Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Why is there a for(;;); preamble in facebooks JSON responses? [duplicate]

Why is there a for(;;); preamble in facebooks JSON responses?

like image 768
Alois Reitbauer Avatar asked Nov 26 '09 15:11

Alois Reitbauer


1 Answers

See this StackOverflow post: How to restrict JSON access?

In particular this comment within that thread: for/while loops in JSON responses


Basically this is used so that attackers can't get the URL and include it on their page and have JavaScript now put the variables on the page because as soon as the request has been serviced the browser will go into an infinite loop not allowing other JavaScrip access to said variables which would potentially allow attackers to use your browser to get information that is meant to stay private.

like image 114
X-Istence Avatar answered Oct 18 '22 10:10

X-Istence