On Wed, Dec 23, 2009 at 5:16 AM, John Resig <jere...@gmail.com> wrote:
> Is there an open ticket on this? If so I don't see a reason not to land it. > Well, if there is no safe json decoder (i.e. just eval()) it's not immediatly clear to me, that I really want this. Yes, all the other jscripts also come from the server and are thus somehow equally trustworthy. And the Content-Type on the HTTP header can not easily be spoofed. But I don't want jquery to evaluate some unsafe user content (e.g. CMS, Guestbook, ... ) that wasn't ever meant to be json ... Tobias > Could we change the $.ajax() function to treat the server's response > > as json if dataType is unspecified and the response content-type is > > "application/json"? > > > > Thanks, > > Dave > > > -- You received this message because you are subscribed to the Google Groups "jQuery Development" group. To post to this group, send email to jquery-...@googlegroups.com. To unsubscribe from this group, send email to jquery-dev+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/jquery-dev?hl=en.
