There has been a lot of discussion today about geo data formats. It got me thinking of some problems with loading JSON data into a map on another server.
I would like to allow users to save map data from a website in JSON and host that JSON elsewhere, so the users can then share their saved map with other users. There are two issues that could pose security problems for this: * Loading the data from another website (cross site scripting). This may lead us to use a "proxy.php" to load the JSON, or use something like JSONP. * Executable code within the JSON. There are options such as JSON.parse() and JSON.stringify(). I'm sure someone else has come up with a relatively secure solution to this, and if not, what route have people gone for this kind of thing? ---- Jim McAndrew
_______________________________________________ Geowanking mailing list [email protected] http://geowanking.org/mailman/listinfo/geowanking_geowanking.org
