XML, JSON, or what?
Alan Kennedy
alanmk at hotmail.com
Thu Jun 8 10:05:53 EDT 2006
[Ant]
>> I'd favour JSON if the data structures are simple personally. XML is
>> comparatively speaking a pain to deal with, where with JSON you can
>> simply eval() the data and you have a Python dictionary at your
>> disposal.
[Steve]
> Modulo any security problems that alert and malicious users are able to
> inject into your application. Simply using eval() uncritically on
> whatever comes down the pipe is a train wreck waiting to happen.
Yes, evaling JSON, or any other text coming from the web, is definitely
a bad idea.
But there's no need for eval: there are safe JSON codecs for python,
http://cheeseshop.python.org/pypi?%3Aaction=search&description=json
And one for javascript,
http://www.json.org/js.html
http://www.json.org/json.js
And most other languages you're likely to come across.
http://www.json.org/
regards,
--
alan kennedy
------------------------------------------------------
email alan: http://xhaus.com/contact/alan
More information about the Python-list
mailing list