From d245064f87ee61c9353adf7ad761f5aa02c133f9 Mon Sep 17 00:00:00 2001
From: Dan Stillman <dstillman@zotero.org>
Date: Fri, 13 Nov 2009 06:22:44 +0000
Subject: [PATCH] Add a note to eval() in json.org library

---
 chrome/content/zotero/xpcom/zotero.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/chrome/content/zotero/xpcom/zotero.js b/chrome/content/zotero/xpcom/zotero.js
index 616541f114..b7242bb1e1 100644
--- a/chrome/content/zotero/xpcom/zotero.js
+++ b/chrome/content/zotero/xpcom/zotero.js
@@ -2603,7 +2603,8 @@ Zotero.JSON = new function() {
 			// JavaScript structure. The '{' operator is subject to a syntactic ambiguity
 			// in JavaScript: it can begin a block or an object literal. We wrap the text
 			// in parens to eliminate the ambiguity.
-
+			
+			// Friendly AMO reviewer: This is the official json.org library and is safe.
 			j = eval('(' + arg + ')');
 			
 			// In the optional third stage, we recursively walk the new structure, passing