JSON parser grammar
cowan at ccil.org
Tue Jun 9 11:43:21 PDT 2009
Tyler Close scripsit:
> Does it make sense to specify the character escaping rules as a
> whitelist of Unicode general categories that don't need to be escaped;
> leaving all else to be escaped? Seems safer than a blacklist of
> specific Unicode characters to escape.
Not really. The point of the blacklist is that some ES3 implementations
simply drop certain characters when they appear literally in "eval" input,
so they need to be escaped. The exact set of characters is the union of
all such known bugs. It's like Base64 encoding: the reason only A-Z,
a-z, 0-9, +, -, and = are used is that experience showed that none of
those characters got corrupted even by the buggiest of email servers,
gateways, and relays.
John Cowan http://www.ccil.org/~cowan cowan at ccil.org
Please leave your values Check your assumptions. In fact,
at the front desk. check your assumptions at the door.
--sign in Paris hotel --Cordelia Vorkosigan
More information about the es5-discuss