- From: Boris Zbarsky <bzbarsky@mit.edu>
- Date: Tue, 02 Dec 2014 11:30:03 -0800
- To: Julian Reschke <julian.reschke@gmx.de>, public-webappsec@w3.org
On 12/2/14, 8:10 AM, Julian Reschke wrote: > On 2014-12-02 16:44, Boris Zbarsky wrote: >> Right now we're implicitly ending up in the "The default encoding is >> UTF-8" of section 3 of RFC 4627, but it might be good to make that >> explicit, since JSON does allow other encodings. > > Sounds right. > >> In particular, we should make it explicit that UTF8 is used in >> preference to \uXXXX escapes. > > How does this help? Either you do JSON, in which case you will > understand the escapes, or you don't, in which case you're in trouble... Maybe I should have made that mode clear. A bunch of people are apparently "doing JSON" by calling eval on the received bytes or some such insanity. That will work with the escapes, but not with UTF-8. -Boris
Received on Tuesday, 2 December 2014 19:30:39 UTC