Is it possible to use json to execute code? For example can I pass a code object into it or something along those lines?
I guess my question is how does python evaluate json objects, and can this be used to run code?
I want to make sure passing information with json is safe from remote execution.
If you have a Unicode string that contains JSON text; it is always safe (as far as any C code that accepts user input can be) to pass it to
Where you pass the results of
json.loads() is up to you: if you want to interpret the received data as code; you can do it.