DEV Community


Discussion on: Why Facebook's api starts with a for loop

snorfalorpagus profile image
Joshua Arnott • Edited

I can see how adding an infinite for-loop at the start of the JSON response would prevent it from being executed as JavaScript. How does the original site access the data? Does it need to use a function to discard the first X bytes of every response before loading the JSON? Or is there something I'm missing?

antogarand profile image
Antony Garand Author

This is exactly it!

As they load the string version of the JSON, they can remove their JS breaking mechanism before parsing it