From f060af9f8e61a5479d3dbebced2ba0fb861d2f9c Mon Sep 17 00:00:00 2001
From: Sangwhan Moon <sangwhan@iki.fi>
Date: Wed, 20 Feb 2013 17:09:00 +0900
Subject: [PATCH] Use JSON.parse() by default, and fallback to eval() in
 data.decodeJson().

---
 src/data/data.js | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/data/data.js b/src/data/data.js
index cb4932d..474b3d0 100644
--- a/src/data/data.js
+++ b/src/data/data.js
@@ -358,6 +358,14 @@
 					throw new Error("glow.data.decodeJson: cannot decode item");
 				}
 
+				// If JSON.parse() is available use that instead of eval().
+				// options that are passed to decodeJson() are only safety
+				// guarantees which are automatically handled with JSON.parse(),
+				// hence return immediately without acknowledging the options.
+
+				if(window.JSON && window.JSON.parse)
+					return window.JSON.parse(text);
+
 				options = options || {};
 				options.safeMode = options.safeMode || false;