Paul Harrison wrote:
> Alasdair Allan wrote:
>> JSON has mind share and is viewed as being "sexier" than XML-RPC
>> for some reason.
>
> I have to say this is another case of web 2.0 hype...
>
> JSON invented because it directly evaled into javascript data
> object, but as every Perl programmer from the earliest CGI days
> knows that is a security nightmare...
As a Perl programmer, err, yup! However I do make extensive use of Data::Dumper and Storable (et al.) to serialise, transmit or store, and then eval() Perl objects. I just don't send them over the wire (or accept them) from/to un-trusted sources. That way lies madness.
> so you need to use a JSON parser - so what is the point?
It's as good as anything? It's compact and fairly simple, there are lots of libraries to parse and create it, and people seem to like it. It'll be around for a while. We could have worse reasons.
Al. Received on 2007-02-06Z18:12:45