From 2efe1891f312854605de165689b42782dadaee47 Mon Sep 17 00:00:00 2001
From: Matthew de Detrich <mdedetrich@gmail.com>
Date: Wed, 3 Dec 2014 15:23:51 +1100
Subject: [PATCH] Implemented JSON security vulnerability detection, reference
 retrieved from
 https://github.com/angular/angular.js/blob/v1.2.22/src/ng/http.js#L120-L122

---
 src/json.js | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/json.js b/src/json.js
index cad0519..61aabba 100644
--- a/src/json.js
+++ b/src/json.js
@@ -12,6 +12,7 @@ define(['text'], function(text){
         jsonParse = (typeof JSON !== 'undefined' && typeof JSON.parse === 'function')? JSON.parse : function(val){
             return eval('('+ val +')'); //quick and dirty
         },
+        PROTECTION_PREFIX = /^\)\]\}',?\n/,
         buildMap = {};
 
     function cacheBust(url){
@@ -34,6 +35,8 @@ define(['text'], function(text){
                         buildMap[name] = data;
                         onLoad(data);
                     } else {
+                        // Need to check if the JSON data has been formatted for the JSON array security vulnerability
+                        data = data.replace(PROTECTION_PREFIX, '');
                         onLoad(jsonParse(data));
                     }
                 },