Security and JSON Parser to understand by below examples // Include http://www.json.org/json.js
var myObject = myJSONtext.parseJSON(); eval() can compile and execute any JavaScript program, so there can be security issues (cross-site scripting) Use eval() when the source can be trusted When security is a concern - the source cannot be trusted -, it is better to use a JSON parser A JSON parser will only recognize JSON text and so is much safer Object to Text Conversion var myJSONText = myObject.toJSONString(); You can convert JSON object into JSON text JSON does not support cyclic data structure Do not give cyclical structures to the JSON stringifier
Total Post:257
Points:1285// Include http://www.json.org/json.js
var myObject = myJSONtext.parseJSON();
eval() can compile and execute any JavaScript program, so there can be security issues (cross-site scripting)
Use eval() when the source can be trusted
When security is a concern - the source cannot be trusted -, it is better to use a JSON parser
A JSON parser will only recognize JSON text and so is much safer Object to Text Conversion
var myJSONText = myObject.toJSONString();
You can convert JSON object into JSON text
JSON does not support cyclic data structure
Do not give cyclical structures to the JSON stringifier