[fusion-trac] #531: Don't eval() JSON responses.
Fusion
trac_fusion at osgeo.org
Wed Jul 18 00:46:04 PDT 2012
#531: Don't eval() JSON responses.
----------------------+-----------------------------------------------------
Reporter: jng | Owner: madair
Type: defect | Status: new
Priority: P2 | Milestone: Future
Component: Core | Version: 2.0
Severity: Major | Keywords:
External_id: | State: New
Browser: All | Os: All
----------------------+-----------------------------------------------------
It's 2012, we don't have to use the insecure eval() to process JSON
anymore. Most browsers support JSON.parse(). Those that don't can use a
[https://github.com/douglascrockford/JSON-js/blob/master/json2.js tiny
shim library that provides this API]
--
Ticket URL: <http://trac.osgeo.org/fusion/ticket/531>
Fusion <http://trac.osgeo.org/fusion>
Fusion is a web-mapping application development framework for MapServer and MapGuide OS.
More information about the fusion-trac
mailing list