[cgiapp] [OT] Anyone using JSON::XS to output to a web page?
Ron Savage
ron at savage.net.au
Mon Oct 13 18:44:18 EDT 2008
Hi Michael
On Mon, 2008-10-13 at 12:14 -0400, Michael Peters wrote:
> Peter Karman wrote:
>
> > I believe using eval directly has security issues.
>
> Only if you don't trust your data source. If you control the JSON coming in, then it's not a problem
> to use eval, and in fact, it's much faster. But if you don't control the data source, then yes use
> something else. In this case it sounds like the OP controls his data source since he's having
> problems sending it.
Right. I am generating the JSON, I'm glad to say...
Nevertheless, since I'm using the Yahoo JS libs, I decided to accept
Peter's suggestion and use their wrapper around eval:
http://developer.yahoo.com/yui/json/
--
Ron Savage
ron at savage.net.au
http://savage.net.au/index.html
More information about the cgiapp
mailing list