If you browse certain ISO pages such as this one and look at the network communication as you mouse over items, the JSON response always starts with for(;;);
before following with actual JSON markup.
Other than perhaps attempting to punish someone using eval()
to parse the JSON, is there a good reason for this? For example, is it a best practice for guarding against a certain attack vector?