JSON is far better for use in JavaScript. It's much easier to access JSON data, since by the time you see it, it's just ordinary JavaScript objects. It's more convenient and faster too.
Regarding security, this is data that you're generating on your own server for use in your own website? Then there is no security issue that doesn't already exist just by having JavaScript in your site at all. jQuery does "eval" your JSON data (or in future versions it uses a function constructor, which amounts to the same thing). But the browser already is parsing and executing all your other JavaScript code - you can think of the JSON data as just one more JavaScript file for security purposes. I'm curious that you find JSON harder to read than XML. Are you looking at JSON text that's all on one line? That *would* be hard to read, but there are tools to pretty-print it. You can paste a JSON string into www.jsonlint.com, or use the excellent JSON viewer that integrates with Fiddler or runs as a standalone app: http://www.fiddler2.com/ http://www.codeplex.com/JsonViewer These are for Windows only, and it looks like you're using Linux, but you probably have a Windows VM or box on hand for IE testing anyway, so you can run those there. Fiddler is very very very nice to inspecting your HTTP sessions, and when you select a JSON download in the Fiddler list you can see a nice tree-structured view of your JSON data. Or maybe there is a good JSON formatter/viewer for Linux. Hope that helps, give a shout back with any questions or concerns and I'll be happy to kick them around with you. -Mike On Wed, Dec 2, 2009 at 3:04 PM, ScottChiefBaker <scott.ba...@gmail.com>wrote: > For server side scripts I'm wondering if there is an inherent > advantage to returning XML vs JSON (or vice versa). I've always > returned XML because I find it's more human readable, and thus I can > verify the data better. > > I'm talking strict data structures (arrays,lists, etc), no HTML. I > would imagine there is a performance penalty for parsing the XML into > a data structure vs JSON. There could potentially be security problems > parsing JSON? > > What do (you) the experts think? >
