P
P
Pavel Mikhalovsky2018-05-23 23:16:28
JavaScript
Pavel Mikhalovsky, 2018-05-23 23:16:28

Is it possible to load malicious code into a javascript program using a json file?

In one program I read a local JSON file. Is there a theoretical possibility that malicious code will be added to JSON that will harm the user?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
V
Vladimir Proskurin, 2018-05-23
@pavel9609

Well, if a site developer parses JSON in the old fashioned way via eval without checking the correct syntax, then yes, it is possible to execute malicious code. If through JSON.parse, then no, the JSON standard does not provide for calling functions, expressions, etc., and JSON.parse will determine during parsing that the syntax is incorrect and throw an error.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question