… | |
… | |
86 | package JSON::XS; |
86 | package JSON::XS; |
87 | |
87 | |
88 | use strict; |
88 | use strict; |
89 | |
89 | |
90 | BEGIN { |
90 | BEGIN { |
91 | our $VERSION = '0.8'; |
91 | our $VERSION = '1.12'; |
92 | our @ISA = qw(Exporter); |
92 | our @ISA = qw(Exporter); |
93 | |
93 | |
94 | our @EXPORT = qw(to_json from_json objToJson jsonToObj); |
94 | our @EXPORT = qw(to_json from_json objToJson jsonToObj); |
95 | require Exporter; |
95 | require Exporter; |
96 | |
96 | |
… | |
… | |
128 | $perl_scalar = JSON::XS->new->utf8->decode ($json_text) |
128 | $perl_scalar = JSON::XS->new->utf8->decode ($json_text) |
129 | |
129 | |
130 | except being faster. |
130 | except being faster. |
131 | |
131 | |
132 | =back |
132 | =back |
|
|
133 | |
133 | |
134 | |
134 | =head1 OBJECT-ORIENTED INTERFACE |
135 | =head1 OBJECT-ORIENTED INTERFACE |
135 | |
136 | |
136 | The object oriented interface lets you configure your own encoding or |
137 | The object oriented interface lets you configure your own encoding or |
137 | decoding style, within the limits of supported formats. |
138 | decoding style, within the limits of supported formats. |
… | |
… | |
153 | |
154 | |
154 | If C<$enable> is true (or missing), then the C<encode> method will not |
155 | If C<$enable> is true (or missing), then the C<encode> method will not |
155 | generate characters outside the code range C<0..127> (which is ASCII). Any |
156 | generate characters outside the code range C<0..127> (which is ASCII). Any |
156 | unicode characters outside that range will be escaped using either a |
157 | unicode characters outside that range will be escaped using either a |
157 | single \uXXXX (BMP characters) or a double \uHHHH\uLLLLL escape sequence, |
158 | single \uXXXX (BMP characters) or a double \uHHHH\uLLLLL escape sequence, |
158 | as per RFC4627. |
159 | as per RFC4627. The resulting encoded JSON text can be treated as a native |
|
|
160 | unicode string, an ascii-encoded, latin1-encoded or UTF-8 encoded string, |
|
|
161 | or any other superset of ASCII. |
159 | |
162 | |
160 | If C<$enable> is false, then the C<encode> method will not escape Unicode |
163 | If C<$enable> is false, then the C<encode> method will not escape Unicode |
161 | characters unless required by the JSON syntax. This results in a faster |
164 | characters unless required by the JSON syntax or other flags. This results |
162 | and more compact format. |
165 | in a faster and more compact format. |
|
|
166 | |
|
|
167 | The main use for this flag is to produce JSON texts that can be |
|
|
168 | transmitted over a 7-bit channel, as the encoded JSON texts will not |
|
|
169 | contain any 8 bit characters. |
163 | |
170 | |
164 | JSON::XS->new->ascii (1)->encode ([chr 0x10401]) |
171 | JSON::XS->new->ascii (1)->encode ([chr 0x10401]) |
165 | => ["\ud801\udc01"] |
172 | => ["\ud801\udc01"] |
|
|
173 | |
|
|
174 | =item $json = $json->latin1 ([$enable]) |
|
|
175 | |
|
|
176 | If C<$enable> is true (or missing), then the C<encode> method will encode |
|
|
177 | the resulting JSON text as latin1 (or iso-8859-1), escaping any characters |
|
|
178 | outside the code range C<0..255>. The resulting string can be treated as a |
|
|
179 | latin1-encoded JSON text or a native unicode string. The C<decode> method |
|
|
180 | will not be affected in any way by this flag, as C<decode> by default |
|
|
181 | expects unicode, which is a strict superset of latin1. |
|
|
182 | |
|
|
183 | If C<$enable> is false, then the C<encode> method will not escape Unicode |
|
|
184 | characters unless required by the JSON syntax or other flags. |
|
|
185 | |
|
|
186 | The main use for this flag is efficiently encoding binary data as JSON |
|
|
187 | text, as most octets will not be escaped, resulting in a smaller encoded |
|
|
188 | size. The disadvantage is that the resulting JSON text is encoded |
|
|
189 | in latin1 (and must correctly be treated as such when storing and |
|
|
190 | transfering), a rare encoding for JSON. It is therefore most useful when |
|
|
191 | you want to store data structures known to contain binary data efficiently |
|
|
192 | in files or databases, not when talking to other JSON encoders/decoders. |
|
|
193 | |
|
|
194 | JSON::XS->new->latin1->encode (["\x{89}\x{abc}"] |
|
|
195 | => ["\x{89}\\u0abc"] # (perl syntax, U+abc escaped, U+89 not) |
166 | |
196 | |
167 | =item $json = $json->utf8 ([$enable]) |
197 | =item $json = $json->utf8 ([$enable]) |
168 | |
198 | |
169 | If C<$enable> is true (or missing), then the C<encode> method will encode |
199 | If C<$enable> is true (or missing), then the C<encode> method will encode |
170 | the JSON result into UTF-8, as required by many protocols, while the |
200 | the JSON result into UTF-8, as required by many protocols, while the |
… | |
… | |
283 | => "Hello, World!" |
313 | => "Hello, World!" |
284 | |
314 | |
285 | =item $json = $json->shrink ([$enable]) |
315 | =item $json = $json->shrink ([$enable]) |
286 | |
316 | |
287 | Perl usually over-allocates memory a bit when allocating space for |
317 | Perl usually over-allocates memory a bit when allocating space for |
288 | strings. This flag optionally resizes strings generated by either |
318 | strings. This flag optionally resizes strings generated by either |
289 | C<encode> or C<decode> to their minimum size possible. This can save |
319 | C<encode> or C<decode> to their minimum size possible. This can save |
290 | memory when your JSON texts are either very very long or you have many |
320 | memory when your JSON texts are either very very long or you have many |
291 | short strings. It will also try to downgrade any strings to octet-form |
321 | short strings. It will also try to downgrade any strings to octet-form |
292 | if possible: perl stores strings internally either in an encoding called |
322 | if possible: perl stores strings internally either in an encoding called |
293 | UTF-X or in octet-form. The latter cannot store everything but uses less |
323 | UTF-X or in octet-form. The latter cannot store everything but uses less |
294 | space in general. |
324 | space in general (and some buggy Perl or C code might even rely on that |
|
|
325 | internal representation being used). |
295 | |
326 | |
|
|
327 | The actual definition of what shrink does might change in future versions, |
|
|
328 | but it will always try to save space at the expense of time. |
|
|
329 | |
296 | If C<$enable> is true (or missing), the string returned by C<encode> will be shrunk-to-fit, |
330 | If C<$enable> is true (or missing), the string returned by C<encode> will |
297 | while all strings generated by C<decode> will also be shrunk-to-fit. |
331 | be shrunk-to-fit, while all strings generated by C<decode> will also be |
|
|
332 | shrunk-to-fit. |
298 | |
333 | |
299 | If C<$enable> is false, then the normal perl allocation algorithms are used. |
334 | If C<$enable> is false, then the normal perl allocation algorithms are used. |
300 | If you work with your data, then this is likely to be faster. |
335 | If you work with your data, then this is likely to be faster. |
301 | |
336 | |
302 | In the future, this setting might control other things, such as converting |
337 | In the future, this setting might control other things, such as converting |
303 | strings that look like integers or floats into integers or floats |
338 | strings that look like integers or floats into integers or floats |
304 | internally (there is no difference on the Perl level), saving space. |
339 | internally (there is no difference on the Perl level), saving space. |
|
|
340 | |
|
|
341 | =item $json = $json->max_depth ([$maximum_nesting_depth]) |
|
|
342 | |
|
|
343 | Sets the maximum nesting level (default C<512>) accepted while encoding |
|
|
344 | or decoding. If the JSON text or Perl data structure has an equal or |
|
|
345 | higher nesting level then this limit, then the encoder and decoder will |
|
|
346 | stop and croak at that point. |
|
|
347 | |
|
|
348 | Nesting level is defined by number of hash- or arrayrefs that the encoder |
|
|
349 | needs to traverse to reach a given point or the number of C<{> or C<[> |
|
|
350 | characters without their matching closing parenthesis crossed to reach a |
|
|
351 | given character in a string. |
|
|
352 | |
|
|
353 | Setting the maximum depth to one disallows any nesting, so that ensures |
|
|
354 | that the object is only a single hash/object or array. |
|
|
355 | |
|
|
356 | The argument to C<max_depth> will be rounded up to the next nearest power |
|
|
357 | of two. |
|
|
358 | |
|
|
359 | See SECURITY CONSIDERATIONS, below, for more info on why this is useful. |
305 | |
360 | |
306 | =item $json_text = $json->encode ($perl_scalar) |
361 | =item $json_text = $json->encode ($perl_scalar) |
307 | |
362 | |
308 | Converts the given Perl data structure (a simple scalar or a reference |
363 | Converts the given Perl data structure (a simple scalar or a reference |
309 | to a hash or array) to its JSON representation. Simple scalars will be |
364 | to a hash or array) to its JSON representation. Simple scalars will be |
… | |
… | |
321 | Perl arrayrefs and JSON objects become Perl hashrefs. C<true> becomes |
376 | Perl arrayrefs and JSON objects become Perl hashrefs. C<true> becomes |
322 | C<1>, C<false> becomes C<0> and C<null> becomes C<undef>. |
377 | C<1>, C<false> becomes C<0> and C<null> becomes C<undef>. |
323 | |
378 | |
324 | =back |
379 | =back |
325 | |
380 | |
|
|
381 | |
326 | =head1 MAPPING |
382 | =head1 MAPPING |
327 | |
383 | |
328 | This section describes how JSON::XS maps Perl values to JSON values and |
384 | This section describes how JSON::XS maps Perl values to JSON values and |
329 | vice versa. These mappings are designed to "do the right thing" in most |
385 | vice versa. These mappings are designed to "do the right thing" in most |
330 | circumstances automatically, preserving round-tripping characteristics |
386 | circumstances automatically, preserving round-tripping characteristics |
… | |
… | |
383 | =over 4 |
439 | =over 4 |
384 | |
440 | |
385 | =item hash references |
441 | =item hash references |
386 | |
442 | |
387 | Perl hash references become JSON objects. As there is no inherent ordering |
443 | Perl hash references become JSON objects. As there is no inherent ordering |
388 | in hash keys, they will usually be encoded in a pseudo-random order that |
444 | in hash keys (or JSON objects), they will usually be encoded in a |
389 | can change between runs of the same program but stays generally the same |
445 | pseudo-random order that can change between runs of the same program but |
390 | within a single run of a program. JSON::XS can optionally sort the hash |
446 | stays generally the same within a single run of a program. JSON::XS can |
391 | keys (determined by the I<canonical> flag), so the same datastructure |
447 | optionally sort the hash keys (determined by the I<canonical> flag), so |
392 | will serialise to the same JSON text (given same settings and version of |
448 | the same datastructure will serialise to the same JSON text (given same |
393 | JSON::XS), but this incurs a runtime overhead. |
449 | settings and version of JSON::XS), but this incurs a runtime overhead |
|
|
450 | and is only rarely useful, e.g. when you want to compare some JSON text |
|
|
451 | against another for equality. |
394 | |
452 | |
395 | =item array references |
453 | =item array references |
396 | |
454 | |
397 | Perl array references become JSON arrays. |
455 | Perl array references become JSON arrays. |
|
|
456 | |
|
|
457 | =item other references |
|
|
458 | |
|
|
459 | Other unblessed references are generally not allowed and will cause an |
|
|
460 | exception to be thrown, except for references to the integers C<0> and |
|
|
461 | C<1>, which get turned into C<false> and C<true> atoms in JSON. You can |
|
|
462 | also use C<JSON::XS::false> and C<JSON::XS::true> to improve readability. |
|
|
463 | |
|
|
464 | to_json [\0,JSON::XS::true] # yields [false,true] |
398 | |
465 | |
399 | =item blessed objects |
466 | =item blessed objects |
400 | |
467 | |
401 | Blessed objects are not allowed. JSON::XS currently tries to encode their |
468 | Blessed objects are not allowed. JSON::XS currently tries to encode their |
402 | underlying representation (hash- or arrayref), but this behaviour might |
469 | underlying representation (hash- or arrayref), but this behaviour might |
… | |
… | |
435 | $x *= 1; # same thing, the choise is yours. |
502 | $x *= 1; # same thing, the choise is yours. |
436 | |
503 | |
437 | You can not currently output JSON booleans or force the type in other, |
504 | You can not currently output JSON booleans or force the type in other, |
438 | less obscure, ways. Tell me if you need this capability. |
505 | less obscure, ways. Tell me if you need this capability. |
439 | |
506 | |
440 | =item circular data structures |
|
|
441 | |
|
|
442 | Those will be encoded until memory or stackspace runs out. |
|
|
443 | |
|
|
444 | =back |
507 | =back |
|
|
508 | |
445 | |
509 | |
446 | =head1 COMPARISON |
510 | =head1 COMPARISON |
447 | |
511 | |
448 | As already mentioned, this module was created because none of the existing |
512 | As already mentioned, this module was created because none of the existing |
449 | JSON modules could be made to work correctly. First I will describe the |
513 | JSON modules could be made to work correctly. First I will describe the |
… | |
… | |
578 | (such as JSON::PC) seem to decode faster than JSON::XS, but the result |
642 | (such as JSON::PC) seem to decode faster than JSON::XS, but the result |
579 | will be broken due to missing (or wrong) unicode handling. Others refuse |
643 | will be broken due to missing (or wrong) unicode handling. Others refuse |
580 | to decode or encode properly, so it was impossible to prepare a fair |
644 | to decode or encode properly, so it was impossible to prepare a fair |
581 | comparison table for that case. |
645 | comparison table for that case. |
582 | |
646 | |
583 | =head1 RESOURCE LIMITS |
|
|
584 | |
647 | |
585 | JSON::XS does not impose any limits on the size of JSON texts or Perl |
648 | =head1 SECURITY CONSIDERATIONS |
586 | values they represent - if your machine can handle it, JSON::XS will |
649 | |
587 | encode or decode it. Future versions might optionally impose structure |
650 | When you are using JSON in a protocol, talking to untrusted potentially |
588 | depth and memory use resource limits. |
651 | hostile creatures requires relatively few measures. |
|
|
652 | |
|
|
653 | First of all, your JSON decoder should be secure, that is, should not have |
|
|
654 | any buffer overflows. Obviously, this module should ensure that and I am |
|
|
655 | trying hard on making that true, but you never know. |
|
|
656 | |
|
|
657 | Second, you need to avoid resource-starving attacks. That means you should |
|
|
658 | limit the size of JSON texts you accept, or make sure then when your |
|
|
659 | resources run out, thats just fine (e.g. by using a separate process that |
|
|
660 | can crash safely). The size of a JSON text in octets or characters is |
|
|
661 | usually a good indication of the size of the resources required to decode |
|
|
662 | it into a Perl structure. |
|
|
663 | |
|
|
664 | Third, JSON::XS recurses using the C stack when decoding objects and |
|
|
665 | arrays. The C stack is a limited resource: for instance, on my amd64 |
|
|
666 | machine with 8MB of stack size I can decode around 180k nested arrays but |
|
|
667 | only 14k nested JSON objects (due to perl itself recursing deeply on croak |
|
|
668 | to free the temporary). If that is exceeded, the program crashes. to be |
|
|
669 | conservative, the default nesting limit is set to 512. If your process |
|
|
670 | has a smaller stack, you should adjust this setting accordingly with the |
|
|
671 | C<max_depth> method. |
|
|
672 | |
|
|
673 | And last but least, something else could bomb you that I forgot to think |
|
|
674 | of. In that case, you get to keep the pieces. I am always open for hints, |
|
|
675 | though... |
|
|
676 | |
589 | |
677 | |
590 | =head1 BUGS |
678 | =head1 BUGS |
591 | |
679 | |
592 | While the goal of this module is to be correct, that unfortunately does |
680 | While the goal of this module is to be correct, that unfortunately does |
593 | not mean its bug-free, only that I think its design is bug-free. It is |
681 | not mean its bug-free, only that I think its design is bug-free. It is |
594 | still very young and not well-tested. If you keep reporting bugs they will |
682 | still relatively early in its development. If you keep reporting bugs they |
595 | be fixed swiftly, though. |
683 | will be fixed swiftly, though. |
596 | |
684 | |
597 | =cut |
685 | =cut |
|
|
686 | |
|
|
687 | sub true() { \1 } |
|
|
688 | sub false() { \0 } |
598 | |
689 | |
599 | 1; |
690 | 1; |
600 | |
691 | |
601 | =head1 AUTHOR |
692 | =head1 AUTHOR |
602 | |
693 | |