1 | NAME |
1 | NAME |
2 | JSON::XS - JSON serialising/deserialising, done correctly and fast |
2 | JSON::XS - JSON serialising/deserialising, done correctly and fast |
|
|
3 | |
|
|
4 | JSON::XS - 正しくて高速な JSON |
|
|
5 | シリアライザ/デシリアライザ |
|
|
6 | (http://fleur.hio.jp/perldoc/mix/lib/JSON/XS.html) |
3 | |
7 | |
4 | SYNOPSIS |
8 | SYNOPSIS |
5 | use JSON::XS; |
9 | use JSON::XS; |
6 | |
10 | |
7 | # exported functions, they croak on error |
11 | # exported functions, they croak on error |
… | |
… | |
31 | |
35 | |
32 | See MAPPING, below, on how JSON::XS maps perl values to JSON values and |
36 | See MAPPING, below, on how JSON::XS maps perl values to JSON values and |
33 | vice versa. |
37 | vice versa. |
34 | |
38 | |
35 | FEATURES |
39 | FEATURES |
36 | * correct unicode handling |
40 | * correct Unicode handling |
37 | This module knows how to handle Unicode, and even documents how and |
41 | This module knows how to handle Unicode, and even documents how and |
38 | when it does so. |
42 | when it does so. |
39 | |
43 | |
40 | * round-trip integrity |
44 | * round-trip integrity |
41 | When you serialise a perl data structure using only datatypes |
45 | When you serialise a perl data structure using only datatypes |
… | |
… | |
55 | * simple to use |
59 | * simple to use |
56 | This module has both a simple functional interface as well as an OO |
60 | This module has both a simple functional interface as well as an OO |
57 | interface. |
61 | interface. |
58 | |
62 | |
59 | * reasonably versatile output formats |
63 | * reasonably versatile output formats |
60 | You can choose between the most compact guarenteed single-line |
64 | You can choose between the most compact guaranteed single-line |
61 | format possible (nice for simple line-based protocols), a pure-ascii |
65 | format possible (nice for simple line-based protocols), a pure-ascii |
62 | format (for when your transport is not 8-bit clean, still supports |
66 | format (for when your transport is not 8-bit clean, still supports |
63 | the whole unicode range), or a pretty-printed format (for when you |
67 | the whole Unicode range), or a pretty-printed format (for when you |
64 | want to read that stuff). Or you can combine those features in |
68 | want to read that stuff). Or you can combine those features in |
65 | whatever way you like. |
69 | whatever way you like. |
66 | |
70 | |
67 | FUNCTIONAL INTERFACE |
71 | FUNCTIONAL INTERFACE |
68 | The following convinience methods are provided by this module. They are |
72 | The following convenience methods are provided by this module. They are |
69 | exported by default: |
73 | exported by default: |
70 | |
74 | |
71 | $json_text = to_json $perl_scalar |
75 | $json_text = to_json $perl_scalar |
72 | Converts the given Perl data structure (a simple scalar or a |
76 | Converts the given Perl data structure to a UTF-8 encoded, binary |
73 | reference to a hash or array) to a UTF-8 encoded, binary string |
|
|
74 | (that is, the string contains octets only). Croaks on error. |
77 | string (that is, the string contains octets only). Croaks on error. |
75 | |
78 | |
76 | This function call is functionally identical to: |
79 | This function call is functionally identical to: |
77 | |
80 | |
78 | $json_text = JSON::XS->new->utf8->encode ($perl_scalar) |
81 | $json_text = JSON::XS->new->utf8->encode ($perl_scalar) |
79 | |
82 | |
80 | except being faster. |
83 | except being faster. |
81 | |
84 | |
82 | $perl_scalar = from_json $json_text |
85 | $perl_scalar = from_json $json_text |
83 | The opposite of "to_json": expects an UTF-8 (binary) string and |
86 | The opposite of "to_json": expects an UTF-8 (binary) string and |
84 | tries to parse that as an UTF-8 encoded JSON text, returning the |
87 | tries to parse that as an UTF-8 encoded JSON text, returning the |
85 | resulting simple scalar or reference. Croaks on error. |
88 | resulting reference. Croaks on error. |
86 | |
89 | |
87 | This function call is functionally identical to: |
90 | This function call is functionally identical to: |
88 | |
91 | |
89 | $perl_scalar = JSON::XS->new->utf8->decode ($json_text) |
92 | $perl_scalar = JSON::XS->new->utf8->decode ($json_text) |
90 | |
93 | |
… | |
… | |
97 | values in Perl. |
100 | values in Perl. |
98 | |
101 | |
99 | See MAPPING, below, for more information on how JSON values are |
102 | See MAPPING, below, for more information on how JSON values are |
100 | mapped to Perl. |
103 | mapped to Perl. |
101 | |
104 | |
|
|
105 | A FEW NOTES ON UNICODE AND PERL |
|
|
106 | Since this often leads to confusion, here are a few very clear words on |
|
|
107 | how Unicode works in Perl, modulo bugs. |
|
|
108 | |
|
|
109 | 1. Perl strings can store characters with ordinal values > 255. |
|
|
110 | This enables you to store Unicode characters as single characters in |
|
|
111 | a Perl string - very natural. |
|
|
112 | |
|
|
113 | 2. Perl does *not* associate an encoding with your strings. |
|
|
114 | Unless you force it to, e.g. when matching it against a regex, or |
|
|
115 | printing the scalar to a file, in which case Perl either interprets |
|
|
116 | your string as locale-encoded text, octets/binary, or as Unicode, |
|
|
117 | depending on various settings. In no case is an encoding stored |
|
|
118 | together with your data, it is *use* that decides encoding, not any |
|
|
119 | magical metadata. |
|
|
120 | |
|
|
121 | 3. The internal utf-8 flag has no meaning with regards to the encoding |
|
|
122 | of your string. |
|
|
123 | Just ignore that flag unless you debug a Perl bug, a module written |
|
|
124 | in XS or want to dive into the internals of perl. Otherwise it will |
|
|
125 | only confuse you, as, despite the name, it says nothing about how |
|
|
126 | your string is encoded. You can have Unicode strings with that flag |
|
|
127 | set, with that flag clear, and you can have binary data with that |
|
|
128 | flag set and that flag clear. Other possibilities exist, too. |
|
|
129 | |
|
|
130 | If you didn't know about that flag, just the better, pretend it |
|
|
131 | doesn't exist. |
|
|
132 | |
|
|
133 | 4. A "Unicode String" is simply a string where each character can be |
|
|
134 | validly interpreted as a Unicode codepoint. |
|
|
135 | If you have UTF-8 encoded data, it is no longer a Unicode string, |
|
|
136 | but a Unicode string encoded in UTF-8, giving you a binary string. |
|
|
137 | |
|
|
138 | 5. A string containing "high" (> 255) character values is *not* a UTF-8 |
|
|
139 | string. |
|
|
140 | It's a fact. Learn to live with it. |
|
|
141 | |
|
|
142 | I hope this helps :) |
|
|
143 | |
102 | OBJECT-ORIENTED INTERFACE |
144 | OBJECT-ORIENTED INTERFACE |
103 | The object oriented interface lets you configure your own encoding or |
145 | The object oriented interface lets you configure your own encoding or |
104 | decoding style, within the limits of supported formats. |
146 | decoding style, within the limits of supported formats. |
105 | |
147 | |
106 | $json = new JSON::XS |
148 | $json = new JSON::XS |
… | |
… | |
115 | => {"a": [1, 2]} |
157 | => {"a": [1, 2]} |
116 | |
158 | |
117 | $json = $json->ascii ([$enable]) |
159 | $json = $json->ascii ([$enable]) |
118 | If $enable is true (or missing), then the "encode" method will not |
160 | If $enable is true (or missing), then the "encode" method will not |
119 | generate characters outside the code range 0..127 (which is ASCII). |
161 | generate characters outside the code range 0..127 (which is ASCII). |
120 | Any unicode characters outside that range will be escaped using |
162 | Any Unicode characters outside that range will be escaped using |
121 | either a single \uXXXX (BMP characters) or a double \uHHHH\uLLLLL |
163 | either a single \uXXXX (BMP characters) or a double \uHHHH\uLLLLL |
122 | escape sequence, as per RFC4627. The resulting encoded JSON text can |
164 | escape sequence, as per RFC4627. The resulting encoded JSON text can |
123 | be treated as a native unicode string, an ascii-encoded, |
165 | be treated as a native Unicode string, an ascii-encoded, |
124 | latin1-encoded or UTF-8 encoded string, or any other superset of |
166 | latin1-encoded or UTF-8 encoded string, or any other superset of |
125 | ASCII. |
167 | ASCII. |
126 | |
168 | |
127 | If $enable is false, then the "encode" method will not escape |
169 | If $enable is false, then the "encode" method will not escape |
128 | Unicode characters unless required by the JSON syntax or other |
170 | Unicode characters unless required by the JSON syntax or other |
… | |
… | |
137 | |
179 | |
138 | $json = $json->latin1 ([$enable]) |
180 | $json = $json->latin1 ([$enable]) |
139 | If $enable is true (or missing), then the "encode" method will |
181 | If $enable is true (or missing), then the "encode" method will |
140 | encode the resulting JSON text as latin1 (or iso-8859-1), escaping |
182 | encode the resulting JSON text as latin1 (or iso-8859-1), escaping |
141 | any characters outside the code range 0..255. The resulting string |
183 | any characters outside the code range 0..255. The resulting string |
142 | can be treated as a latin1-encoded JSON text or a native unicode |
184 | can be treated as a latin1-encoded JSON text or a native Unicode |
143 | string. The "decode" method will not be affected in any way by this |
185 | string. The "decode" method will not be affected in any way by this |
144 | flag, as "decode" by default expects unicode, which is a strict |
186 | flag, as "decode" by default expects Unicode, which is a strict |
145 | superset of latin1. |
187 | superset of latin1. |
146 | |
188 | |
147 | If $enable is false, then the "encode" method will not escape |
189 | If $enable is false, then the "encode" method will not escape |
148 | Unicode characters unless required by the JSON syntax or other |
190 | Unicode characters unless required by the JSON syntax or other |
149 | flags. |
191 | flags. |
150 | |
192 | |
151 | The main use for this flag is efficiently encoding binary data as |
193 | The main use for this flag is efficiently encoding binary data as |
152 | JSON text, as most octets will not be escaped, resulting in a |
194 | JSON text, as most octets will not be escaped, resulting in a |
153 | smaller encoded size. The disadvantage is that the resulting JSON |
195 | smaller encoded size. The disadvantage is that the resulting JSON |
154 | text is encoded in latin1 (and must correctly be treated as such |
196 | text is encoded in latin1 (and must correctly be treated as such |
155 | when storing and transfering), a rare encoding for JSON. It is |
197 | when storing and transferring), a rare encoding for JSON. It is |
156 | therefore most useful when you want to store data structures known |
198 | therefore most useful when you want to store data structures known |
157 | to contain binary data efficiently in files or databases, not when |
199 | to contain binary data efficiently in files or databases, not when |
158 | talking to other JSON encoders/decoders. |
200 | talking to other JSON encoders/decoders. |
159 | |
201 | |
160 | JSON::XS->new->latin1->encode (["\x{89}\x{abc}"] |
202 | JSON::XS->new->latin1->encode (["\x{89}\x{abc}"] |
… | |
… | |
169 | bytewise/binary I/O. In future versions, enabling this option might |
211 | bytewise/binary I/O. In future versions, enabling this option might |
170 | enable autodetection of the UTF-16 and UTF-32 encoding families, as |
212 | enable autodetection of the UTF-16 and UTF-32 encoding families, as |
171 | described in RFC4627. |
213 | described in RFC4627. |
172 | |
214 | |
173 | If $enable is false, then the "encode" method will return the JSON |
215 | If $enable is false, then the "encode" method will return the JSON |
174 | string as a (non-encoded) unicode string, while "decode" expects |
216 | string as a (non-encoded) Unicode string, while "decode" expects |
175 | thus a unicode string. Any decoding or encoding (e.g. to UTF-8 or |
217 | thus a Unicode string. Any decoding or encoding (e.g. to UTF-8 or |
176 | UTF-16) needs to be done yourself, e.g. using the Encode module. |
218 | UTF-16) needs to be done yourself, e.g. using the Encode module. |
177 | |
219 | |
178 | Example, output UTF-16BE-encoded JSON: |
220 | Example, output UTF-16BE-encoded JSON: |
179 | |
221 | |
180 | use Encode; |
222 | use Encode; |
… | |
… | |
202 | } |
244 | } |
203 | |
245 | |
204 | $json = $json->indent ([$enable]) |
246 | $json = $json->indent ([$enable]) |
205 | If $enable is true (or missing), then the "encode" method will use a |
247 | If $enable is true (or missing), then the "encode" method will use a |
206 | multiline format as output, putting every array member or |
248 | multiline format as output, putting every array member or |
207 | object/hash key-value pair into its own line, identing them |
249 | object/hash key-value pair into its own line, indenting them |
208 | properly. |
250 | properly. |
209 | |
251 | |
210 | If $enable is false, no newlines or indenting will be produced, and |
252 | If $enable is false, no newlines or indenting will be produced, and |
211 | the resulting JSON text is guarenteed not to contain any "newlines". |
253 | the resulting JSON text is guaranteed not to contain any "newlines". |
212 | |
254 | |
213 | This setting has no effect when decoding JSON texts. |
255 | This setting has no effect when decoding JSON texts. |
214 | |
256 | |
215 | $json = $json->space_before ([$enable]) |
257 | $json = $json->space_before ([$enable]) |
216 | If $enable is true (or missing), then the "encode" method will add |
258 | If $enable is true (or missing), then the "encode" method will add |
… | |
… | |
268 | { |
310 | { |
269 | "k1": "v1", |
311 | "k1": "v1", |
270 | "k2": "v2", <- this comma not normally allowed |
312 | "k2": "v2", <- this comma not normally allowed |
271 | } |
313 | } |
272 | |
314 | |
|
|
315 | * shell-style '#'-comments |
|
|
316 | Whenever JSON allows whitespace, shell-style comments are |
|
|
317 | additionally allowed. They are terminated by the first |
|
|
318 | carriage-return or line-feed character, after which more |
|
|
319 | white-space and comments are allowed. |
|
|
320 | |
|
|
321 | [ |
|
|
322 | 1, # this comment not allowed in JSON |
|
|
323 | # neither this one... |
|
|
324 | ] |
|
|
325 | |
273 | $json = $json->canonical ([$enable]) |
326 | $json = $json->canonical ([$enable]) |
274 | If $enable is true (or missing), then the "encode" method will |
327 | If $enable is true (or missing), then the "encode" method will |
275 | output JSON objects by sorting their keys. This is adding a |
328 | output JSON objects by sorting their keys. This is adding a |
276 | comparatively high overhead. |
329 | comparatively high overhead. |
277 | |
330 | |
… | |
… | |
279 | pairs in the order Perl stores them (which will likely change |
332 | pairs in the order Perl stores them (which will likely change |
280 | between runs of the same script). |
333 | between runs of the same script). |
281 | |
334 | |
282 | This option is useful if you want the same data structure to be |
335 | This option is useful if you want the same data structure to be |
283 | encoded as the same JSON text (given the same overall settings). If |
336 | encoded as the same JSON text (given the same overall settings). If |
284 | it is disabled, the same hash migh be encoded differently even if |
337 | it is disabled, the same hash might be encoded differently even if |
285 | contains the same data, as key-value pairs have no inherent ordering |
338 | contains the same data, as key-value pairs have no inherent ordering |
286 | in Perl. |
339 | in Perl. |
287 | |
340 | |
288 | This setting has no effect when decoding JSON texts. |
341 | This setting has no effect when decoding JSON texts. |
289 | |
342 | |
… | |
… | |
305 | => "Hello, World!" |
358 | => "Hello, World!" |
306 | |
359 | |
307 | $json = $json->allow_blessed ([$enable]) |
360 | $json = $json->allow_blessed ([$enable]) |
308 | If $enable is true (or missing), then the "encode" method will not |
361 | If $enable is true (or missing), then the "encode" method will not |
309 | barf when it encounters a blessed reference. Instead, the value of |
362 | barf when it encounters a blessed reference. Instead, the value of |
310 | the convert_blessed option will decide wether "null" |
363 | the convert_blessed option will decide whether "null" |
311 | ("convert_blessed" disabled or no "to_json" method found) or a |
364 | ("convert_blessed" disabled or no "to_json" method found) or a |
312 | representation of the object ("convert_blessed" enabled and |
365 | representation of the object ("convert_blessed" enabled and |
313 | "to_json" method found) is being encoded. Has no effect on "decode". |
366 | "to_json" method found) is being encoded. Has no effect on "decode". |
314 | |
367 | |
315 | If $enable is false (the default), then "encode" will throw an |
368 | If $enable is false (the default), then "encode" will throw an |
… | |
… | |
378 | |
431 | |
379 | As this callback gets called less often then the |
432 | As this callback gets called less often then the |
380 | "filter_json_object" one, decoding speed will not usually suffer as |
433 | "filter_json_object" one, decoding speed will not usually suffer as |
381 | much. Therefore, single-key objects make excellent targets to |
434 | much. Therefore, single-key objects make excellent targets to |
382 | serialise Perl objects into, especially as single-key JSON objects |
435 | serialise Perl objects into, especially as single-key JSON objects |
383 | are as close to the type-tagged value concept as JSON gets (its |
436 | are as close to the type-tagged value concept as JSON gets (it's |
384 | basically an ID/VALUE tuple). Of course, JSON does not support this |
437 | basically an ID/VALUE tuple). Of course, JSON does not support this |
385 | in any way, so you need to make sure your data never looks like a |
438 | in any way, so you need to make sure your data never looks like a |
386 | serialised Perl hash. |
439 | serialised Perl hash. |
387 | |
440 | |
388 | Typical names for the single object key are "__class_whatever__", or |
441 | Typical names for the single object key are "__class_whatever__", or |
… | |
… | |
512 | vice versa. These mappings are designed to "do the right thing" in most |
565 | vice versa. These mappings are designed to "do the right thing" in most |
513 | circumstances automatically, preserving round-tripping characteristics |
566 | circumstances automatically, preserving round-tripping characteristics |
514 | (what you put in comes out as something equivalent). |
567 | (what you put in comes out as something equivalent). |
515 | |
568 | |
516 | For the more enlightened: note that in the following descriptions, |
569 | For the more enlightened: note that in the following descriptions, |
517 | lowercase *perl* refers to the Perl interpreter, while uppcercase *Perl* |
570 | lowercase *perl* refers to the Perl interpreter, while uppercase *Perl* |
518 | refers to the abstract Perl language itself. |
571 | refers to the abstract Perl language itself. |
519 | |
572 | |
520 | JSON -> PERL |
573 | JSON -> PERL |
521 | object |
574 | object |
522 | A JSON object becomes a reference to a hash in Perl. No ordering of |
575 | A JSON object becomes a reference to a hash in Perl. No ordering of |
523 | object keys is preserved (JSON does not preserver object key |
576 | object keys is preserved (JSON does not preserve object key ordering |
524 | ordering itself). |
577 | itself). |
525 | |
578 | |
526 | array |
579 | array |
527 | A JSON array becomes a reference to an array in Perl. |
580 | A JSON array becomes a reference to an array in Perl. |
528 | |
581 | |
529 | string |
582 | string |
… | |
… | |
553 | strings, but as Perl is typeless there is no other way to do it. |
606 | strings, but as Perl is typeless there is no other way to do it. |
554 | |
607 | |
555 | true, false |
608 | true, false |
556 | These JSON atoms become "JSON::XS::true" and "JSON::XS::false", |
609 | These JSON atoms become "JSON::XS::true" and "JSON::XS::false", |
557 | respectively. They are overloaded to act almost exactly like the |
610 | respectively. They are overloaded to act almost exactly like the |
558 | numbers 1 and 0. You can check wether a scalar is a JSON boolean by |
611 | numbers 1 and 0. You can check whether a scalar is a JSON boolean by |
559 | using the "JSON::XS::is_bool" function. |
612 | using the "JSON::XS::is_bool" function. |
560 | |
613 | |
561 | null |
614 | null |
562 | A JSON null atom becomes "undef" in Perl. |
615 | A JSON null atom becomes "undef" in Perl. |
563 | |
616 | |
… | |
… | |
590 | |
643 | |
591 | to_json [\0,JSON::XS::true] # yields [false,true] |
644 | to_json [\0,JSON::XS::true] # yields [false,true] |
592 | |
645 | |
593 | JSON::XS::true, JSON::XS::false |
646 | JSON::XS::true, JSON::XS::false |
594 | These special values become JSON true and JSON false values, |
647 | These special values become JSON true and JSON false values, |
595 | respectively. You cna alos use "\1" and "\0" directly if you want. |
648 | respectively. You can also use "\1" and "\0" directly if you want. |
596 | |
649 | |
597 | blessed objects |
650 | blessed objects |
598 | Blessed objects are not allowed. JSON::XS currently tries to encode |
651 | Blessed objects are not allowed. JSON::XS currently tries to encode |
599 | their underlying representation (hash- or arrayref), but this |
652 | their underlying representation (hash- or arrayref), but this |
600 | behaviour might change in future versions. |
653 | behaviour might change in future versions. |
… | |
… | |
616 | to_json [$value] # yields ["5"] |
669 | to_json [$value] # yields ["5"] |
617 | |
670 | |
618 | # undef becomes null |
671 | # undef becomes null |
619 | to_json [undef] # yields [null] |
672 | to_json [undef] # yields [null] |
620 | |
673 | |
621 | You can force the type to be a string by stringifying it: |
674 | You can force the type to be a JSON string by stringifying it: |
622 | |
675 | |
623 | my $x = 3.1; # some variable containing a number |
676 | my $x = 3.1; # some variable containing a number |
624 | "$x"; # stringified |
677 | "$x"; # stringified |
625 | $x .= ""; # another, more awkward way to stringify |
678 | $x .= ""; # another, more awkward way to stringify |
626 | print $x; # perl does it for you, too, quite often |
679 | print $x; # perl does it for you, too, quite often |
627 | |
680 | |
628 | You can force the type to be a number by numifying it: |
681 | You can force the type to be a JSON number by numifying it: |
629 | |
682 | |
630 | my $x = "3"; # some variable containing a string |
683 | my $x = "3"; # some variable containing a string |
631 | $x += 0; # numify it, ensuring it will be dumped as a number |
684 | $x += 0; # numify it, ensuring it will be dumped as a number |
632 | $x *= 1; # same thing, the choise is yours. |
685 | $x *= 1; # same thing, the choice is yours. |
633 | |
686 | |
634 | You can not currently output JSON booleans or force the type in |
687 | You can not currently force the type in other, less obscure, ways. |
635 | other, less obscure, ways. Tell me if you need this capability. |
688 | Tell me if you need this capability. |
636 | |
689 | |
637 | COMPARISON |
690 | COMPARISON |
638 | As already mentioned, this module was created because none of the |
691 | As already mentioned, this module was created because none of the |
639 | existing JSON modules could be made to work correctly. First I will |
692 | existing JSON modules could be made to work correctly. First I will |
640 | describe the problems (or pleasures) I encountered with various existing |
693 | describe the problems (or pleasures) I encountered with various existing |
… | |
… | |
642 | not to suffer from any of these problems or limitations. |
695 | not to suffer from any of these problems or limitations. |
643 | |
696 | |
644 | JSON 1.07 |
697 | JSON 1.07 |
645 | Slow (but very portable, as it is written in pure Perl). |
698 | Slow (but very portable, as it is written in pure Perl). |
646 | |
699 | |
647 | Undocumented/buggy Unicode handling (how JSON handles unicode values |
700 | Undocumented/buggy Unicode handling (how JSON handles Unicode values |
648 | is undocumented. One can get far by feeding it unicode strings and |
701 | is undocumented. One can get far by feeding it Unicode strings and |
649 | doing en-/decoding oneself, but unicode escapes are not working |
702 | doing en-/decoding oneself, but Unicode escapes are not working |
650 | properly). |
703 | properly). |
651 | |
704 | |
652 | No roundtripping (strings get clobbered if they look like numbers, |
705 | No round-tripping (strings get clobbered if they look like numbers, |
653 | e.g. the string 2.0 will encode to 2.0 instead of "2.0", and that |
706 | e.g. the string 2.0 will encode to 2.0 instead of "2.0", and that |
654 | will decode into the number 2. |
707 | will decode into the number 2. |
655 | |
708 | |
656 | JSON::PC 0.01 |
709 | JSON::PC 0.01 |
657 | Very fast. |
710 | Very fast. |
658 | |
711 | |
659 | Undocumented/buggy Unicode handling. |
712 | Undocumented/buggy Unicode handling. |
660 | |
713 | |
661 | No roundtripping. |
714 | No round-tripping. |
662 | |
715 | |
663 | Has problems handling many Perl values (e.g. regex results and other |
716 | Has problems handling many Perl values (e.g. regex results and other |
664 | magic values will make it croak). |
717 | magic values will make it croak). |
665 | |
718 | |
666 | Does not even generate valid JSON ("{1,2}" gets converted to "{1:2}" |
719 | Does not even generate valid JSON ("{1,2}" gets converted to "{1:2}" |
… | |
… | |
676 | much undocumented. I need at least a format for easy reading by |
729 | much undocumented. I need at least a format for easy reading by |
677 | humans and a single-line compact format for use in a protocol, and |
730 | humans and a single-line compact format for use in a protocol, and |
678 | preferably a way to generate ASCII-only JSON texts). |
731 | preferably a way to generate ASCII-only JSON texts). |
679 | |
732 | |
680 | Completely broken (and confusingly documented) Unicode handling |
733 | Completely broken (and confusingly documented) Unicode handling |
681 | (unicode escapes are not working properly, you need to set |
734 | (Unicode escapes are not working properly, you need to set |
682 | ImplicitUnicode to *different* values on en- and decoding to get |
735 | ImplicitUnicode to *different* values on en- and decoding to get |
683 | symmetric behaviour). |
736 | symmetric behaviour). |
684 | |
737 | |
685 | No roundtripping (simple cases work, but this depends on wether the |
738 | No round-tripping (simple cases work, but this depends on whether |
686 | scalar value was used in a numeric context or not). |
739 | the scalar value was used in a numeric context or not). |
687 | |
740 | |
688 | Dumping hashes may skip hash values depending on iterator state. |
741 | Dumping hashes may skip hash values depending on iterator state. |
689 | |
742 | |
690 | Unmaintained (maintainer unresponsive for many months, bugs are not |
743 | Unmaintained (maintainer unresponsive for many months, bugs are not |
691 | getting fixed). |
744 | getting fixed). |
692 | |
745 | |
693 | Does not check input for validity (i.e. will accept non-JSON input |
746 | Does not check input for validity (i.e. will accept non-JSON input |
694 | and return "something" instead of raising an exception. This is a |
747 | and return "something" instead of raising an exception. This is a |
695 | security issue: imagine two banks transfering money between each |
748 | security issue: imagine two banks transferring money between each |
696 | other using JSON. One bank might parse a given non-JSON request and |
749 | other using JSON. One bank might parse a given non-JSON request and |
697 | deduct money, while the other might reject the transaction with a |
750 | deduct money, while the other might reject the transaction with a |
698 | syntax error. While a good protocol will at least recover, that is |
751 | syntax error. While a good protocol will at least recover, that is |
699 | extra unnecessary work and the transaction will still not succeed). |
752 | extra unnecessary work and the transaction will still not succeed). |
700 | |
753 | |
701 | JSON::DWIW 0.04 |
754 | JSON::DWIW 0.04 |
702 | Very fast. Very natural. Very nice. |
755 | Very fast. Very natural. Very nice. |
703 | |
756 | |
704 | Undocumented unicode handling (but the best of the pack. Unicode |
757 | Undocumented Unicode handling (but the best of the pack. Unicode |
705 | escapes still don't get parsed properly). |
758 | escapes still don't get parsed properly). |
706 | |
759 | |
707 | Very inflexible. |
760 | Very inflexible. |
708 | |
761 | |
709 | No roundtripping. |
762 | No round-tripping. |
710 | |
763 | |
711 | Does not generate valid JSON texts (key strings are often unquoted, |
764 | Does not generate valid JSON texts (key strings are often unquoted, |
712 | empty keys result in nothing being output) |
765 | empty keys result in nothing being output) |
713 | |
766 | |
714 | Does not check input for validity. |
767 | Does not check input for validity. |
… | |
… | |
726 | my $yaml = $to_yaml->encode ($ref) . "\n"; |
779 | my $yaml = $to_yaml->encode ($ref) . "\n"; |
727 | |
780 | |
728 | This will usually generate JSON texts that also parse as valid YAML. |
781 | This will usually generate JSON texts that also parse as valid YAML. |
729 | Please note that YAML has hardcoded limits on (simple) object key |
782 | Please note that YAML has hardcoded limits on (simple) object key |
730 | lengths that JSON doesn't have, so you should make sure that your hash |
783 | lengths that JSON doesn't have, so you should make sure that your hash |
731 | keys are noticably shorter than the 1024 characters YAML allows. |
784 | keys are noticeably shorter than the 1024 characters YAML allows. |
732 | |
785 | |
733 | There might be other incompatibilities that I am not aware of. In |
786 | There might be other incompatibilities that I am not aware of. In |
734 | general you should not try to generate YAML with a JSON generator or |
787 | general you should not try to generate YAML with a JSON generator or |
735 | vice versa, or try to parse JSON with a YAML parser or vice versa: |
788 | vice versa, or try to parse JSON with a YAML parser or vice versa: |
736 | chances are high that you will run into severe interoperability |
789 | chances are high that you will run into severe interoperability |
… | |
… | |
767 | JSON::XS/3 | 338250.323 | 218453.333 | |
820 | JSON::XS/3 | 338250.323 | 218453.333 | |
768 | Storable | 16500.016 | 135300.129 | |
821 | Storable | 16500.016 | 135300.129 | |
769 | -----------+------------+------------+ |
822 | -----------+------------+------------+ |
770 | |
823 | |
771 | That is, JSON::XS is about five times faster than JSON::DWIW on |
824 | That is, JSON::XS is about five times faster than JSON::DWIW on |
772 | encoding, about three times faster on decoding, and over fourty times |
825 | encoding, about three times faster on decoding, and over forty times |
773 | faster than JSON, even with pretty-printing and key sorting. It also |
826 | faster than JSON, even with pretty-printing and key sorting. It also |
774 | compares favourably to Storable for small amounts of data. |
827 | compares favourably to Storable for small amounts of data. |
775 | |
828 | |
776 | Using a longer test string (roughly 18KB, generated from Yahoo! Locals |
829 | Using a longer test string (roughly 18KB, generated from Yahoo! Locals |
777 | search API (http://nanoref.com/yahooapis/mgPdGg): |
830 | search API (http://nanoref.com/yahooapis/mgPdGg): |
… | |
… | |
790 | -----------+------------+------------+ |
843 | -----------+------------+------------+ |
791 | |
844 | |
792 | Again, JSON::XS leads by far (except for Storable which non-surprisingly |
845 | Again, JSON::XS leads by far (except for Storable which non-surprisingly |
793 | decodes faster). |
846 | decodes faster). |
794 | |
847 | |
795 | On large strings containing lots of high unicode characters, some |
848 | On large strings containing lots of high Unicode characters, some |
796 | modules (such as JSON::PC) seem to decode faster than JSON::XS, but the |
849 | modules (such as JSON::PC) seem to decode faster than JSON::XS, but the |
797 | result will be broken due to missing (or wrong) unicode handling. Others |
850 | result will be broken due to missing (or wrong) Unicode handling. Others |
798 | refuse to decode or encode properly, so it was impossible to prepare a |
851 | refuse to decode or encode properly, so it was impossible to prepare a |
799 | fair comparison table for that case. |
852 | fair comparison table for that case. |
800 | |
853 | |
801 | SECURITY CONSIDERATIONS |
854 | SECURITY CONSIDERATIONS |
802 | When you are using JSON in a protocol, talking to untrusted potentially |
855 | When you are using JSON in a protocol, talking to untrusted potentially |
… | |
… | |
806 | have any buffer overflows. Obviously, this module should ensure that and |
859 | have any buffer overflows. Obviously, this module should ensure that and |
807 | I am trying hard on making that true, but you never know. |
860 | I am trying hard on making that true, but you never know. |
808 | |
861 | |
809 | Second, you need to avoid resource-starving attacks. That means you |
862 | Second, you need to avoid resource-starving attacks. That means you |
810 | should limit the size of JSON texts you accept, or make sure then when |
863 | should limit the size of JSON texts you accept, or make sure then when |
811 | your resources run out, thats just fine (e.g. by using a separate |
864 | your resources run out, that's just fine (e.g. by using a separate |
812 | process that can crash safely). The size of a JSON text in octets or |
865 | process that can crash safely). The size of a JSON text in octets or |
813 | characters is usually a good indication of the size of the resources |
866 | characters is usually a good indication of the size of the resources |
814 | required to decode it into a Perl structure. While JSON::XS can check |
867 | required to decode it into a Perl structure. While JSON::XS can check |
815 | the size of the JSON text, it might be too late when you already have it |
868 | the size of the JSON text, it might be too late when you already have it |
816 | in memory, so you might want to check the size before you accept the |
869 | in memory, so you might want to check the size before you accept the |
… | |
… | |
827 | |
880 | |
828 | And last but least, something else could bomb you that I forgot to think |
881 | And last but least, something else could bomb you that I forgot to think |
829 | of. In that case, you get to keep the pieces. I am always open for |
882 | of. In that case, you get to keep the pieces. I am always open for |
830 | hints, though... |
883 | hints, though... |
831 | |
884 | |
832 | If you are using JSON::XS to return packets to consumption by javascript |
885 | If you are using JSON::XS to return packets to consumption by JavaScript |
833 | scripts in a browser you should have a look at |
886 | scripts in a browser you should have a look at |
834 | <http://jpsykes.com/47/practical-csrf-and-json-security> to see wether |
887 | <http://jpsykes.com/47/practical-csrf-and-json-security> to see whether |
835 | you are vulnerable to some common attack vectors (which really are |
888 | you are vulnerable to some common attack vectors (which really are |
836 | browser design bugs, but it is still you who will have to deal with it, |
889 | browser design bugs, but it is still you who will have to deal with it, |
837 | as major browser developers care only for features, not about doing |
890 | as major browser developers care only for features, not about doing |
838 | security right). |
891 | security right). |
|
|
892 | |
|
|
893 | THREADS |
|
|
894 | This module is *not* guaranteed to be thread safe and there are no plans |
|
|
895 | to change this until Perl gets thread support (as opposed to the |
|
|
896 | horribly slow so-called "threads" which are simply slow and bloated |
|
|
897 | process simulations - use fork, its *much* faster, cheaper, better). |
|
|
898 | |
|
|
899 | (It might actually work, but you have been warned). |
839 | |
900 | |
840 | BUGS |
901 | BUGS |
841 | While the goal of this module is to be correct, that unfortunately does |
902 | While the goal of this module is to be correct, that unfortunately does |
842 | not mean its bug-free, only that I think its design is bug-free. It is |
903 | not mean its bug-free, only that I think its design is bug-free. It is |
843 | still relatively early in its development. If you keep reporting bugs |
904 | still relatively early in its development. If you keep reporting bugs |
844 | they will be fixed swiftly, though. |
905 | they will be fixed swiftly, though. |
845 | |
906 | |
|
|
907 | Please refrain from using rt.cpan.org or any other bug reporting |
|
|
908 | service. I put the contact address into my modules for a reason. |
|
|
909 | |
846 | AUTHOR |
910 | AUTHOR |
847 | Marc Lehmann <schmorp@schmorp.de> |
911 | Marc Lehmann <schmorp@schmorp.de> |
848 | http://home.schmorp.de/ |
912 | http://home.schmorp.de/ |
849 | |
913 | |