•
•
•
•
What is DaniWeb IT Discussion Community?
You're currently browsing the JavaScript / DHTML / AJAX section within the Web Development category of DaniWeb, a massive community of 363,512 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 3,441 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Please support our JavaScript / DHTML / AJAX advertiser: Lunarpages Web Hosting
Views: 4757 | Replies: 10
 |
•
•
Join Date: Jun 2006
Location: India
Posts: 6,696
Reputation: 
Rep Power: 23
Solved Threads: 314
◄ S.O.S, why am i able to decode the encoded json string directly using eval without Douglas
◄ Crockfords' Javascript library for JSON. ?
This is because Crockford's library is not mandatory. It is more of a convenience library providing 'safe eval'. I hope you do realize that eval can execute any arbitrary piece of Javascript code. This is a major security issue if someone manages to inject a malicious script in your code. Crocford's library makes sure that doesn't happen by looking for malicious patterns.
Plus, how do you propose to encode Javascript objects and send them to your server in JSON. Converting Date objects to JSON format is a royal pain. I would recommend you to take a look at the Javascript library for JSON to understand it's full implications and the benefits it can bring.
◄ Crockfords' Javascript library for JSON. ?
This is because Crockford's library is not mandatory. It is more of a convenience library providing 'safe eval'. I hope you do realize that eval can execute any arbitrary piece of Javascript code. This is a major security issue if someone manages to inject a malicious script in your code. Crocford's library makes sure that doesn't happen by looking for malicious patterns.
Plus, how do you propose to encode Javascript objects and send them to your server in JSON. Converting Date objects to JSON format is a royal pain. I would recommend you to take a look at the Javascript library for JSON to understand it's full implications and the benefits it can bring.
Last edited by ~s.o.s~ : Dec 3rd, 2007 at 10:59 am.
"I don't accept change. I don't deserve to live."
"Working a real job is a win if you're lazy, greedy, or unmotivated. If you're average, you fit right in. And if you're above average, the basic terms of employment and premise of the arrangement is against your interests."
"Working a real job is a win if you're lazy, greedy, or unmotivated. If you're average, you fit right in. And if you're above average, the basic terms of employment and premise of the arrangement is against your interests."
|
•
•
•
•
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
•
•
•
•
•
•
•
•
DaniWeb JavaScript / DHTML / AJAX Marketplace
Linear Mode
- Previous Thread: How to make controls visible false using javascript...?
- Next Thread: HELP needed on javascript menus PLEASE...
