archives

« Bugzilla Issues Index

#101 — Coverage: make sure differences between Object literal and JSON grammar are tested


http://timelessrepo.com/json-isnt-a-javascript-subset points a subtle difference between the object literal grammar and the JSON grammar.
The test suite should make sure this difference is properly handled in ECMAScript implementations.


This page (http://www.thespanner.co.uk/2011/05/30/json-hijacking/) also points out a couple of security issues that could come out of JSON being interpreted as ObjectLitteral. I'm not really sure the issues are really directed to misinterpreted JSON, but it might be worth making sure these issues are handled correctly by ES engines by using tests.


Did a little bit of digging. We have ch15/15.12/15.12.1/15.12.1.1/15.12.1.1-0-8.js, but it's not really testing what it purports to. That is:
JSON.parse('\u2028\u20291234');
will throw even without the '\u2028\u2029'.

Definitely need coverage here.