V
vunet
When implementing JSON as a form of data exchange between server and
client, what security measures do I need to consider? For example, I
have XMLHttpRequest returning JSON text from the server and eval()
converts string to the JavaScript object. I heard about problems with
"eval" and idea of using "magic cookies" to avoid attacks. Anyway,
what should I consider?
Thanks.
client, what security measures do I need to consider? For example, I
have XMLHttpRequest returning JSON text from the server and eval()
converts string to the JavaScript object. I heard about problems with
"eval" and idea of using "magic cookies" to avoid attacks. Anyway,
what should I consider?
Thanks.