I think I understand what the use-case is… If the browser doesn't know anything about <script> tag, it is supposed to interpret it's contents as html… In which case, html-tags which appear in javascript code will actually become active ones
This makes sense. Though wouldn't htmlspecialchars($json, ENT_NOQUOTES) solve it? But this use case makes sense, so I suppose if one uses json to output the data inside HTML (as opposed to sending out in response to AJAX request for example) one would want to use such option. Thanks for finding this one!
-- Stanislav Malyshev, Zend Software Architect [EMAIL PROTECTED] http://www.zend.com/ (408)253-8829 MSN: [EMAIL PROTECTED] -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
