Skip to main content

Bug Tracker

Side navigation

#14492 closed bug (fixed)

Opened October 29, 2013 02:12PM UTC

Closed November 12, 2013 05:14AM UTC

parseJSON incorrectly accepts comma expressions

Reported by: gibson042 Owned by: gibson042
Priority: high Milestone: 1.11/2.1
Component: core Version: 1.10.2
Keywords: Cc:
Blocked by: Blocking:
Description

The value returned from parseJSON can be overridden by appending a comma and some additional JSON to the input. Native JSON.parse implementations correctly throw exceptions on such input.

This bug is shared with JSON2.js, from which our implementation is derived.

http://jsfiddle.net/ZPYhF/

Attachments (0)
Change History (3)

Changed October 29, 2013 02:15PM UTC by gibson042 comment:1

component: unfiledcore
priority: undecidedhigh
status: newopen

Changed October 29, 2013 03:24PM UTC by timmywil comment:2

milestone: None1.11/2.1
owner: → gibson042
status: openassigned

Changed November 12, 2013 05:14AM UTC by Richard Gibson comment:3

resolution: → fixed
status: assignedclosed

Fix #14492: More correct jQuery.parseJSON. Close gh-1419.

(cherry picked from commit 60a6178131afec97b68c9a45bc24459f7b8bd905)

Conflicts:

src/ajax/parseJSON.js

Changeset: 71b2ac524e49c0d1cc4e5d7bd8fd9d5a1317a20b