Thanks Thomas. In fact, I did look at the javadoc, and even the javadoc has kinda ambiguous verbiage . More precisely, parseStrict's description is right on :
"Evaluates a JSON string and returns its JSONValue representation. Where possible, the browser's JSON.parse function is used. For older browsers including IE6 and IE7 that lack a JSON.parse function, the input is validated as described in RFC 4627 for safety and passed to eval()." whereas parseLenient's description does not explicitly state the fact that eval() is used only as fallback option: "Evaluates a trusted JSON string and returns its JSONValue representation. CAUTION! This method calls the JavaScript eval() function, which can execute arbitrary script. DO NOT pass an untrusted string into this method." I will see if I can create a issue(towards the documentation at http://code.google.com/webtoolkit/doc/latest/tutorial/JSON.html and the javadoc of parseLenient ) on the issue tracker and assign it to the category of "nitpicking". -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
