I love developing usable and rich web applications using the latest techniques available.

A few weeks ago I posted something about securing your JSON. Since then Joe Walker has been looking into a few solutions. He posted the following three:

1. Use a Secret in the Request
2. Force pre-eval() Processing
3. Force POST requests

More information about this issue:
Security for GWT applications
Shaping the future of secure Ajax mashups

I stumbled on this post some time ago and since I’m using JSON more and more these days it’s not a bad idea being carefull. Bas Wenneker also was in the same position and he posted some ideas on securing your JSON.

I’m using JSON for almost anything so I was shocked a bit by his findings. Sleepless nights went by and then I thought of a counter hack so one could secure his JSON again.