I am writing a script where I need to parse JSON in browsers that

Question

0

Asked: June 12, 20262026-06-12T02:01:44+00:00 2026-06-12T02:01:44+00:00

I am writing a script where I need to parse JSON in browsers that

0

I am writing a script where I need to parse JSON in browsers that don’t support JSON.parse(). I have strict size objectives (total size < 20 kb) so I cannot rely on an external library like jQuery.

The usual approach would be to use eval() but I am concerned that it is not safe, as I have no control on the JSON strings (provided by an external source).

I came up with the idea to use a script tag to create my object:

var json='{"name":"Me","age":"30"}';
var scr=document.createElement("script");
scr.innerHTML="var obj="+json;
document.body.appendChild(scr);

This seems to work, as demonstrated here:
http://jsfiddle.net/bz8f7/

Am I missing something here? Are there cases where my method won’t work, or won’t be safe?

Note: I am aware that this method creates a global variable, and I am fine with that for my use case.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-12T02:01:45+00:00

Editorial Team

2026-06-12T02:01:45+00:00Added an answer on June 12, 2026 at 2:01 am

You are still evaluating JavaScript, just by using a more complex, less efficient method than eval. It has all the safety issues of eval.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I am writing a script where I need to parse JSON in browsers that

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply