|
|
|
|
|
|
by _0w8t
2008 days ago
|
|
|
As long as one uses a single parser to read a particular input it matters little if it produces a result that is different from what some other parser generates as long as the parser has no security bugs. And JSON is simple enough to cover a particular interpretation of its spec with test suits to make a security vulnerability extremely unlikely. Surely if one uses one parser to verify the payload and another to use it, a disaster comes as was with IPhone verification bug. |
|
|