JSON left out Infinity and NaN; JSON status in ECMAScript?

by

Infinity and NaN aren’t keywords or anything special, they are just properties on the global object (as is undefined) and as such can be changed. It’s for that reason JSON doesn’t include them in the spec — in essence any true JSON string should have the same result in EcmaScript if you do eval(jsonString) or JSON.parse(jsonString).

If it were allowed then someone could inject code akin to

NaN={valueOf:function(){ do evil }};
Infinity={valueOf:function(){ do evil }};

into a forum (or whatever) and then any json usage on that site could be compromised.

More Related Contents:

  1. Why JSON allows only string to be a key?
  2. How to insert into JSON?
  3. Convert XML to JSON (and back) using Javascript
  4. “SyntaxError: Unexpected token < in JSON at position 0"
  5. How to pass json POST data to Web API method as an object?
  6. Is the order of elements in a JSON list preserved?
  7. jQuery.parseJSON throws “Invalid JSON” error due to escaped single quote in JSON
  8. Sum JavaScript object propertyA values with the same object propertyB in an array of objects
  9. Angular 5 Service to read local .json file
  10. How to convert JSON to CSV format and store in a variable
  11. Merge keys array and values array into an object in JavaScript
  12. How might I extract the property values of a JavaScript object into an array?
  13. Is this simple string considered valid JSON?
  14. in JSON, Why is each name quoted?
  15. JSON.stringify deep objects
  16. Angular – Can’t make ng-repeat orderBy work
  17. How to inject HTML into a template with polymer
  18. Uncaught SyntaxError: Unexpected token u in JSON at position 0
  19. How to use Select2 with JSON via Ajax request?
  20. How to write data to a JSON file using Javascript
  21. Not a Legal JSONP API — How to get data without CALLBACK parameter
  22. d3 js – loading json without a http get
  23. Javascript maximum size for types?
  24. IE10/11 Ajax XHR error – SCRIPT7002: XMLHttpRequest: Network Error 0x2ef3
  25. TypeError: Converting circular structure to JSON in nodejs
  26. Remove key-value pair from JSON object
  27. How to restore original object/type from JSON?
  28. Cross-Origin resource sharing and file://
  29. sending data as JSON object from Python to Javascript with Jinja [duplicate]
  30. Process a continuous stream of JSON

Leave a Comment