douglas at crockford.com
Fri Apr 13 13:22:41 PDT 2007
The only complaints I have received about json.js is
that the methods are not dontenum. That will be fixed
as a result of the current effort.
I don't see that the level of danger here is anything
to worry about. A JSON receiver will not be corrupted
should someone accidently miscode a toJSONString
method. Such accidents are unlikely because the
default methods are right and the method is easy to
If we are concerned about intentional misencodings,
then the focus of worry is entire misplaced. A toJSON
interface allows falsification of data, which is a
much bigger problem. And the current nature of
against malicious code, should it get on the page.
More information about the Es4-discuss