On Tue, Jun 29, 2010 at 5:53 AM, Evan Gilbert wrote:
>
>
> What specifically don't you agree with? I agree that the RegEx match or a
> library will fix the security hole.
> The problem is that the insecure behavior - "eval(json)" - will just work,
> is obvious for developers to try, and non-obviou
On Sun, Jun 27, 2010 at 1:46 PM, Robert Sayre wrote:
> On Sun, Jun 13, 2010 at 11:20 AM, Evan Gilbert wrote:
> >
> >>
> >> Can you explain the XSS hole from parsing a random JSON string?
> >
> > Naive processor calls:
> > var href = document.location.href;
> > var jsonBlob = href.substring(href.
On Sun, Jun 13, 2010 at 11:20 AM, Evan Gilbert wrote:
>
>>
>> Can you explain the XSS hole from parsing a random JSON string?
>
> Naive processor calls:
> var href = document.location.href;
> var jsonBlob = href.substring(href.indexOf('#'), href.length)
> var userData = eval(jsonBlob);
> This cod
