Loading ...
Sorry, an error occurred while loading the content.

Re: [json] Re: org.json.java

Expand Messages
  • Tyler Close
    ... I d be more worried about web apps that accept user input and so could be made to traffic in Cf characters without having thought about it. A tricky user
    Message 1 of 7 , Jul 3, 2008
    • 0 Attachment
      On Thu, Jul 3, 2008 at 8:31 AM, Douglas Crockford <douglas@...> wrote:
      > So far this hasn't appeared to be a problem. I haven't seen
      > applications flinging around a lot of the Cf characters that get
      > deleted by Firefox before eval.

      I'd be more worried about web apps that accept user input and so could
      be made to traffic in Cf characters without having thought about it. A
      tricky user might then be able to exploit the fact that strings
      silently change value when being passed back and forth by the
      application.

      --Tyler
    • Douglas Crockford
      ... That is a serious problem when using a naked eval. So json.js contains this step: text = text.replace(cx, function (a) { return u + ( 0000 +
      Message 2 of 7 , Jul 3, 2008
      • 0 Attachment
        --- In json@yahoogroups.com, "Tyler Close" <tyler.close@...> wrote:
        >
        > On Thu, Jul 3, 2008 at 8:31 AM, Douglas Crockford <douglas@...> wrote:
        > > So far this hasn't appeared to be a problem. I haven't seen
        > > applications flinging around a lot of the Cf characters that get
        > > deleted by Firefox before eval.
        >
        > I'd be more worried about web apps that accept user input and so could
        > be made to traffic in Cf characters without having thought about it. A
        > tricky user might then be able to exploit the fact that strings
        > silently change value when being passed back and forth by the
        > application.

        That is a serious problem when using a naked eval. So json.js contains
        this step:

        text = text.replace(cx, function (a) {
        return '\\u' + ('0000' +
        (+(a.charCodeAt(0))).toString(16)).slice(-4);
        });

        It converts the flimsy characters to escape sequences before eval so
        that they are preserved.
      Your message has been successfully submitted and would be delivered to recipients shortly.