… | |
… | |
4 | |
4 | |
5 | =head1 SYNOPSIS |
5 | =head1 SYNOPSIS |
6 | |
6 | |
7 | use JSON::XS; |
7 | use JSON::XS; |
8 | |
8 | |
9 | # exported functions, croak on error |
9 | # exported functions, they croak on error |
|
|
10 | # and expect/generate UTF-8 |
10 | |
11 | |
11 | $utf8_encoded_json_text = to_json $perl_hash_or_arrayref; |
12 | $utf8_encoded_json_text = to_json $perl_hash_or_arrayref; |
12 | $perl_hash_or_arrayref = from_json $utf8_encoded_json_text; |
13 | $perl_hash_or_arrayref = from_json $utf8_encoded_json_text; |
13 | |
14 | |
|
|
15 | # objToJson and jsonToObj aliases to to_json and from_json |
|
|
16 | # are exported for compatibility to the JSON module, |
|
|
17 | # but should not be used in new code. |
|
|
18 | |
14 | # oo-interface |
19 | # OO-interface |
15 | |
20 | |
16 | $coder = JSON::XS->new->ascii->pretty->allow_nonref; |
21 | $coder = JSON::XS->new->ascii->pretty->allow_nonref; |
17 | $pretty_printed_unencoded = $coder->encode ($perl_scalar); |
22 | $pretty_printed_unencoded = $coder->encode ($perl_scalar); |
18 | $perl_scalar = $coder->decode ($unicode_json_text); |
23 | $perl_scalar = $coder->decode ($unicode_json_text); |
19 | |
24 | |
… | |
… | |
36 | |
41 | |
37 | =head2 FEATURES |
42 | =head2 FEATURES |
38 | |
43 | |
39 | =over 4 |
44 | =over 4 |
40 | |
45 | |
41 | =item * correct handling of unicode issues |
46 | =item * correct unicode handling |
42 | |
47 | |
43 | This module knows how to handle Unicode, and even documents how and when |
48 | This module knows how to handle Unicode, and even documents how and when |
44 | it does so. |
49 | it does so. |
45 | |
50 | |
46 | =item * round-trip integrity |
51 | =item * round-trip integrity |
47 | |
52 | |
48 | When you serialise a perl data structure using only datatypes supported |
53 | When you serialise a perl data structure using only datatypes supported |
49 | by JSON, the deserialised data structure is identical on the Perl level. |
54 | by JSON, the deserialised data structure is identical on the Perl level. |
50 | (e.g. the string "2.0" doesn't suddenly become "2"). |
55 | (e.g. the string "2.0" doesn't suddenly become "2" just because it looks |
|
|
56 | like a number). |
51 | |
57 | |
52 | =item * strict checking of JSON correctness |
58 | =item * strict checking of JSON correctness |
53 | |
59 | |
54 | There is no guessing, no generating of illegal JSON texts by default, |
60 | There is no guessing, no generating of illegal JSON texts by default, |
55 | and only JSON is accepted as input by default (the latter is a security |
61 | and only JSON is accepted as input by default (the latter is a security |
… | |
… | |
66 | interface. |
72 | interface. |
67 | |
73 | |
68 | =item * reasonably versatile output formats |
74 | =item * reasonably versatile output formats |
69 | |
75 | |
70 | You can choose between the most compact guarenteed single-line format |
76 | You can choose between the most compact guarenteed single-line format |
71 | possible (nice for simple line-based protocols), a pure-ascii format (for |
77 | possible (nice for simple line-based protocols), a pure-ascii format |
72 | when your transport is not 8-bit clean), or a pretty-printed format (for |
78 | (for when your transport is not 8-bit clean, still supports the whole |
73 | when you want to read that stuff). Or you can combine those features in |
79 | unicode range), or a pretty-printed format (for when you want to read that |
74 | whatever way you like. |
80 | stuff). Or you can combine those features in whatever way you like. |
75 | |
81 | |
76 | =back |
82 | =back |
77 | |
83 | |
78 | =cut |
84 | =cut |
79 | |
85 | |
80 | package JSON::XS; |
86 | package JSON::XS; |
81 | |
87 | |
|
|
88 | use strict; |
|
|
89 | |
82 | BEGIN { |
90 | BEGIN { |
83 | $VERSION = '0.5'; |
91 | our $VERSION = '0.8'; |
84 | @ISA = qw(Exporter); |
92 | our @ISA = qw(Exporter); |
85 | |
93 | |
86 | @EXPORT = qw(to_json from_json); |
94 | our @EXPORT = qw(to_json from_json objToJson jsonToObj); |
87 | require Exporter; |
95 | require Exporter; |
88 | |
96 | |
89 | require XSLoader; |
97 | require XSLoader; |
90 | XSLoader::load JSON::XS::, $VERSION; |
98 | XSLoader::load JSON::XS::, $VERSION; |
91 | } |
99 | } |
… | |
… | |
120 | $perl_scalar = JSON::XS->new->utf8->decode ($json_text) |
128 | $perl_scalar = JSON::XS->new->utf8->decode ($json_text) |
121 | |
129 | |
122 | except being faster. |
130 | except being faster. |
123 | |
131 | |
124 | =back |
132 | =back |
|
|
133 | |
125 | |
134 | |
126 | =head1 OBJECT-ORIENTED INTERFACE |
135 | =head1 OBJECT-ORIENTED INTERFACE |
127 | |
136 | |
128 | The object oriented interface lets you configure your own encoding or |
137 | The object oriented interface lets you configure your own encoding or |
129 | decoding style, within the limits of supported formats. |
138 | decoding style, within the limits of supported formats. |
… | |
… | |
275 | => "Hello, World!" |
284 | => "Hello, World!" |
276 | |
285 | |
277 | =item $json = $json->shrink ([$enable]) |
286 | =item $json = $json->shrink ([$enable]) |
278 | |
287 | |
279 | Perl usually over-allocates memory a bit when allocating space for |
288 | Perl usually over-allocates memory a bit when allocating space for |
280 | strings. This flag optionally resizes strings generated by either |
289 | strings. This flag optionally resizes strings generated by either |
281 | C<encode> or C<decode> to their minimum size possible. This can save |
290 | C<encode> or C<decode> to their minimum size possible. This can save |
282 | memory when your JSON texts are either very very long or you have many |
291 | memory when your JSON texts are either very very long or you have many |
283 | short strings. It will also try to downgrade any strings to octet-form |
292 | short strings. It will also try to downgrade any strings to octet-form |
284 | if possible: perl stores strings internally either in an encoding called |
293 | if possible: perl stores strings internally either in an encoding called |
285 | UTF-X or in octet-form. The latter cannot store everything but uses less |
294 | UTF-X or in octet-form. The latter cannot store everything but uses less |
286 | space in general. |
295 | space in general (and some buggy Perl or C code might even rely on that |
|
|
296 | internal representation being used). |
287 | |
297 | |
|
|
298 | The actual definition of what shrink does might change in future versions, |
|
|
299 | but it will always try to save space at the expense of time. |
|
|
300 | |
288 | If C<$enable> is true (or missing), the string returned by C<encode> will be shrunk-to-fit, |
301 | If C<$enable> is true (or missing), the string returned by C<encode> will |
289 | while all strings generated by C<decode> will also be shrunk-to-fit. |
302 | be shrunk-to-fit, while all strings generated by C<decode> will also be |
|
|
303 | shrunk-to-fit. |
290 | |
304 | |
291 | If C<$enable> is false, then the normal perl allocation algorithms are used. |
305 | If C<$enable> is false, then the normal perl allocation algorithms are used. |
292 | If you work with your data, then this is likely to be faster. |
306 | If you work with your data, then this is likely to be faster. |
293 | |
307 | |
294 | In the future, this setting might control other things, such as converting |
308 | In the future, this setting might control other things, such as converting |
295 | strings that look like integers or floats into integers or floats |
309 | strings that look like integers or floats into integers or floats |
296 | internally (there is no difference on the Perl level), saving space. |
310 | internally (there is no difference on the Perl level), saving space. |
|
|
311 | |
|
|
312 | =item $json = $json->max_depth ([$maximum_nesting_depth]) |
|
|
313 | |
|
|
314 | Sets the maximum nesting level (default C<8192>) accepted while encoding |
|
|
315 | or decoding. If the JSON text or Perl data structure has an equal or |
|
|
316 | higher nesting level then this limit, then the encoder and decoder will |
|
|
317 | stop and croak at that point. |
|
|
318 | |
|
|
319 | Nesting level is defined by number of hash- or arrayrefs that the encoder |
|
|
320 | needs to traverse to reach a given point or the number of C<{> or C<[> |
|
|
321 | characters without their matching closing parenthesis crossed to reach a |
|
|
322 | given character in a string. |
|
|
323 | |
|
|
324 | Setting the maximum depth to one disallows any nesting, so that ensures |
|
|
325 | that the object is only a single hash/object or array. |
|
|
326 | |
|
|
327 | The argument to C<max_depth> will be rounded up to the next nearest power |
|
|
328 | of two. |
|
|
329 | |
|
|
330 | See SECURITY CONSIDERATIONS, below, for more info on why this is useful. |
297 | |
331 | |
298 | =item $json_text = $json->encode ($perl_scalar) |
332 | =item $json_text = $json->encode ($perl_scalar) |
299 | |
333 | |
300 | Converts the given Perl data structure (a simple scalar or a reference |
334 | Converts the given Perl data structure (a simple scalar or a reference |
301 | to a hash or array) to its JSON representation. Simple scalars will be |
335 | to a hash or array) to its JSON representation. Simple scalars will be |
… | |
… | |
312 | JSON numbers and strings become simple Perl scalars. JSON arrays become |
346 | JSON numbers and strings become simple Perl scalars. JSON arrays become |
313 | Perl arrayrefs and JSON objects become Perl hashrefs. C<true> becomes |
347 | Perl arrayrefs and JSON objects become Perl hashrefs. C<true> becomes |
314 | C<1>, C<false> becomes C<0> and C<null> becomes C<undef>. |
348 | C<1>, C<false> becomes C<0> and C<null> becomes C<undef>. |
315 | |
349 | |
316 | =back |
350 | =back |
|
|
351 | |
317 | |
352 | |
318 | =head1 MAPPING |
353 | =head1 MAPPING |
319 | |
354 | |
320 | This section describes how JSON::XS maps Perl values to JSON values and |
355 | This section describes how JSON::XS maps Perl values to JSON values and |
321 | vice versa. These mappings are designed to "do the right thing" in most |
356 | vice versa. These mappings are designed to "do the right thing" in most |
… | |
… | |
432 | =item circular data structures |
467 | =item circular data structures |
433 | |
468 | |
434 | Those will be encoded until memory or stackspace runs out. |
469 | Those will be encoded until memory or stackspace runs out. |
435 | |
470 | |
436 | =back |
471 | =back |
|
|
472 | |
437 | |
473 | |
438 | =head1 COMPARISON |
474 | =head1 COMPARISON |
439 | |
475 | |
440 | As already mentioned, this module was created because none of the existing |
476 | As already mentioned, this module was created because none of the existing |
441 | JSON modules could be made to work correctly. First I will describe the |
477 | JSON modules could be made to work correctly. First I will describe the |
… | |
… | |
570 | (such as JSON::PC) seem to decode faster than JSON::XS, but the result |
606 | (such as JSON::PC) seem to decode faster than JSON::XS, but the result |
571 | will be broken due to missing (or wrong) unicode handling. Others refuse |
607 | will be broken due to missing (or wrong) unicode handling. Others refuse |
572 | to decode or encode properly, so it was impossible to prepare a fair |
608 | to decode or encode properly, so it was impossible to prepare a fair |
573 | comparison table for that case. |
609 | comparison table for that case. |
574 | |
610 | |
575 | =head1 RESOURCE LIMITS |
|
|
576 | |
611 | |
577 | JSON::XS does not impose any limits on the size of JSON texts or Perl |
612 | =head1 SECURITY CONSIDERATIONS |
578 | values they represent - if your machine can handle it, JSON::XS will |
613 | |
579 | encode or decode it. Future versions might optionally impose structure |
614 | When you are using JSON in a protocol, talking to untrusted potentially |
580 | depth and memory use resource limits. |
615 | hostile creatures requires relatively few measures. |
|
|
616 | |
|
|
617 | First of all, your JSON decoder should be secure, that is, should not have |
|
|
618 | any buffer overflows. Obviously, this module should ensure that and I am |
|
|
619 | trying hard on making that true, but you never know. |
|
|
620 | |
|
|
621 | Second, you need to avoid resource-starving attacks. That means you should |
|
|
622 | limit the size of JSON texts you accept, or make sure then when your |
|
|
623 | resources run out, thats just fine (e.g. by using a separate process that |
|
|
624 | can crash safely). The size of a JSON text in octets or characters is |
|
|
625 | usually a good indication of the size of the resources required to decode |
|
|
626 | it into a Perl structure. |
|
|
627 | |
|
|
628 | Third, JSON::XS recurses using the C stack when decoding objects and |
|
|
629 | arrays. The C stack is a limited resource: for instance, on my amd64 |
|
|
630 | machine with 8MB of stack size I can decode around 180k nested arrays |
|
|
631 | but only 14k nested JSON objects. If that is exceeded, the program |
|
|
632 | crashes. Thats why the default nesting limit is set to 8192. If your |
|
|
633 | process has a smaller stack, you should adjust this setting accordingly |
|
|
634 | with the C<max_depth> method. |
|
|
635 | |
|
|
636 | And last but least, something else could bomb you that I forgot to think |
|
|
637 | of. In that case, you get to keep the pieces. I am alway sopen for hints, |
|
|
638 | though... |
|
|
639 | |
581 | |
640 | |
582 | =head1 BUGS |
641 | =head1 BUGS |
583 | |
642 | |
584 | While the goal of this module is to be correct, that unfortunately does |
643 | While the goal of this module is to be correct, that unfortunately does |
585 | not mean its bug-free, only that I think its design is bug-free. It is |
644 | not mean its bug-free, only that I think its design is bug-free. It is |
586 | still very young and not well-tested. If you keep reporting bugs they will |
645 | still relatively early in its development. If you keep reporting bugs they |
587 | be fixed swiftly, though. |
646 | will be fixed swiftly, though. |
588 | |
647 | |
589 | =cut |
648 | =cut |
590 | |
649 | |
591 | 1; |
650 | 1; |
592 | |
651 | |