Author: etnu
Date: Fri Mar 14 17:47:12 2008
New Revision: 637314
URL: http://svn.apache.org/viewvc?rev=637314&view=rev
Log:
Updated json.js to the latest json2.js, which fixes a potential security
vulnerability in some browsers.
Modified:
incubator/shindig/trunk/features/core/json.js
Modified: incubator/shindig/trunk/features/core/json.js
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/features/core/json.js?rev=637314&r1=637313&r2=637314&view=diff
==============================================================================
--- incubator/shindig/trunk/features/core/json.js (original)
+++ incubator/shindig/trunk/features/core/json.js Fri Mar 14 17:47:12 2008
@@ -153,7 +153,7 @@
// we look to see that the remaining characters are only whitespace or ']' or
// ',' or ':' or '{' or '}'. If that is so, then the text is safe for eval.
- if (/^[\],:{}\s]*$/.test(text.replace(/\\./g, '@').
+ if (/^[\],:{}\s]*$/.test(text.replace(/\\["\\\/b-u]/g, '@').
replace(/"[^"\\\n\r]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g,
']').
replace(/(?:^|:|,)(?:\s*\[)+/g, ''))) {
return eval('(' + text + ')');
