibeartely designed to be evaluated with eval(). It's going to be insecure unless we change JSON so it can't be eval'd or remove eval() from the language. -- Elliotte Rusty Harold elharo@m... Java I/O 2nd Edition Just Published! http://www.cafeaulait.org/books/javaio2/ http://www.amazon.com/exec/obidos/ISBN=0596527500/ref=nosim/cafeaulaitA/
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] |
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|