|

»

Mozilla - ECMAScript 4 discussion

A few more deviations in JSON.stringify

View: New views

3 Messages — Rating Filter: Alert me

	A few more deviations in JSON.stringify by Oliver Hunt-2 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message The specified behaviour of the abstract operation Quote in section 15.12.3 states that only characters with a unicode number less than or equal to 0x1f should be escaped. My testing found that json2.js escapes a number of other ranges of characters in unicode: 0x0000-0x001f 0x007f-0x009f 0x00ad 0x0600-0x0604 0x070f 0x17bf 0x17b5 0x200c-0x200f 0x2028-0x202f 0x2060-0x206f 0xfeff 0xfff0-0xffff Should json2.js be considered right in this behaviour? --Oliver _______________________________________________ es-discuss mailing list es-discuss@... https://mail.mozilla.org/listinfo/es-discuss
	RE: A few more deviations in JSON.stringify by Allen Wirfs-Brock-2 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Doug???? >-----Original Message----- >From: es-discuss-bounces@... [mailto:es-discuss- >bounces@...] On Behalf Of Oliver Hunt >Sent: Thursday, June 04, 2009 10:58 PM >To: es-discuss@... >Subject: A few more deviations in JSON.stringify > >The specified behaviour of the abstract operation Quote in section >15.12.3 states that only characters with a unicode number less than or >equal to 0x1f should be escaped. My testing found that json2.js >escapes a number of other ranges of characters in unicode: >0x0000-0x001f >0x007f-0x009f >0x00ad >0x0600-0x0604 >0x070f >0x17bf >0x17b5 >0x200c-0x200f >0x2028-0x202f >0x2060-0x206f >0xfeff >0xfff0-0xffff > >Should json2.js be considered right in this behaviour? > >--Oliver > >_______________________________________________ >es-discuss mailing list >es-discuss@... >https://mail.mozilla.org/listinfo/es-discuss _______________________________________________ es-discuss mailing list es-discuss@... https://mail.mozilla.org/listinfo/es-discuss
	Re: A few more deviations in JSON.stringify by Douglas Crockford :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Oliver Hunt wrote: > The > specified behaviour of the abstract operation Quote in section 15.12.3 > states that only characters with a unicode number less than or equal to > 0x1f should be escaped. My testing found that json2.js escapes a number > of other ranges of characters in unicode: > 0x0000-0x001f > 0x007f-0x009f > 0x00ad > 0x0600-0x0604 > 0x070f > 0x17bf > 0x17b5 > 0x200c-0x200f > 0x2028-0x202f > 0x2060-0x206f > 0xfeff > 0xfff0-0xffff > > Should json2.js be considered right in this behaviour? There is a problem in E3 and its implementations where some characters can be deleted. This can cause "\?" to be replaced with "\" during JSON2's eval phase, which could allow evil script injection. This is not a problem for ES5's JSON.parse. _______________________________________________ es-discuss mailing list es-discuss@... https://mail.mozilla.org/listinfo/es-discuss