Noodlehaus

Douglas Crockford posts a set of guidelines on writing secure web applications using remote scripting and JSON on the YUI Blog.

JSON is a data interchange format. It is used in the transmission of data between machines. Since it carries only data, it is security-neutral. The security of systems that use JSON is determined by the quality of the design of those systems. JSON itself introduces no vulnerabilities.

JSON and Browser Security on the YUI Blog