Google is appending /*""*/ at the end of all JSON responses and I think it must be a security mechanism. Could you help me to get more information about the attack and its defense mechanisms?
Asked
Active
Viewed 50 times
2
hkazemi
- 698
- 3
- 20
-
Post a code snippet that helps us to reproduce the issue. – Ionică Bizău Aug 03 '14 at 07:00
-
@AndréDaniel Do you know the attack name so that i can get more info about it? – hkazemi Aug 03 '14 at 07:05
-
@IonicăBizău Just capture and view google JSON responses. try searching in http://www.google.com and view the response. – hkazemi Aug 03 '14 at 07:07
-
1@hkazemi see [here](http://stackoverflow.com/questions/2669690/why-does-google-prepend-while1-to-their-json-responses), it's called JSON hijacking. – Aug 03 '14 at 07:07
-
@AndréDaniel Thank you. – hkazemi Aug 03 '14 at 07:12
-
@hkazemi Ah, I see. Upvoted ;-) – Ionică Bizău Aug 03 '14 at 07:43
-
See [JSON unparseable cruft: Why so serious?](http://stackoverflow.com/q/14723226/413180) and [Why does Google prepend while(1); to their JSON responses?](http://stackoverflow.com/questions/2669690/why-does-google-prepend-while1-to-their-json-responses) – SilverlightFox Aug 04 '14 at 09:22