Yes you would. JSON is valid JS, and executing JSON in a browser is a recipe for... | Hacker News

Hacker Timesnew | past | comments | ask | show | jobs | submit

		afandian on Feb 5, 2018 \| parent \| context \| favorite \| on: Mark – A simple and unified notation for both obje... Yes you would. JSON is valid JS, and executing JSON in a browser is a recipe for disaster.

minitech on Feb 5, 2018 [–]

JSON isn’t valid JS – its representation of strings allows U+2028 and U+2029 to appear unescaped, but JavaScript string literals don’t.

Not sure how else executing (valid) JSON in a browser would be a recipe for disaster? `eval` was the standard way to parse JSON from trusted sources for a long time.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact