Safely turning a JSON string into an object
Posted
by Matt Sheppard
on Stack Overflow
See other posts from Stack Overflow
or by Matt Sheppard
Published on 2008-09-05T00:12:01Z
Indexed on
2010/05/06
6:28 UTC
Read the original article
Hit count: 252
Given a string of JSON data, how can you safely turn that string into a JavaScript object?
Obviously you can do this unsafely with something like...
var obj = eval("(" + json + ')');
...but that leaves us vulnerable to the json string containing other code, which it seems very dangerous to simply eval.
© Stack Overflow or respective owner