Joe Walker is talking about the safety of JSON. He has talked about CSRF in the past, and this time he delves into the Array/JSON hack.
“I saw some discussion recently about using JSON for secured data, and I’m not sure that everyone understands the risks.
I believe that JSON is unsafe for anything but public data unless you are using unpredictable URLs.“
How safe is your JSON?