I'm fetching data from my database, converting it to JSON with simplejson.dumps(), then passing it to my view to include in my Javascript. I need to escape the JSON vars to prevent XSS attacks without escaping all of the brackets, braces, and quotes that make JSON work.
How can I do this? What I've attempted so far results in either the entire JSON string being escaped, or none of it. I've hacked together a loop that generates and prints the JSON one variable, but that's pretty fragile and kludgy solution. Surely there's a better way?
