| … | |
… | |
| 35 | |
35 | |
| 36 | See MAPPING, below, on how JSON::XS maps perl values to JSON values and |
36 | See MAPPING, below, on how JSON::XS maps perl values to JSON values and |
| 37 | vice versa. |
37 | vice versa. |
| 38 | |
38 | |
| 39 | FEATURES |
39 | FEATURES |
| 40 | * correct unicode handling |
40 | * correct Unicode handling |
| 41 | This module knows how to handle Unicode, and even documents how and |
41 | This module knows how to handle Unicode, and even documents how and |
| 42 | when it does so. |
42 | when it does so. |
| 43 | |
43 | |
| 44 | * round-trip integrity |
44 | * round-trip integrity |
| 45 | When you serialise a perl data structure using only datatypes |
45 | When you serialise a perl data structure using only datatypes |
| … | |
… | |
| 59 | * simple to use |
59 | * simple to use |
| 60 | This module has both a simple functional interface as well as an OO |
60 | This module has both a simple functional interface as well as an OO |
| 61 | interface. |
61 | interface. |
| 62 | |
62 | |
| 63 | * reasonably versatile output formats |
63 | * reasonably versatile output formats |
| 64 | You can choose between the most compact guarenteed single-line |
64 | You can choose between the most compact guaranteed single-line |
| 65 | format possible (nice for simple line-based protocols), a pure-ascii |
65 | format possible (nice for simple line-based protocols), a pure-ascii |
| 66 | format (for when your transport is not 8-bit clean, still supports |
66 | format (for when your transport is not 8-bit clean, still supports |
| 67 | the whole unicode range), or a pretty-printed format (for when you |
67 | the whole Unicode range), or a pretty-printed format (for when you |
| 68 | want to read that stuff). Or you can combine those features in |
68 | want to read that stuff). Or you can combine those features in |
| 69 | whatever way you like. |
69 | whatever way you like. |
| 70 | |
70 | |
| 71 | FUNCTIONAL INTERFACE |
71 | FUNCTIONAL INTERFACE |
| 72 | The following convinience methods are provided by this module. They are |
72 | The following convenience methods are provided by this module. They are |
| 73 | exported by default: |
73 | exported by default: |
| 74 | |
74 | |
| 75 | $json_text = to_json $perl_scalar |
75 | $json_text = to_json $perl_scalar |
| 76 | Converts the given Perl data structure to a UTF-8 encoded, binary |
76 | Converts the given Perl data structure to a UTF-8 encoded, binary |
| 77 | string (that is, the string contains octets only). Croaks on error. |
77 | string (that is, the string contains octets only). Croaks on error. |
| … | |
… | |
| 105 | A FEW NOTES ON UNICODE AND PERL |
105 | A FEW NOTES ON UNICODE AND PERL |
| 106 | Since this often leads to confusion, here are a few very clear words on |
106 | Since this often leads to confusion, here are a few very clear words on |
| 107 | how Unicode works in Perl, modulo bugs. |
107 | how Unicode works in Perl, modulo bugs. |
| 108 | |
108 | |
| 109 | 1. Perl strings can store characters with ordinal values > 255. |
109 | 1. Perl strings can store characters with ordinal values > 255. |
| 110 | This enables you to store unicode characters as single characters in |
110 | This enables you to store Unicode characters as single characters in |
| 111 | a Perl string - very natural. |
111 | a Perl string - very natural. |
| 112 | |
112 | |
| 113 | 2. Perl does *not* associate an encoding with your strings. |
113 | 2. Perl does *not* associate an encoding with your strings. |
| 114 | Unless you force it to, e.g. when matching it against a regex, or |
114 | Unless you force it to, e.g. when matching it against a regex, or |
| 115 | printing the scalar to a file, in which case Perl either interprets |
115 | printing the scalar to a file, in which case Perl either interprets |
| … | |
… | |
| 121 | 3. The internal utf-8 flag has no meaning with regards to the encoding |
121 | 3. The internal utf-8 flag has no meaning with regards to the encoding |
| 122 | of your string. |
122 | of your string. |
| 123 | Just ignore that flag unless you debug a Perl bug, a module written |
123 | Just ignore that flag unless you debug a Perl bug, a module written |
| 124 | in XS or want to dive into the internals of perl. Otherwise it will |
124 | in XS or want to dive into the internals of perl. Otherwise it will |
| 125 | only confuse you, as, despite the name, it says nothing about how |
125 | only confuse you, as, despite the name, it says nothing about how |
| 126 | your string is encoded. You can have unicode strings with that flag |
126 | your string is encoded. You can have Unicode strings with that flag |
| 127 | set, with that flag clear, and you can have binary data with that |
127 | set, with that flag clear, and you can have binary data with that |
| 128 | flag set and that flag clear. Other possibilities exist, too. |
128 | flag set and that flag clear. Other possibilities exist, too. |
| 129 | |
129 | |
| 130 | If you didn't know about that flag, just the better, pretend it |
130 | If you didn't know about that flag, just the better, pretend it |
| 131 | doesn't exist. |
131 | doesn't exist. |
| … | |
… | |
| 135 | If you have UTF-8 encoded data, it is no longer a Unicode string, |
135 | If you have UTF-8 encoded data, it is no longer a Unicode string, |
| 136 | but a Unicode string encoded in UTF-8, giving you a binary string. |
136 | but a Unicode string encoded in UTF-8, giving you a binary string. |
| 137 | |
137 | |
| 138 | 5. A string containing "high" (> 255) character values is *not* a UTF-8 |
138 | 5. A string containing "high" (> 255) character values is *not* a UTF-8 |
| 139 | string. |
139 | string. |
| 140 | Its a fact. Learn to live with it. |
140 | It's a fact. Learn to live with it. |
| 141 | |
141 | |
| 142 | I hope this helps :) |
142 | I hope this helps :) |
| 143 | |
143 | |
| 144 | OBJECT-ORIENTED INTERFACE |
144 | OBJECT-ORIENTED INTERFACE |
| 145 | The object oriented interface lets you configure your own encoding or |
145 | The object oriented interface lets you configure your own encoding or |
| … | |
… | |
| 157 | => {"a": [1, 2]} |
157 | => {"a": [1, 2]} |
| 158 | |
158 | |
| 159 | $json = $json->ascii ([$enable]) |
159 | $json = $json->ascii ([$enable]) |
| 160 | If $enable is true (or missing), then the "encode" method will not |
160 | If $enable is true (or missing), then the "encode" method will not |
| 161 | generate characters outside the code range 0..127 (which is ASCII). |
161 | generate characters outside the code range 0..127 (which is ASCII). |
| 162 | Any unicode characters outside that range will be escaped using |
162 | Any Unicode characters outside that range will be escaped using |
| 163 | either a single \uXXXX (BMP characters) or a double \uHHHH\uLLLLL |
163 | either a single \uXXXX (BMP characters) or a double \uHHHH\uLLLLL |
| 164 | escape sequence, as per RFC4627. The resulting encoded JSON text can |
164 | escape sequence, as per RFC4627. The resulting encoded JSON text can |
| 165 | be treated as a native unicode string, an ascii-encoded, |
165 | be treated as a native Unicode string, an ascii-encoded, |
| 166 | latin1-encoded or UTF-8 encoded string, or any other superset of |
166 | latin1-encoded or UTF-8 encoded string, or any other superset of |
| 167 | ASCII. |
167 | ASCII. |
| 168 | |
168 | |
| 169 | If $enable is false, then the "encode" method will not escape |
169 | If $enable is false, then the "encode" method will not escape |
| 170 | Unicode characters unless required by the JSON syntax or other |
170 | Unicode characters unless required by the JSON syntax or other |
| … | |
… | |
| 179 | |
179 | |
| 180 | $json = $json->latin1 ([$enable]) |
180 | $json = $json->latin1 ([$enable]) |
| 181 | If $enable is true (or missing), then the "encode" method will |
181 | If $enable is true (or missing), then the "encode" method will |
| 182 | encode the resulting JSON text as latin1 (or iso-8859-1), escaping |
182 | encode the resulting JSON text as latin1 (or iso-8859-1), escaping |
| 183 | any characters outside the code range 0..255. The resulting string |
183 | any characters outside the code range 0..255. The resulting string |
| 184 | can be treated as a latin1-encoded JSON text or a native unicode |
184 | can be treated as a latin1-encoded JSON text or a native Unicode |
| 185 | string. The "decode" method will not be affected in any way by this |
185 | string. The "decode" method will not be affected in any way by this |
| 186 | flag, as "decode" by default expects unicode, which is a strict |
186 | flag, as "decode" by default expects Unicode, which is a strict |
| 187 | superset of latin1. |
187 | superset of latin1. |
| 188 | |
188 | |
| 189 | If $enable is false, then the "encode" method will not escape |
189 | If $enable is false, then the "encode" method will not escape |
| 190 | Unicode characters unless required by the JSON syntax or other |
190 | Unicode characters unless required by the JSON syntax or other |
| 191 | flags. |
191 | flags. |
| 192 | |
192 | |
| 193 | The main use for this flag is efficiently encoding binary data as |
193 | The main use for this flag is efficiently encoding binary data as |
| 194 | JSON text, as most octets will not be escaped, resulting in a |
194 | JSON text, as most octets will not be escaped, resulting in a |
| 195 | smaller encoded size. The disadvantage is that the resulting JSON |
195 | smaller encoded size. The disadvantage is that the resulting JSON |
| 196 | text is encoded in latin1 (and must correctly be treated as such |
196 | text is encoded in latin1 (and must correctly be treated as such |
| 197 | when storing and transfering), a rare encoding for JSON. It is |
197 | when storing and transferring), a rare encoding for JSON. It is |
| 198 | therefore most useful when you want to store data structures known |
198 | therefore most useful when you want to store data structures known |
| 199 | to contain binary data efficiently in files or databases, not when |
199 | to contain binary data efficiently in files or databases, not when |
| 200 | talking to other JSON encoders/decoders. |
200 | talking to other JSON encoders/decoders. |
| 201 | |
201 | |
| 202 | JSON::XS->new->latin1->encode (["\x{89}\x{abc}"] |
202 | JSON::XS->new->latin1->encode (["\x{89}\x{abc}"] |
| … | |
… | |
| 211 | bytewise/binary I/O. In future versions, enabling this option might |
211 | bytewise/binary I/O. In future versions, enabling this option might |
| 212 | enable autodetection of the UTF-16 and UTF-32 encoding families, as |
212 | enable autodetection of the UTF-16 and UTF-32 encoding families, as |
| 213 | described in RFC4627. |
213 | described in RFC4627. |
| 214 | |
214 | |
| 215 | If $enable is false, then the "encode" method will return the JSON |
215 | If $enable is false, then the "encode" method will return the JSON |
| 216 | string as a (non-encoded) unicode string, while "decode" expects |
216 | string as a (non-encoded) Unicode string, while "decode" expects |
| 217 | thus a unicode string. Any decoding or encoding (e.g. to UTF-8 or |
217 | thus a Unicode string. Any decoding or encoding (e.g. to UTF-8 or |
| 218 | UTF-16) needs to be done yourself, e.g. using the Encode module. |
218 | UTF-16) needs to be done yourself, e.g. using the Encode module. |
| 219 | |
219 | |
| 220 | Example, output UTF-16BE-encoded JSON: |
220 | Example, output UTF-16BE-encoded JSON: |
| 221 | |
221 | |
| 222 | use Encode; |
222 | use Encode; |
| … | |
… | |
| 244 | } |
244 | } |
| 245 | |
245 | |
| 246 | $json = $json->indent ([$enable]) |
246 | $json = $json->indent ([$enable]) |
| 247 | If $enable is true (or missing), then the "encode" method will use a |
247 | If $enable is true (or missing), then the "encode" method will use a |
| 248 | multiline format as output, putting every array member or |
248 | multiline format as output, putting every array member or |
| 249 | object/hash key-value pair into its own line, identing them |
249 | object/hash key-value pair into its own line, indenting them |
| 250 | properly. |
250 | properly. |
| 251 | |
251 | |
| 252 | If $enable is false, no newlines or indenting will be produced, and |
252 | If $enable is false, no newlines or indenting will be produced, and |
| 253 | the resulting JSON text is guarenteed not to contain any "newlines". |
253 | the resulting JSON text is guaranteed not to contain any "newlines". |
| 254 | |
254 | |
| 255 | This setting has no effect when decoding JSON texts. |
255 | This setting has no effect when decoding JSON texts. |
| 256 | |
256 | |
| 257 | $json = $json->space_before ([$enable]) |
257 | $json = $json->space_before ([$enable]) |
| 258 | If $enable is true (or missing), then the "encode" method will add |
258 | If $enable is true (or missing), then the "encode" method will add |
| … | |
… | |
| 332 | pairs in the order Perl stores them (which will likely change |
332 | pairs in the order Perl stores them (which will likely change |
| 333 | between runs of the same script). |
333 | between runs of the same script). |
| 334 | |
334 | |
| 335 | This option is useful if you want the same data structure to be |
335 | This option is useful if you want the same data structure to be |
| 336 | encoded as the same JSON text (given the same overall settings). If |
336 | encoded as the same JSON text (given the same overall settings). If |
| 337 | it is disabled, the same hash migh be encoded differently even if |
337 | it is disabled, the same hash might be encoded differently even if |
| 338 | contains the same data, as key-value pairs have no inherent ordering |
338 | contains the same data, as key-value pairs have no inherent ordering |
| 339 | in Perl. |
339 | in Perl. |
| 340 | |
340 | |
| 341 | This setting has no effect when decoding JSON texts. |
341 | This setting has no effect when decoding JSON texts. |
| 342 | |
342 | |
| … | |
… | |
| 358 | => "Hello, World!" |
358 | => "Hello, World!" |
| 359 | |
359 | |
| 360 | $json = $json->allow_blessed ([$enable]) |
360 | $json = $json->allow_blessed ([$enable]) |
| 361 | If $enable is true (or missing), then the "encode" method will not |
361 | If $enable is true (or missing), then the "encode" method will not |
| 362 | barf when it encounters a blessed reference. Instead, the value of |
362 | barf when it encounters a blessed reference. Instead, the value of |
| 363 | the convert_blessed option will decide wether "null" |
363 | the convert_blessed option will decide whether "null" |
| 364 | ("convert_blessed" disabled or no "to_json" method found) or a |
364 | ("convert_blessed" disabled or no "to_json" method found) or a |
| 365 | representation of the object ("convert_blessed" enabled and |
365 | representation of the object ("convert_blessed" enabled and |
| 366 | "to_json" method found) is being encoded. Has no effect on "decode". |
366 | "to_json" method found) is being encoded. Has no effect on "decode". |
| 367 | |
367 | |
| 368 | If $enable is false (the default), then "encode" will throw an |
368 | If $enable is false (the default), then "encode" will throw an |
| … | |
… | |
| 431 | |
431 | |
| 432 | As this callback gets called less often then the |
432 | As this callback gets called less often then the |
| 433 | "filter_json_object" one, decoding speed will not usually suffer as |
433 | "filter_json_object" one, decoding speed will not usually suffer as |
| 434 | much. Therefore, single-key objects make excellent targets to |
434 | much. Therefore, single-key objects make excellent targets to |
| 435 | serialise Perl objects into, especially as single-key JSON objects |
435 | serialise Perl objects into, especially as single-key JSON objects |
| 436 | are as close to the type-tagged value concept as JSON gets (its |
436 | are as close to the type-tagged value concept as JSON gets (it's |
| 437 | basically an ID/VALUE tuple). Of course, JSON does not support this |
437 | basically an ID/VALUE tuple). Of course, JSON does not support this |
| 438 | in any way, so you need to make sure your data never looks like a |
438 | in any way, so you need to make sure your data never looks like a |
| 439 | serialised Perl hash. |
439 | serialised Perl hash. |
| 440 | |
440 | |
| 441 | Typical names for the single object key are "__class_whatever__", or |
441 | Typical names for the single object key are "__class_whatever__", or |
| … | |
… | |
| 565 | vice versa. These mappings are designed to "do the right thing" in most |
565 | vice versa. These mappings are designed to "do the right thing" in most |
| 566 | circumstances automatically, preserving round-tripping characteristics |
566 | circumstances automatically, preserving round-tripping characteristics |
| 567 | (what you put in comes out as something equivalent). |
567 | (what you put in comes out as something equivalent). |
| 568 | |
568 | |
| 569 | For the more enlightened: note that in the following descriptions, |
569 | For the more enlightened: note that in the following descriptions, |
| 570 | lowercase *perl* refers to the Perl interpreter, while uppcercase *Perl* |
570 | lowercase *perl* refers to the Perl interpreter, while uppercase *Perl* |
| 571 | refers to the abstract Perl language itself. |
571 | refers to the abstract Perl language itself. |
| 572 | |
572 | |
| 573 | JSON -> PERL |
573 | JSON -> PERL |
| 574 | object |
574 | object |
| 575 | A JSON object becomes a reference to a hash in Perl. No ordering of |
575 | A JSON object becomes a reference to a hash in Perl. No ordering of |
| 576 | object keys is preserved (JSON does not preserver object key |
576 | object keys is preserved (JSON does not preserve object key ordering |
| 577 | ordering itself). |
577 | itself). |
| 578 | |
578 | |
| 579 | array |
579 | array |
| 580 | A JSON array becomes a reference to an array in Perl. |
580 | A JSON array becomes a reference to an array in Perl. |
| 581 | |
581 | |
| 582 | string |
582 | string |
| … | |
… | |
| 606 | strings, but as Perl is typeless there is no other way to do it. |
606 | strings, but as Perl is typeless there is no other way to do it. |
| 607 | |
607 | |
| 608 | true, false |
608 | true, false |
| 609 | These JSON atoms become "JSON::XS::true" and "JSON::XS::false", |
609 | These JSON atoms become "JSON::XS::true" and "JSON::XS::false", |
| 610 | respectively. They are overloaded to act almost exactly like the |
610 | respectively. They are overloaded to act almost exactly like the |
| 611 | numbers 1 and 0. You can check wether a scalar is a JSON boolean by |
611 | numbers 1 and 0. You can check whether a scalar is a JSON boolean by |
| 612 | using the "JSON::XS::is_bool" function. |
612 | using the "JSON::XS::is_bool" function. |
| 613 | |
613 | |
| 614 | null |
614 | null |
| 615 | A JSON null atom becomes "undef" in Perl. |
615 | A JSON null atom becomes "undef" in Perl. |
| 616 | |
616 | |
| … | |
… | |
| 669 | to_json [$value] # yields ["5"] |
669 | to_json [$value] # yields ["5"] |
| 670 | |
670 | |
| 671 | # undef becomes null |
671 | # undef becomes null |
| 672 | to_json [undef] # yields [null] |
672 | to_json [undef] # yields [null] |
| 673 | |
673 | |
| 674 | You can force the type to be a string by stringifying it: |
674 | You can force the type to be a JSON string by stringifying it: |
| 675 | |
675 | |
| 676 | my $x = 3.1; # some variable containing a number |
676 | my $x = 3.1; # some variable containing a number |
| 677 | "$x"; # stringified |
677 | "$x"; # stringified |
| 678 | $x .= ""; # another, more awkward way to stringify |
678 | $x .= ""; # another, more awkward way to stringify |
| 679 | print $x; # perl does it for you, too, quite often |
679 | print $x; # perl does it for you, too, quite often |
| 680 | |
680 | |
| 681 | You can force the type to be a number by numifying it: |
681 | You can force the type to be a JSON number by numifying it: |
| 682 | |
682 | |
| 683 | my $x = "3"; # some variable containing a string |
683 | my $x = "3"; # some variable containing a string |
| 684 | $x += 0; # numify it, ensuring it will be dumped as a number |
684 | $x += 0; # numify it, ensuring it will be dumped as a number |
| 685 | $x *= 1; # same thing, the choise is yours. |
685 | $x *= 1; # same thing, the choice is yours. |
| 686 | |
686 | |
| 687 | You can not currently output JSON booleans or force the type in |
687 | You can not currently force the type in other, less obscure, ways. |
| 688 | other, less obscure, ways. Tell me if you need this capability. |
688 | Tell me if you need this capability. |
| 689 | |
689 | |
| 690 | COMPARISON |
690 | COMPARISON |
| 691 | As already mentioned, this module was created because none of the |
691 | As already mentioned, this module was created because none of the |
| 692 | existing JSON modules could be made to work correctly. First I will |
692 | existing JSON modules could be made to work correctly. First I will |
| 693 | describe the problems (or pleasures) I encountered with various existing |
693 | describe the problems (or pleasures) I encountered with various existing |
| … | |
… | |
| 695 | not to suffer from any of these problems or limitations. |
695 | not to suffer from any of these problems or limitations. |
| 696 | |
696 | |
| 697 | JSON 1.07 |
697 | JSON 1.07 |
| 698 | Slow (but very portable, as it is written in pure Perl). |
698 | Slow (but very portable, as it is written in pure Perl). |
| 699 | |
699 | |
| 700 | Undocumented/buggy Unicode handling (how JSON handles unicode values |
700 | Undocumented/buggy Unicode handling (how JSON handles Unicode values |
| 701 | is undocumented. One can get far by feeding it unicode strings and |
701 | is undocumented. One can get far by feeding it Unicode strings and |
| 702 | doing en-/decoding oneself, but unicode escapes are not working |
702 | doing en-/decoding oneself, but Unicode escapes are not working |
| 703 | properly). |
703 | properly). |
| 704 | |
704 | |
| 705 | No roundtripping (strings get clobbered if they look like numbers, |
705 | No round-tripping (strings get clobbered if they look like numbers, |
| 706 | e.g. the string 2.0 will encode to 2.0 instead of "2.0", and that |
706 | e.g. the string 2.0 will encode to 2.0 instead of "2.0", and that |
| 707 | will decode into the number 2. |
707 | will decode into the number 2. |
| 708 | |
708 | |
| 709 | JSON::PC 0.01 |
709 | JSON::PC 0.01 |
| 710 | Very fast. |
710 | Very fast. |
| 711 | |
711 | |
| 712 | Undocumented/buggy Unicode handling. |
712 | Undocumented/buggy Unicode handling. |
| 713 | |
713 | |
| 714 | No roundtripping. |
714 | No round-tripping. |
| 715 | |
715 | |
| 716 | Has problems handling many Perl values (e.g. regex results and other |
716 | Has problems handling many Perl values (e.g. regex results and other |
| 717 | magic values will make it croak). |
717 | magic values will make it croak). |
| 718 | |
718 | |
| 719 | Does not even generate valid JSON ("{1,2}" gets converted to "{1:2}" |
719 | Does not even generate valid JSON ("{1,2}" gets converted to "{1:2}" |
| … | |
… | |
| 729 | much undocumented. I need at least a format for easy reading by |
729 | much undocumented. I need at least a format for easy reading by |
| 730 | humans and a single-line compact format for use in a protocol, and |
730 | humans and a single-line compact format for use in a protocol, and |
| 731 | preferably a way to generate ASCII-only JSON texts). |
731 | preferably a way to generate ASCII-only JSON texts). |
| 732 | |
732 | |
| 733 | Completely broken (and confusingly documented) Unicode handling |
733 | Completely broken (and confusingly documented) Unicode handling |
| 734 | (unicode escapes are not working properly, you need to set |
734 | (Unicode escapes are not working properly, you need to set |
| 735 | ImplicitUnicode to *different* values on en- and decoding to get |
735 | ImplicitUnicode to *different* values on en- and decoding to get |
| 736 | symmetric behaviour). |
736 | symmetric behaviour). |
| 737 | |
737 | |
| 738 | No roundtripping (simple cases work, but this depends on wether the |
738 | No round-tripping (simple cases work, but this depends on whether |
| 739 | scalar value was used in a numeric context or not). |
739 | the scalar value was used in a numeric context or not). |
| 740 | |
740 | |
| 741 | Dumping hashes may skip hash values depending on iterator state. |
741 | Dumping hashes may skip hash values depending on iterator state. |
| 742 | |
742 | |
| 743 | Unmaintained (maintainer unresponsive for many months, bugs are not |
743 | Unmaintained (maintainer unresponsive for many months, bugs are not |
| 744 | getting fixed). |
744 | getting fixed). |
| 745 | |
745 | |
| 746 | Does not check input for validity (i.e. will accept non-JSON input |
746 | Does not check input for validity (i.e. will accept non-JSON input |
| 747 | and return "something" instead of raising an exception. This is a |
747 | and return "something" instead of raising an exception. This is a |
| 748 | security issue: imagine two banks transfering money between each |
748 | security issue: imagine two banks transferring money between each |
| 749 | other using JSON. One bank might parse a given non-JSON request and |
749 | other using JSON. One bank might parse a given non-JSON request and |
| 750 | deduct money, while the other might reject the transaction with a |
750 | deduct money, while the other might reject the transaction with a |
| 751 | syntax error. While a good protocol will at least recover, that is |
751 | syntax error. While a good protocol will at least recover, that is |
| 752 | extra unnecessary work and the transaction will still not succeed). |
752 | extra unnecessary work and the transaction will still not succeed). |
| 753 | |
753 | |
| 754 | JSON::DWIW 0.04 |
754 | JSON::DWIW 0.04 |
| 755 | Very fast. Very natural. Very nice. |
755 | Very fast. Very natural. Very nice. |
| 756 | |
756 | |
| 757 | Undocumented unicode handling (but the best of the pack. Unicode |
757 | Undocumented Unicode handling (but the best of the pack. Unicode |
| 758 | escapes still don't get parsed properly). |
758 | escapes still don't get parsed properly). |
| 759 | |
759 | |
| 760 | Very inflexible. |
760 | Very inflexible. |
| 761 | |
761 | |
| 762 | No roundtripping. |
762 | No round-tripping. |
| 763 | |
763 | |
| 764 | Does not generate valid JSON texts (key strings are often unquoted, |
764 | Does not generate valid JSON texts (key strings are often unquoted, |
| 765 | empty keys result in nothing being output) |
765 | empty keys result in nothing being output) |
| 766 | |
766 | |
| 767 | Does not check input for validity. |
767 | Does not check input for validity. |
| … | |
… | |
| 779 | my $yaml = $to_yaml->encode ($ref) . "\n"; |
779 | my $yaml = $to_yaml->encode ($ref) . "\n"; |
| 780 | |
780 | |
| 781 | This will usually generate JSON texts that also parse as valid YAML. |
781 | This will usually generate JSON texts that also parse as valid YAML. |
| 782 | Please note that YAML has hardcoded limits on (simple) object key |
782 | Please note that YAML has hardcoded limits on (simple) object key |
| 783 | lengths that JSON doesn't have, so you should make sure that your hash |
783 | lengths that JSON doesn't have, so you should make sure that your hash |
| 784 | keys are noticably shorter than the 1024 characters YAML allows. |
784 | keys are noticeably shorter than the 1024 characters YAML allows. |
| 785 | |
785 | |
| 786 | There might be other incompatibilities that I am not aware of. In |
786 | There might be other incompatibilities that I am not aware of. In |
| 787 | general you should not try to generate YAML with a JSON generator or |
787 | general you should not try to generate YAML with a JSON generator or |
| 788 | vice versa, or try to parse JSON with a YAML parser or vice versa: |
788 | vice versa, or try to parse JSON with a YAML parser or vice versa: |
| 789 | chances are high that you will run into severe interoperability |
789 | chances are high that you will run into severe interoperability |
| … | |
… | |
| 820 | JSON::XS/3 | 338250.323 | 218453.333 | |
820 | JSON::XS/3 | 338250.323 | 218453.333 | |
| 821 | Storable | 16500.016 | 135300.129 | |
821 | Storable | 16500.016 | 135300.129 | |
| 822 | -----------+------------+------------+ |
822 | -----------+------------+------------+ |
| 823 | |
823 | |
| 824 | That is, JSON::XS is about five times faster than JSON::DWIW on |
824 | That is, JSON::XS is about five times faster than JSON::DWIW on |
| 825 | encoding, about three times faster on decoding, and over fourty times |
825 | encoding, about three times faster on decoding, and over forty times |
| 826 | faster than JSON, even with pretty-printing and key sorting. It also |
826 | faster than JSON, even with pretty-printing and key sorting. It also |
| 827 | compares favourably to Storable for small amounts of data. |
827 | compares favourably to Storable for small amounts of data. |
| 828 | |
828 | |
| 829 | Using a longer test string (roughly 18KB, generated from Yahoo! Locals |
829 | Using a longer test string (roughly 18KB, generated from Yahoo! Locals |
| 830 | search API (http://nanoref.com/yahooapis/mgPdGg): |
830 | search API (http://nanoref.com/yahooapis/mgPdGg): |
| … | |
… | |
| 843 | -----------+------------+------------+ |
843 | -----------+------------+------------+ |
| 844 | |
844 | |
| 845 | Again, JSON::XS leads by far (except for Storable which non-surprisingly |
845 | Again, JSON::XS leads by far (except for Storable which non-surprisingly |
| 846 | decodes faster). |
846 | decodes faster). |
| 847 | |
847 | |
| 848 | On large strings containing lots of high unicode characters, some |
848 | On large strings containing lots of high Unicode characters, some |
| 849 | modules (such as JSON::PC) seem to decode faster than JSON::XS, but the |
849 | modules (such as JSON::PC) seem to decode faster than JSON::XS, but the |
| 850 | result will be broken due to missing (or wrong) unicode handling. Others |
850 | result will be broken due to missing (or wrong) Unicode handling. Others |
| 851 | refuse to decode or encode properly, so it was impossible to prepare a |
851 | refuse to decode or encode properly, so it was impossible to prepare a |
| 852 | fair comparison table for that case. |
852 | fair comparison table for that case. |
| 853 | |
853 | |
| 854 | SECURITY CONSIDERATIONS |
854 | SECURITY CONSIDERATIONS |
| 855 | When you are using JSON in a protocol, talking to untrusted potentially |
855 | When you are using JSON in a protocol, talking to untrusted potentially |
| … | |
… | |
| 859 | have any buffer overflows. Obviously, this module should ensure that and |
859 | have any buffer overflows. Obviously, this module should ensure that and |
| 860 | I am trying hard on making that true, but you never know. |
860 | I am trying hard on making that true, but you never know. |
| 861 | |
861 | |
| 862 | Second, you need to avoid resource-starving attacks. That means you |
862 | Second, you need to avoid resource-starving attacks. That means you |
| 863 | should limit the size of JSON texts you accept, or make sure then when |
863 | should limit the size of JSON texts you accept, or make sure then when |
| 864 | your resources run out, thats just fine (e.g. by using a separate |
864 | your resources run out, that's just fine (e.g. by using a separate |
| 865 | process that can crash safely). The size of a JSON text in octets or |
865 | process that can crash safely). The size of a JSON text in octets or |
| 866 | characters is usually a good indication of the size of the resources |
866 | characters is usually a good indication of the size of the resources |
| 867 | required to decode it into a Perl structure. While JSON::XS can check |
867 | required to decode it into a Perl structure. While JSON::XS can check |
| 868 | the size of the JSON text, it might be too late when you already have it |
868 | the size of the JSON text, it might be too late when you already have it |
| 869 | in memory, so you might want to check the size before you accept the |
869 | in memory, so you might want to check the size before you accept the |
| … | |
… | |
| 880 | |
880 | |
| 881 | And last but least, something else could bomb you that I forgot to think |
881 | And last but least, something else could bomb you that I forgot to think |
| 882 | of. In that case, you get to keep the pieces. I am always open for |
882 | of. In that case, you get to keep the pieces. I am always open for |
| 883 | hints, though... |
883 | hints, though... |
| 884 | |
884 | |
| 885 | If you are using JSON::XS to return packets to consumption by javascript |
885 | If you are using JSON::XS to return packets to consumption by JavaScript |
| 886 | scripts in a browser you should have a look at |
886 | scripts in a browser you should have a look at |
| 887 | <http://jpsykes.com/47/practical-csrf-and-json-security> to see wether |
887 | <http://jpsykes.com/47/practical-csrf-and-json-security> to see whether |
| 888 | you are vulnerable to some common attack vectors (which really are |
888 | you are vulnerable to some common attack vectors (which really are |
| 889 | browser design bugs, but it is still you who will have to deal with it, |
889 | browser design bugs, but it is still you who will have to deal with it, |
| 890 | as major browser developers care only for features, not about doing |
890 | as major browser developers care only for features, not about doing |
| 891 | security right). |
891 | security right). |
| 892 | |
892 | |
| 893 | THREADS |
893 | THREADS |
| 894 | This module is *not* guarenteed to be thread safe and there are no plans |
894 | This module is *not* guaranteed to be thread safe and there are no plans |
| 895 | to change this until Perl gets thread support (as opposed to the |
895 | to change this until Perl gets thread support (as opposed to the |
| 896 | horribly slow so-called "threads" which are simply slow and bloated |
896 | horribly slow so-called "threads" which are simply slow and bloated |
| 897 | process simulations - use fork, its *much* faster, cheaper, better). |
897 | process simulations - use fork, its *much* faster, cheaper, better). |
| 898 | |
898 | |
| 899 | (It might actually work, but you ahve ben warned). |
899 | (It might actually work, but you have been warned). |
| 900 | |
900 | |
| 901 | BUGS |
901 | BUGS |
| 902 | While the goal of this module is to be correct, that unfortunately does |
902 | While the goal of this module is to be correct, that unfortunately does |
| 903 | not mean its bug-free, only that I think its design is bug-free. It is |
903 | not mean its bug-free, only that I think its design is bug-free. It is |
| 904 | still relatively early in its development. If you keep reporting bugs |
904 | still relatively early in its development. If you keep reporting bugs |
