On 04.04.2007, at 13:02, Chris Ovenden wrote:
I just read the paper and, correct me if I'm wrong, this vulnerability
*only* applies to JSON. XML is safe, because it has to be parsed
before the data can be extracted. I avoid JSON because I don't like to
have eval() statements in my code. This would seem a more obvious
solution to the problem than the one proposed.
Basically, yes. The problem with that kind of attack is, that the
JSON code is executable JavaScript.
You should not forget, though, that XML has become a language-level
feature of JavaScript with E4X (http://en.wikipedia.org/wiki/E4X). It
might well be possible, that E4X-capable browsers have the same
problem with XML, depending on whether JavaScript constructors are
called for E4X or not.
--
Markus Peter - [EMAIL PROTECTED] http://www.spin-ag.de/
SPiN AG, Bischof-von-Henle-Str. 2b, 93051 Regensburg, HRB 6295
Regensburg
Aufsichtsratsvors.: Dr. Christian Kirnberger
Vorstände: Fabian Rott, Paul Schmid
