- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Wed, 03 Dec 2014 14:42:15 +0100
- To: Boris Zbarsky <bzbarsky@mit.edu>, public-webappsec@w3.org
On 2014-12-02 20:30, Boris Zbarsky wrote: > On 12/2/14, 8:10 AM, Julian Reschke wrote: >> On 2014-12-02 16:44, Boris Zbarsky wrote: >>> Right now we're implicitly ending up in the "The default encoding is >>> UTF-8" of section 3 of RFC 4627, but it might be good to make that >>> explicit, since JSON does allow other encodings. >> >> Sounds right. >> >>> In particular, we should make it explicit that UTF8 is used in >>> preference to \uXXXX escapes. >> >> How does this help? Either you do JSON, in which case you will >> understand the escapes, or you don't, in which case you're in trouble... > > Maybe I should have made that mode clear. A bunch of people are > apparently "doing JSON" by calling eval on the received bytes or some > such insanity. That will work with the escapes, but not with UTF-8. Oops. It won't?
Received on Wednesday, 3 December 2014 13:42:50 UTC