IETF Logo Mail Archive

Re: [Json] Strings

Stephan Beal <sgbeal@googlemail.com> Wed, 05 June 2013 21:33 UTC

Return-Path: <sgbeal@googlemail.com>
X-Original-To: json@ietfa.amsl.com
Delivered-To: json@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F273611E80BA for <json@ietfa.amsl.com>; Wed, 5 Jun 2013 14:33:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.181
X-Spam-Level:
X-Spam-Status: No, score=-1.181 tagged_above=-999 required=5 tests=[AWL=-0.496, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, MISSING_HEADERS=1.292, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YoRJ8NPy5X5r for <json@ietfa.amsl.com>; Wed, 5 Jun 2013 14:33:20 -0700 (PDT)
Received: from mail-ea0-x22a.google.com (mail-ea0-x22a.google.com [IPv6:2a00:1450:4013:c01::22a]) by ietfa.amsl.com (Postfix) with ESMTP id D5A3D21F99C7 for <json@ietf.org>; Wed, 5 Jun 2013 14:33:18 -0700 (PDT)
Received: by mail-ea0-f170.google.com with SMTP id h10so1616525eaj.29 for <json@ietf.org>; Wed, 05 Jun 2013 14:33:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:cc :content-type; bh=fVKyWLOjjrVs4xBqT7a1x9nSHMLzzl07FzgXilRwbdA=; b=yJsoskDk1HDdzW0OGsJOETIvro9uynEiDBzcDzC1vhIqENR6qmmRWTj4CmvjptBnvj EiJrGIr+7CcZKA8e6xjFLHCDR0839dl7tzbX3UnHhqT4z6blsEHX4AoPK3SWfSpdGsaB i5x+Q9qOmLzlLrYTYlKkbfXe3li4uwRrAs8L/48Tb6UqDsf8mQVuKYaM1wuk7WeT5yU5 kvYYdUnODQp6YvFXCT1ExhU3SjT+KEGuP3Q3PTwTY3J8ieDj+rHXLMWTzZ+7UXriL+Hi UiaKBQ7ltnnzMhI6Ut0LgFxPH+5HMYpOftC1wwXfDN0f6MlbKwqPvOMj/wHXsavCIkeS 0+kw==
MIME-Version: 1.0
X-Received: by 10.181.12.1 with SMTP id em1mr8569049wid.4.1370467997816; Wed, 05 Jun 2013 14:33:17 -0700 (PDT)
Received: by 10.194.42.230 with HTTP; Wed, 5 Jun 2013 14:33:17 -0700 (PDT)
In-Reply-To: <51AFADBA.9070405@crockford.com>
References: <51AF9D4C.5060403@crockford.com> <51AFADBA.9070405@crockford.com>
Date: Wed, 05 Jun 2013 23:33:17 +0200
Message-ID: <CAKd4nAg+vUJkHOtRHox+5e+2qJ6y=Q_jrhe0ZVMFbg9ZOnLWnA@mail.gmail.com>
From: Stephan Beal <sgbeal@googlemail.com>
Cc: "json@ietf.org" <json@ietf.org>
Content-Type: multipart/alternative; boundary="f46d043c7e302f9c9504de6ef2f3"
Subject: Re: [Json] Strings
X-BeenThere: json@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "JavaScript Object Notation \(JSON\) WG mailing list" <json.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json>, <mailto:json-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/json>
List-Post: <mailto:json@ietf.org>
List-Help: <mailto:json-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json>, <mailto:json-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Jun 2013 21:33:22 -0000

On Wed, Jun 5, 2013 at 11:29 PM, Douglas Crockford <douglas@crockford.com>wrote:

> Strings like "<\/script>" are safe. PHP could be smarter about how it does
> that, but it is not my job to tell PHP how to be smarter.
>

They recently (5.4) added a flag to disable that:

http://php.net/manual/de/function.json-encode.php

See JSON_UNESCAPED_SLASHES.

-- 
----- stephan beal
http://wanderinghorse.net/home/stephan/
http://gplus.to/sgbeal

v2.23.0 | Report a Bug | By Email