On Mon, 25 Mar 2013 21:23:59 +0100, Steve Newcomb <srn(a)coolheads.com> wrote:
If you use a Python interpreter to read JSON
data, as many do, anything can happen. I'm not sure that's relevant to
Mediawiki, but it could be relevant, particularly in a case where the
data may outlive the original software. It's easy to embed a virus in a
large JSON dataset. There is no such inherent risk in XML; XML is not a
programming language (despite the awkward ways in which XSLT can be abused).
False. This is a feature of some parsers (and which should - and AFAIK is in Python - be
disabled by default), which sadly mistake JSON for a data serialization format, when
it's merely a data interchange one.
Thse parsers allow certain JSON data (usually with specially formatted keys) to be parsed
into arbitrary language constructs in addition to the well-known and expected arrays and
maps. But again, this isn't a feature of JSON itself (if anything, it speaks of its
versatility), and is as far as I can see completely irrelevant here.
--
Matma Rex