JSON simplifies the conversion of JSON strings into native objects effortlessly. For more information, visit this page

To achieve this, you have two options: either use eval(string) or JSON.parse(string).

It's important to note that using eval comes with risks, as stated on json.org:

The eval function operates quickly, but it has the ability to compile and execute any JavaScript program. This opens up potential security vulnerabilities. It is recommended to use eval only when working with trusted and competent sources. When dealing with web applications over XMLHttpRequest, communication is restricted to the same origin that provides the page, making it a trusted source. However, being trusted does not guarantee competence. If the server handling JSON encoding is not strict, or fails to thoroughly validate all inputs, there is a risk of receiving invalid JSON text containing harmful scripts. The eval function would unwittingly execute these malicious scripts.

Embrace the jQuery way! (the secret)

function decodeJSON(data) {
    return window.JSON && window.JSON.parse ? window.JSON.parse( data ) : (new Function("return " + data))(); 
}
// try it out
result = decodeJSON('{"name":"John"}');
alert(result.name);

This method eliminates the need for any external libraries and remains compatible with older browsers.

Instead of using eval(), a safer and easier alternative is to utilize JSON.parse(). The latter eliminates risks associated with the former.

A good and effective method

var yourJsonObject = JSON.parse(json_as_text);

There is no apparent reason to resort to eval(), as it compromises the security of your application.

This approach, however, remains viable.

An option that works but poses risks

var yourJsonObject = eval(json_as_text);

Why should you steer clear of eval?

Let's consider the following scenario.

Data from a third party or user in the form of a JSON string.

var json = `
[{
    "adjacencies": [
        {
          "nodeTo": function(){
            return "delete server files - you have been hacked!";
          }(),
          "nodeFrom": "graphnode1",
          "data": {
            "$color": "#557EAA"
          }
        }
    ],
    "data": {
      "$color": "#EBB056",
      "$type": "triangle",
      "$dim": 9
    },
    "id": "graphnode1",
    "name": "graphnode1"
},{
    "adjacencies": [],
    "data": {
      "$color": "#EBB056",
      "$type": "triangle",
      "$dim": 9
    },
    "id": "graphnode2",
    "name": "graphnode2"
}]
`;

Your server-side script processes this data.

Using JSON.parse:

window.onload = function(){
  var placeholder = document.getElementById('placeholder1');
  placeholder.innerHTML = JSON.parse(json)[0].adjacencies[0].nodeTo;
}

will result in:

Uncaught SyntaxError: Unexpected token u in JSON at position X. 

The function will not be executed.

You are protected.

Using eval():

window.onload = function(){
  var placeholder = document.getElementById('placeholder1');
  placeholder.innerHTML = eval(json)[0].adjacencies[0].nodeTo;
}

The function will be executed, potentially causing harm without any warnings.

If a malicious function replaces the harmless one, a breach can occur without alerting the user.

You are exposed to vulnerabilities.

The JSON text string could be manipulated to act as a harmful function on the server side.

eval(JSON)[0].adjacencies[0].nodeTo

may seem harmless on the surface, but it actually executes a function, posing significant risks.

To avoid these dangers, it is recommended to rely on JSON parsing tools instead of utilizing eval().

To gather all elements from an array and create a JSON object

gatherData: function (arrayItems) {

        var result = [];

        for (var i = 0; i < arrayItems.length; i++) {
            var info = {};
            this.e = arrayItems[i];            
            info.text = arrayItems[i].text;
            info.val = arrayItems[i].value;
            result[i] = info;
        }
        return result;
    },

To interpret the same information, we follow this procedure

dummyInterpret: function (json) {       
        var obj = JSON.parse(json); //converted the string to JSON object        
        $.each(obj, function () {
            innerInfo = this;
            $.each(innerInfo, function (index) {
                alert(this.text)
            });
        });

}

If you're looking to add functions to your deserialised object, check out this handy tool I created: https://github.com/khayll/jsmix

// Start by defining your model
var GraphNode = function() {};
GraphNode.prototype.getType = function() {
   return this.$type;
}

var Adjacency = function() {};
Adjacency.prototype.getData =n function() {
    return this.data;
}

// Use JSMix to mix in the functions
var result = JSMix(jsonData)
    .withObject(GraphNode.prototype, "*")
    .withObject(Adjacency.prototype, "*.adjacencies")
    .build();

// Now you can utilize the added functions
console.log(result[1][0].getData());

You don't need to make any changes if you paste the string into the HTML on the server-side:

For plain Java in JSP:

var jsonObj=<%=jsonStringInJavaServlet%>;

For JSP with Struts:

var jsonObj=<s:property value="jsonStringInJavaServlet" escape="false" escapeHtml="false"/>;