Thanks, Sri! On 01/04/2010 03:02 PM, Sripathi Krishnan wrote: > New subject -- we have diverged from the original post. > > > Is JSONParser() also unsafe? > > It also does an eval() without inspecting the string. So, yes, it is > also unsafe. > If you are unsure about the safety of your input string, then you should > employ techniques before you invoke JSONUtils or JSONParser. See this > discussion thread > <http://groups.google.com/group/google-web-toolkit/browse_thread/thread/7dfac0233a98c5eb>.
Good reference. > From the JSONParser() code, I get the impression that it tries to > differentiate among arrays, strings, &c. I thought that such > behavior was A Good Thing. > > Not as good as a Javascript overlay. When you get a rich, > domain-specific object that is also performant, why would you want > generics like an arrays and strings? >From 30K ft., it looked like there was some validation of the JavaScript object, in the sense that if I expect an array, then the isArray() test fails at runtime. Nevertheless, the gwt-rpc-plus looks interesting. Sadly, since last time we spoke, my one chance to move to GWT from Perl has evaporated. So, it's back to Perl until the wheel spins round and I get another chance to move some of this one app's Perl code to GWT. -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
