#81 JSON security fix

closed-accepted
WebKit (45)
5
2007-04-22
2007-04-09
No

Recent study show that JSON protocol may be vulnerable to some form of hacking.
This patch fix this.
There is also a cosmetic update.

References: http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf http://getahead.org/blog/joe/2007/03/05/json_is_not_as_safe_as_people_think_it_is.html

JF

Discussion

    • assigned_to: nobody --> cito
     
  • Logged In: YES
    user_id=193957
    Originator: NO

    Thanks, this will probably be included in Webware 0.9.3.

     
    • status: open --> closed-accepted
     
  • Logged In: YES
    user_id=193957
    Originator: NO

    This patch has been applied in rev6502.