Re: Why JSON?

Richard Newman wrote:
> Because RDF/XML, SPARQL-XML, and turtle are great, but nothing beats
> 
> var mine = eval ("(" + input + ")");
> 
> in Javascript.
Isn't that something of a glaring security hole? Passing an arbitrary 
string to eval seems to me to just invite compromises analogous to SQL 
injection attacks.

Ian

___________________________________________________________________
Ian Dickinson   HP Labs, Bristol, UK    mailto:ian.dickinson@hp.com
http://www.hpl.hp.com/personal/Ian_Dickinson    ph:+44-117-312-8796

Received on Saturday, 7 October 2006 18:33:00 UTC