… | |
… | |
83 | this module usually compares favourably in terms of speed, too. |
83 | this module usually compares favourably in terms of speed, too. |
84 | |
84 | |
85 | =item * simple to use |
85 | =item * simple to use |
86 | |
86 | |
87 | This module has both a simple functional interface as well as an object |
87 | This module has both a simple functional interface as well as an object |
88 | oriented interface interface. |
88 | oriented interface. |
89 | |
89 | |
90 | =item * reasonably versatile output formats |
90 | =item * reasonably versatile output formats |
91 | |
91 | |
92 | You can choose between the most compact guaranteed-single-line format |
92 | You can choose between the most compact guaranteed-single-line format |
93 | possible (nice for simple line-based protocols), a pure-ASCII format |
93 | possible (nice for simple line-based protocols), a pure-ASCII format |
… | |
… | |
101 | |
101 | |
102 | package JSON::XS; |
102 | package JSON::XS; |
103 | |
103 | |
104 | use common::sense; |
104 | use common::sense; |
105 | |
105 | |
106 | our $VERSION = 2.34; |
106 | our $VERSION = 3.02; |
107 | our @ISA = qw(Exporter); |
107 | our @ISA = qw(Exporter); |
108 | |
108 | |
109 | our @EXPORT = qw(encode_json decode_json to_json from_json); |
109 | our @EXPORT = qw(encode_json decode_json); |
110 | |
|
|
111 | sub to_json($) { |
|
|
112 | require Carp; |
|
|
113 | Carp::croak ("JSON::XS::to_json has been renamed to encode_json, either downgrade to pre-2.0 versions of JSON::XS or rename the call"); |
|
|
114 | } |
|
|
115 | |
|
|
116 | sub from_json($) { |
|
|
117 | require Carp; |
|
|
118 | Carp::croak ("JSON::XS::from_json has been renamed to decode_json, either downgrade to pre-2.0 versions of JSON::XS or rename the call"); |
|
|
119 | } |
|
|
120 | |
110 | |
121 | use Exporter; |
111 | use Exporter; |
122 | use XSLoader; |
112 | use XSLoader; |
|
|
113 | |
|
|
114 | use Types::Serialiser (); |
123 | |
115 | |
124 | =head1 FUNCTIONAL INTERFACE |
116 | =head1 FUNCTIONAL INTERFACE |
125 | |
117 | |
126 | The following convenience methods are provided by this module. They are |
118 | The following convenience methods are provided by this module. They are |
127 | exported by default: |
119 | exported by default: |
… | |
… | |
148 | This function call is functionally identical to: |
140 | This function call is functionally identical to: |
149 | |
141 | |
150 | $perl_scalar = JSON::XS->new->utf8->decode ($json_text) |
142 | $perl_scalar = JSON::XS->new->utf8->decode ($json_text) |
151 | |
143 | |
152 | Except being faster. |
144 | Except being faster. |
153 | |
|
|
154 | =item $is_boolean = JSON::XS::is_bool $scalar |
|
|
155 | |
|
|
156 | Returns true if the passed scalar represents either JSON::XS::true or |
|
|
157 | JSON::XS::false, two constants that act like C<1> and C<0>, respectively |
|
|
158 | and are used to represent JSON C<true> and C<false> values in Perl. |
|
|
159 | |
|
|
160 | See MAPPING, below, for more information on how JSON values are mapped to |
|
|
161 | Perl. |
|
|
162 | |
145 | |
163 | =back |
146 | =back |
164 | |
147 | |
165 | |
148 | |
166 | =head1 A FEW NOTES ON UNICODE AND PERL |
149 | =head1 A FEW NOTES ON UNICODE AND PERL |
… | |
… | |
421 | [ |
404 | [ |
422 | 1, # this comment not allowed in JSON |
405 | 1, # this comment not allowed in JSON |
423 | # neither this one... |
406 | # neither this one... |
424 | ] |
407 | ] |
425 | |
408 | |
|
|
409 | =item * literal ASCII TAB characters in strings |
|
|
410 | |
|
|
411 | Literal ASCII TAB characters are now allowed in strings (and treated as |
|
|
412 | C<\t>). |
|
|
413 | |
|
|
414 | [ |
|
|
415 | "Hello\tWorld", |
|
|
416 | "Hello<TAB>World", # literal <TAB> would not normally be allowed |
|
|
417 | ] |
|
|
418 | |
426 | =back |
419 | =back |
427 | |
420 | |
428 | =item $json = $json->canonical ([$enable]) |
421 | =item $json = $json->canonical ([$enable]) |
429 | |
422 | |
430 | =item $enabled = $json->get_canonical |
423 | =item $enabled = $json->get_canonical |
… | |
… | |
484 | |
477 | |
485 | =item $json = $json->allow_blessed ([$enable]) |
478 | =item $json = $json->allow_blessed ([$enable]) |
486 | |
479 | |
487 | =item $enabled = $json->get_allow_blessed |
480 | =item $enabled = $json->get_allow_blessed |
488 | |
481 | |
|
|
482 | See L<OBJECT SERIALISATION> for details. |
|
|
483 | |
489 | If C<$enable> is true (or missing), then the C<encode> method will not |
484 | If C<$enable> is true (or missing), then the C<encode> method will not |
490 | barf when it encounters a blessed reference. Instead, the value of the |
485 | barf when it encounters a blessed reference that it cannot convert |
491 | B<convert_blessed> option will decide whether C<null> (C<convert_blessed> |
486 | otherwise. Instead, a JSON C<null> value is encoded instead of the object. |
492 | disabled or no C<TO_JSON> method found) or a representation of the |
|
|
493 | object (C<convert_blessed> enabled and C<TO_JSON> method found) is being |
|
|
494 | encoded. Has no effect on C<decode>. |
|
|
495 | |
487 | |
496 | If C<$enable> is false (the default), then C<encode> will throw an |
488 | If C<$enable> is false (the default), then C<encode> will throw an |
497 | exception when it encounters a blessed object. |
489 | exception when it encounters a blessed object that it cannot convert |
|
|
490 | otherwise. |
|
|
491 | |
|
|
492 | This setting has no effect on C<decode>. |
498 | |
493 | |
499 | =item $json = $json->convert_blessed ([$enable]) |
494 | =item $json = $json->convert_blessed ([$enable]) |
500 | |
495 | |
501 | =item $enabled = $json->get_convert_blessed |
496 | =item $enabled = $json->get_convert_blessed |
|
|
497 | |
|
|
498 | See L<OBJECT SERIALISATION> for details. |
502 | |
499 | |
503 | If C<$enable> is true (or missing), then C<encode>, upon encountering a |
500 | If C<$enable> is true (or missing), then C<encode>, upon encountering a |
504 | blessed object, will check for the availability of the C<TO_JSON> method |
501 | blessed object, will check for the availability of the C<TO_JSON> method |
505 | on the object's class. If found, it will be called in scalar context |
502 | on the object's class. If found, it will be called in scalar context and |
506 | and the resulting scalar will be encoded instead of the object. If no |
503 | the resulting scalar will be encoded instead of the object. |
507 | C<TO_JSON> method is found, the value of C<allow_blessed> will decide what |
|
|
508 | to do. |
|
|
509 | |
504 | |
510 | The C<TO_JSON> method may safely call die if it wants. If C<TO_JSON> |
505 | The C<TO_JSON> method may safely call die if it wants. If C<TO_JSON> |
511 | returns other blessed objects, those will be handled in the same |
506 | returns other blessed objects, those will be handled in the same |
512 | way. C<TO_JSON> must take care of not causing an endless recursion cycle |
507 | way. C<TO_JSON> must take care of not causing an endless recursion cycle |
513 | (== crash) in this case. The name of C<TO_JSON> was chosen because other |
508 | (== crash) in this case. The name of C<TO_JSON> was chosen because other |
514 | methods called by the Perl core (== not by the user of the object) are |
509 | methods called by the Perl core (== not by the user of the object) are |
515 | usually in upper case letters and to avoid collisions with any C<to_json> |
510 | usually in upper case letters and to avoid collisions with any C<to_json> |
516 | function or method. |
511 | function or method. |
517 | |
512 | |
518 | This setting does not yet influence C<decode> in any way, but in the |
513 | If C<$enable> is false (the default), then C<encode> will not consider |
519 | future, global hooks might get installed that influence C<decode> and are |
514 | this type of conversion. |
520 | enabled by this setting. |
|
|
521 | |
515 | |
522 | If C<$enable> is false, then the C<allow_blessed> setting will decide what |
516 | This setting has no effect on C<decode>. |
523 | to do when a blessed object is found. |
517 | |
|
|
518 | =item $json = $json->allow_tags ([$enable]) |
|
|
519 | |
|
|
520 | =item $enabled = $json->allow_tags |
|
|
521 | |
|
|
522 | See L<OBJECT SERIALISATION> for details. |
|
|
523 | |
|
|
524 | If C<$enable> is true (or missing), then C<encode>, upon encountering a |
|
|
525 | blessed object, will check for the availability of the C<FREEZE> method on |
|
|
526 | the object's class. If found, it will be used to serialise the object into |
|
|
527 | a nonstandard tagged JSON value (that JSON decoders cannot decode). |
|
|
528 | |
|
|
529 | It also causes C<decode> to parse such tagged JSON values and deserialise |
|
|
530 | them via a call to the C<THAW> method. |
|
|
531 | |
|
|
532 | If C<$enable> is false (the default), then C<encode> will not consider |
|
|
533 | this type of conversion, and tagged JSON values will cause a parse error |
|
|
534 | in C<decode>, as if tags were not part of the grammar. |
524 | |
535 | |
525 | =item $json = $json->filter_json_object ([$coderef->($hashref)]) |
536 | =item $json = $json->filter_json_object ([$coderef->($hashref)]) |
526 | |
537 | |
527 | When C<$coderef> is specified, it will be called from C<decode> each |
538 | When C<$coderef> is specified, it will be called from C<decode> each |
528 | time it decodes a JSON object. The only argument is a reference to the |
539 | time it decodes a JSON object. The only argument is a reference to the |
… | |
… | |
667 | |
678 | |
668 | See SECURITY CONSIDERATIONS, below, for more info on why this is useful. |
679 | See SECURITY CONSIDERATIONS, below, for more info on why this is useful. |
669 | |
680 | |
670 | =item $json_text = $json->encode ($perl_scalar) |
681 | =item $json_text = $json->encode ($perl_scalar) |
671 | |
682 | |
672 | Converts the given Perl data structure (a simple scalar or a reference |
683 | Converts the given Perl value or data structure to its JSON |
673 | to a hash or array) to its JSON representation. Simple scalars will be |
684 | representation. Croaks on error. |
674 | converted into JSON string or number sequences, while references to arrays |
|
|
675 | become JSON arrays and references to hashes become JSON objects. Undefined |
|
|
676 | Perl values (e.g. C<undef>) become JSON C<null> values. Neither C<true> |
|
|
677 | nor C<false> values will be generated. |
|
|
678 | |
685 | |
679 | =item $perl_scalar = $json->decode ($json_text) |
686 | =item $perl_scalar = $json->decode ($json_text) |
680 | |
687 | |
681 | The opposite of C<encode>: expects a JSON text and tries to parse it, |
688 | The opposite of C<encode>: expects a JSON text and tries to parse it, |
682 | returning the resulting simple scalar or reference. Croaks on error. |
689 | returning the resulting simple scalar or reference. Croaks on error. |
683 | |
|
|
684 | JSON numbers and strings become simple Perl scalars. JSON arrays become |
|
|
685 | Perl arrayrefs and JSON objects become Perl hashrefs. C<true> becomes |
|
|
686 | C<1>, C<false> becomes C<0> and C<null> becomes C<undef>. |
|
|
687 | |
690 | |
688 | =item ($perl_scalar, $characters) = $json->decode_prefix ($json_text) |
691 | =item ($perl_scalar, $characters) = $json->decode_prefix ($json_text) |
689 | |
692 | |
690 | This works like the C<decode> method, but instead of raising an exception |
693 | This works like the C<decode> method, but instead of raising an exception |
691 | when there is trailing garbage after the first JSON object, it will |
694 | when there is trailing garbage after the first JSON object, it will |
692 | silently stop parsing there and return the number of characters consumed |
695 | silently stop parsing there and return the number of characters consumed |
693 | so far. |
696 | so far. |
694 | |
697 | |
695 | This is useful if your JSON texts are not delimited by an outer protocol |
698 | This is useful if your JSON texts are not delimited by an outer protocol |
696 | (which is not the brightest thing to do in the first place) and you need |
|
|
697 | to know where the JSON text ends. |
699 | and you need to know where the JSON text ends. |
698 | |
700 | |
699 | JSON::XS->new->decode_prefix ("[1] the tail") |
701 | JSON::XS->new->decode_prefix ("[1] the tail") |
700 | => ([], 3) |
702 | => ([1], 3) |
701 | |
703 | |
702 | =back |
704 | =back |
703 | |
705 | |
704 | |
706 | |
705 | =head1 INCREMENTAL PARSING |
707 | =head1 INCREMENTAL PARSING |
… | |
… | |
741 | |
743 | |
742 | If the method is called in scalar context, then it will try to extract |
744 | If the method is called in scalar context, then it will try to extract |
743 | exactly I<one> JSON object. If that is successful, it will return this |
745 | exactly I<one> JSON object. If that is successful, it will return this |
744 | object, otherwise it will return C<undef>. If there is a parse error, |
746 | object, otherwise it will return C<undef>. If there is a parse error, |
745 | this method will croak just as C<decode> would do (one can then use |
747 | this method will croak just as C<decode> would do (one can then use |
746 | C<incr_skip> to skip the errornous part). This is the most common way of |
748 | C<incr_skip> to skip the erroneous part). This is the most common way of |
747 | using the method. |
749 | using the method. |
748 | |
750 | |
749 | And finally, in list context, it will try to extract as many objects |
751 | And finally, in list context, it will try to extract as many objects |
750 | from the stream as it can find and return them, or the empty list |
752 | from the stream as it can find and return them, or the empty list |
751 | otherwise. For this to work, there must be no separators between the JSON |
753 | otherwise. For this to work, there must be no separators between the JSON |
… | |
… | |
780 | C<incr_parse> died, in which case the input buffer and incremental parser |
782 | C<incr_parse> died, in which case the input buffer and incremental parser |
781 | state is left unchanged, to skip the text parsed so far and to reset the |
783 | state is left unchanged, to skip the text parsed so far and to reset the |
782 | parse state. |
784 | parse state. |
783 | |
785 | |
784 | The difference to C<incr_reset> is that only text until the parse error |
786 | The difference to C<incr_reset> is that only text until the parse error |
785 | occured is removed. |
787 | occurred is removed. |
786 | |
788 | |
787 | =item $json->incr_reset |
789 | =item $json->incr_reset |
788 | |
790 | |
789 | This completely resets the incremental parser, that is, after this call, |
791 | This completely resets the incremental parser, that is, after this call, |
790 | it will be as if the parser had never parsed anything. |
792 | it will be as if the parser had never parsed anything. |
… | |
… | |
796 | =back |
798 | =back |
797 | |
799 | |
798 | =head2 LIMITATIONS |
800 | =head2 LIMITATIONS |
799 | |
801 | |
800 | All options that affect decoding are supported, except |
802 | All options that affect decoding are supported, except |
801 | C<allow_nonref>. The reason for this is that it cannot be made to |
803 | C<allow_nonref>. The reason for this is that it cannot be made to work |
802 | work sensibly: JSON objects and arrays are self-delimited, i.e. you can concatenate |
804 | sensibly: JSON objects and arrays are self-delimited, i.e. you can |
803 | them back to back and still decode them perfectly. This does not hold true |
805 | concatenate them back to back and still decode them perfectly. This does |
804 | for JSON numbers, however. |
806 | not hold true for JSON numbers, however. |
805 | |
807 | |
806 | For example, is the string C<1> a single JSON number, or is it simply the |
808 | For example, is the string C<1> a single JSON number, or is it simply the |
807 | start of C<12>? Or is C<12> a single JSON number, or the concatenation |
809 | start of C<12>? Or is C<12> a single JSON number, or the concatenation |
808 | of C<1> and C<2>? In neither case you can tell, and this is why JSON::XS |
810 | of C<1> and C<2>? In neither case you can tell, and this is why JSON::XS |
809 | takes the conservative route and disallows this case. |
811 | takes the conservative route and disallows this case. |
… | |
… | |
988 | If the number consists of digits only, JSON::XS will try to represent |
990 | If the number consists of digits only, JSON::XS will try to represent |
989 | it as an integer value. If that fails, it will try to represent it as |
991 | it as an integer value. If that fails, it will try to represent it as |
990 | a numeric (floating point) value if that is possible without loss of |
992 | a numeric (floating point) value if that is possible without loss of |
991 | precision. Otherwise it will preserve the number as a string value (in |
993 | precision. Otherwise it will preserve the number as a string value (in |
992 | which case you lose roundtripping ability, as the JSON number will be |
994 | which case you lose roundtripping ability, as the JSON number will be |
993 | re-encoded toa JSON string). |
995 | re-encoded to a JSON string). |
994 | |
996 | |
995 | Numbers containing a fractional or exponential part will always be |
997 | Numbers containing a fractional or exponential part will always be |
996 | represented as numeric (floating point) values, possibly at a loss of |
998 | represented as numeric (floating point) values, possibly at a loss of |
997 | precision (in which case you might lose perfect roundtripping ability, but |
999 | precision (in which case you might lose perfect roundtripping ability, but |
998 | the JSON number will still be re-encoded as a JSON number). |
1000 | the JSON number will still be re-encoded as a JSON number). |
999 | |
1001 | |
1000 | Note that precision is not accuracy - binary floating point values cannot |
1002 | Note that precision is not accuracy - binary floating point values cannot |
1001 | represent most decimal fractions exactly, and when converting from and to |
1003 | represent most decimal fractions exactly, and when converting from and to |
1002 | floating point, JSON::XS only guarantees precision up to but not including |
1004 | floating point, JSON::XS only guarantees precision up to but not including |
1003 | the leats significant bit. |
1005 | the least significant bit. |
1004 | |
1006 | |
1005 | =item true, false |
1007 | =item true, false |
1006 | |
1008 | |
1007 | These JSON atoms become C<JSON::XS::true> and C<JSON::XS::false>, |
1009 | These JSON atoms become C<Types::Serialiser::true> and |
1008 | respectively. They are overloaded to act almost exactly like the numbers |
1010 | C<Types::Serialiser::false>, respectively. They are overloaded to act |
1009 | C<1> and C<0>. You can check whether a scalar is a JSON boolean by using |
1011 | almost exactly like the numbers C<1> and C<0>. You can check whether |
1010 | the C<JSON::XS::is_bool> function. |
1012 | a scalar is a JSON boolean by using the C<Types::Serialiser::is_bool> |
|
|
1013 | function (after C<use Types::Serialier>, of course). |
1011 | |
1014 | |
1012 | =item null |
1015 | =item null |
1013 | |
1016 | |
1014 | A JSON null atom becomes C<undef> in Perl. |
1017 | A JSON null atom becomes C<undef> in Perl. |
|
|
1018 | |
|
|
1019 | =item shell-style comments (C<< # I<text> >>) |
|
|
1020 | |
|
|
1021 | As a nonstandard extension to the JSON syntax that is enabled by the |
|
|
1022 | C<relaxed> setting, shell-style comments are allowed. They can start |
|
|
1023 | anywhere outside strings and go till the end of the line. |
|
|
1024 | |
|
|
1025 | =item tagged values (C<< (I<tag>)I<value> >>). |
|
|
1026 | |
|
|
1027 | Another nonstandard extension to the JSON syntax, enabled with the |
|
|
1028 | C<allow_tags> setting, are tagged values. In this implementation, the |
|
|
1029 | I<tag> must be a perl package/class name encoded as a JSON string, and the |
|
|
1030 | I<value> must be a JSON array encoding optional constructor arguments. |
|
|
1031 | |
|
|
1032 | See L<OBJECT SERIALISATION>, below, for details. |
1015 | |
1033 | |
1016 | =back |
1034 | =back |
1017 | |
1035 | |
1018 | |
1036 | |
1019 | =head2 PERL -> JSON |
1037 | =head2 PERL -> JSON |
… | |
… | |
1024 | |
1042 | |
1025 | =over 4 |
1043 | =over 4 |
1026 | |
1044 | |
1027 | =item hash references |
1045 | =item hash references |
1028 | |
1046 | |
1029 | Perl hash references become JSON objects. As there is no inherent ordering |
1047 | Perl hash references become JSON objects. As there is no inherent |
1030 | in hash keys (or JSON objects), they will usually be encoded in a |
1048 | ordering in hash keys (or JSON objects), they will usually be encoded |
1031 | pseudo-random order that can change between runs of the same program but |
1049 | in a pseudo-random order. JSON::XS can optionally sort the hash keys |
1032 | stays generally the same within a single run of a program. JSON::XS can |
1050 | (determined by the I<canonical> flag), so the same datastructure will |
1033 | optionally sort the hash keys (determined by the I<canonical> flag), so |
1051 | serialise to the same JSON text (given same settings and version of |
1034 | the same datastructure will serialise to the same JSON text (given same |
1052 | JSON::XS), but this incurs a runtime overhead and is only rarely useful, |
1035 | settings and version of JSON::XS), but this incurs a runtime overhead |
1053 | e.g. when you want to compare some JSON text against another for equality. |
1036 | and is only rarely useful, e.g. when you want to compare some JSON text |
|
|
1037 | against another for equality. |
|
|
1038 | |
1054 | |
1039 | =item array references |
1055 | =item array references |
1040 | |
1056 | |
1041 | Perl array references become JSON arrays. |
1057 | Perl array references become JSON arrays. |
1042 | |
1058 | |
1043 | =item other references |
1059 | =item other references |
1044 | |
1060 | |
1045 | Other unblessed references are generally not allowed and will cause an |
1061 | Other unblessed references are generally not allowed and will cause an |
1046 | exception to be thrown, except for references to the integers C<0> and |
1062 | exception to be thrown, except for references to the integers C<0> and |
1047 | C<1>, which get turned into C<false> and C<true> atoms in JSON. You can |
1063 | C<1>, which get turned into C<false> and C<true> atoms in JSON. |
1048 | also use C<JSON::XS::false> and C<JSON::XS::true> to improve readability. |
|
|
1049 | |
1064 | |
|
|
1065 | Since C<JSON::XS> uses the boolean model from L<Types::Serialiser>, you |
|
|
1066 | can also C<use Types::Serialiser> and then use C<Types::Serialiser::false> |
|
|
1067 | and C<Types::Serialiser::true> to improve readability. |
|
|
1068 | |
|
|
1069 | use Types::Serialiser; |
1050 | encode_json [\0, JSON::XS::true] # yields [false,true] |
1070 | encode_json [\0, Types::Serialiser::true] # yields [false,true] |
1051 | |
1071 | |
1052 | =item JSON::XS::true, JSON::XS::false |
1072 | =item Types::Serialiser::true, Types::Serialiser::false |
1053 | |
1073 | |
1054 | These special values become JSON true and JSON false values, |
1074 | These special values from the L<Types::Serialiser> module become JSON true |
1055 | respectively. You can also use C<\1> and C<\0> directly if you want. |
1075 | and JSON false values, respectively. You can also use C<\1> and C<\0> |
|
|
1076 | directly if you want. |
1056 | |
1077 | |
1057 | =item blessed objects |
1078 | =item blessed objects |
1058 | |
1079 | |
1059 | Blessed objects are not directly representable in JSON. See the |
1080 | Blessed objects are not directly representable in JSON, but C<JSON::XS> |
1060 | C<allow_blessed> and C<convert_blessed> methods on various options on |
1081 | allows various ways of handling objects. See L<OBJECT SERIALISATION>, |
1061 | how to deal with this: basically, you can choose between throwing an |
1082 | below, for details. |
1062 | exception, encoding the reference as if it weren't blessed, or provide |
|
|
1063 | your own serialiser method. |
|
|
1064 | |
1083 | |
1065 | =item simple scalars |
1084 | =item simple scalars |
1066 | |
1085 | |
1067 | Simple Perl scalars (any scalar that is not a reference) are the most |
1086 | Simple Perl scalars (any scalar that is not a reference) are the most |
1068 | difficult objects to encode: JSON::XS will encode undefined scalars as |
1087 | difficult objects to encode: JSON::XS will encode undefined scalars as |
… | |
… | |
1105 | infinities or NaN's - these cannot be represented in JSON, and it is an |
1124 | infinities or NaN's - these cannot be represented in JSON, and it is an |
1106 | error to pass those in. |
1125 | error to pass those in. |
1107 | |
1126 | |
1108 | =back |
1127 | =back |
1109 | |
1128 | |
|
|
1129 | =head2 OBJECT SERIALISATION |
|
|
1130 | |
|
|
1131 | As JSON cannot directly represent Perl objects, you have to choose between |
|
|
1132 | a pure JSON representation (without the ability to deserialise the object |
|
|
1133 | automatically again), and a nonstandard extension to the JSON syntax, |
|
|
1134 | tagged values. |
|
|
1135 | |
|
|
1136 | =head3 SERIALISATION |
|
|
1137 | |
|
|
1138 | What happens when C<JSON::XS> encounters a Perl object depends on the |
|
|
1139 | C<allow_blessed>, C<convert_blessed> and C<allow_tags> settings, which are |
|
|
1140 | used in this order: |
|
|
1141 | |
|
|
1142 | =over 4 |
|
|
1143 | |
|
|
1144 | =item 1. C<allow_tags> is enabled and the object has a C<FREEZE> method. |
|
|
1145 | |
|
|
1146 | In this case, C<JSON::XS> uses the L<Types::Serialiser> object |
|
|
1147 | serialisation protocol to create a tagged JSON value, using a nonstandard |
|
|
1148 | extension to the JSON syntax. |
|
|
1149 | |
|
|
1150 | This works by invoking the C<FREEZE> method on the object, with the first |
|
|
1151 | argument being the object to serialise, and the second argument being the |
|
|
1152 | constant string C<JSON> to distinguish it from other serialisers. |
|
|
1153 | |
|
|
1154 | The C<FREEZE> method can return any number of values (i.e. zero or |
|
|
1155 | more). These values and the paclkage/classname of the object will then be |
|
|
1156 | encoded as a tagged JSON value in the following format: |
|
|
1157 | |
|
|
1158 | ("classname")[FREEZE return values...] |
|
|
1159 | |
|
|
1160 | e.g.: |
|
|
1161 | |
|
|
1162 | ("URI")["http://www.google.com/"] |
|
|
1163 | ("MyDate")[2013,10,29] |
|
|
1164 | ("ImageData::JPEG")["Z3...VlCg=="] |
|
|
1165 | |
|
|
1166 | For example, the hypothetical C<My::Object> C<FREEZE> method might use the |
|
|
1167 | objects C<type> and C<id> members to encode the object: |
|
|
1168 | |
|
|
1169 | sub My::Object::FREEZE { |
|
|
1170 | my ($self, $serialiser) = @_; |
|
|
1171 | |
|
|
1172 | ($self->{type}, $self->{id}) |
|
|
1173 | } |
|
|
1174 | |
|
|
1175 | =item 2. C<convert_blessed> is enabled and the object has a C<TO_JSON> method. |
|
|
1176 | |
|
|
1177 | In this case, the C<TO_JSON> method of the object is invoked in scalar |
|
|
1178 | context. It must return a single scalar that can be directly encoded into |
|
|
1179 | JSON. This scalar replaces the object in the JSON text. |
|
|
1180 | |
|
|
1181 | For example, the following C<TO_JSON> method will convert all L<URI> |
|
|
1182 | objects to JSON strings when serialised. The fatc that these values |
|
|
1183 | originally were L<URI> objects is lost. |
|
|
1184 | |
|
|
1185 | sub URI::TO_JSON { |
|
|
1186 | my ($uri) = @_; |
|
|
1187 | $uri->as_string |
|
|
1188 | } |
|
|
1189 | |
|
|
1190 | =item 3. C<allow_blessed> is enabled. |
|
|
1191 | |
|
|
1192 | The object will be serialised as a JSON null value. |
|
|
1193 | |
|
|
1194 | =item 4. none of the above |
|
|
1195 | |
|
|
1196 | If none of the settings are enabled or the respective methods are missing, |
|
|
1197 | C<JSON::XS> throws an exception. |
|
|
1198 | |
|
|
1199 | =back |
|
|
1200 | |
|
|
1201 | =head3 DESERIALISATION |
|
|
1202 | |
|
|
1203 | For deserialisation there are only two cases to consider: either |
|
|
1204 | nonstandard tagging was used, in which case C<allow_tags> decides, |
|
|
1205 | or objects cannot be automatically be deserialised, in which |
|
|
1206 | case you can use postprocessing or the C<filter_json_object> or |
|
|
1207 | C<filter_json_single_key_object> callbacks to get some real objects our of |
|
|
1208 | your JSON. |
|
|
1209 | |
|
|
1210 | This section only considers the tagged value case: I a tagged JSON object |
|
|
1211 | is encountered during decoding and C<allow_tags> is disabled, a parse |
|
|
1212 | error will result (as if tagged values were not part of the grammar). |
|
|
1213 | |
|
|
1214 | If C<allow_tags> is enabled, C<JSON::XS> will look up the C<THAW> method |
|
|
1215 | of the package/classname used during serialisation (it will not attempt |
|
|
1216 | to load the package as a Perl module). If there is no such method, the |
|
|
1217 | decoding will fail with an error. |
|
|
1218 | |
|
|
1219 | Otherwise, the C<THAW> method is invoked with the classname as first |
|
|
1220 | argument, the constant string C<JSON> as second argument, and all the |
|
|
1221 | values from the JSON array (the values originally returned by the |
|
|
1222 | C<FREEZE> method) as remaining arguments. |
|
|
1223 | |
|
|
1224 | The method must then return the object. While technically you can return |
|
|
1225 | any Perl scalar, you might have to enable the C<enable_nonref> setting to |
|
|
1226 | make that work in all cases, so better return an actual blessed reference. |
|
|
1227 | |
|
|
1228 | As an example, let's implement a C<THAW> function that regenerates the |
|
|
1229 | C<My::Object> from the C<FREEZE> example earlier: |
|
|
1230 | |
|
|
1231 | sub My::Object::THAW { |
|
|
1232 | my ($class, $serialiser, $type, $id) = @_; |
|
|
1233 | |
|
|
1234 | $class->new (type => $type, id => $id) |
|
|
1235 | } |
|
|
1236 | |
1110 | |
1237 | |
1111 | =head1 ENCODING/CODESET FLAG NOTES |
1238 | =head1 ENCODING/CODESET FLAG NOTES |
1112 | |
1239 | |
1113 | The interested reader might have seen a number of flags that signify |
1240 | The interested reader might have seen a number of flags that signify |
1114 | encodings or codesets - C<utf8>, C<latin1> and C<ascii>. There seems to be |
1241 | encodings or codesets - C<utf8>, C<latin1> and C<ascii>. There seems to be |
… | |
… | |
1138 | =item C<utf8> flag disabled |
1265 | =item C<utf8> flag disabled |
1139 | |
1266 | |
1140 | When C<utf8> is disabled (the default), then C<encode>/C<decode> generate |
1267 | When C<utf8> is disabled (the default), then C<encode>/C<decode> generate |
1141 | and expect Unicode strings, that is, characters with high ordinal Unicode |
1268 | and expect Unicode strings, that is, characters with high ordinal Unicode |
1142 | values (> 255) will be encoded as such characters, and likewise such |
1269 | values (> 255) will be encoded as such characters, and likewise such |
1143 | characters are decoded as-is, no canges to them will be done, except |
1270 | characters are decoded as-is, no changes to them will be done, except |
1144 | "(re-)interpreting" them as Unicode codepoints or Unicode characters, |
1271 | "(re-)interpreting" them as Unicode codepoints or Unicode characters, |
1145 | respectively (to Perl, these are the same thing in strings unless you do |
1272 | respectively (to Perl, these are the same thing in strings unless you do |
1146 | funny/weird/dumb stuff). |
1273 | funny/weird/dumb stuff). |
1147 | |
1274 | |
1148 | This is useful when you want to do the encoding yourself (e.g. when you |
1275 | This is useful when you want to do the encoding yourself (e.g. when you |
… | |
… | |
1264 | output for these property strings, e.g.: |
1391 | output for these property strings, e.g.: |
1265 | |
1392 | |
1266 | $json =~ s/"__proto__"\s*:/"__proto__renamed":/g; |
1393 | $json =~ s/"__proto__"\s*:/"__proto__renamed":/g; |
1267 | |
1394 | |
1268 | This works because C<__proto__> is not valid outside of strings, so every |
1395 | This works because C<__proto__> is not valid outside of strings, so every |
1269 | occurence of C<"__proto__"\s*:> must be a string used as property name. |
1396 | occurrence of C<"__proto__"\s*:> must be a string used as property name. |
1270 | |
1397 | |
1271 | If you know of other incompatibilities, please let me know. |
1398 | If you know of other incompatibilities, please let me know. |
1272 | |
1399 | |
1273 | |
1400 | |
1274 | =head2 JSON and YAML |
1401 | =head2 JSON and YAML |
… | |
… | |
1436 | are browser design bugs, but it is still you who will have to deal with |
1563 | are browser design bugs, but it is still you who will have to deal with |
1437 | it, as major browser developers care only for features, not about getting |
1564 | it, as major browser developers care only for features, not about getting |
1438 | security right). |
1565 | security right). |
1439 | |
1566 | |
1440 | |
1567 | |
|
|
1568 | =head1 "OLD" VS. "NEW" JSON (RFC 4627 VS. RFC 7159) |
|
|
1569 | |
|
|
1570 | TL;DR: Due to security concerns, JSON::XS will not allow scalar data in |
|
|
1571 | JSON texts by default - you need to create your own JSON::XS object and |
|
|
1572 | enable C<allow_nonref>: |
|
|
1573 | |
|
|
1574 | |
|
|
1575 | my $json = JSON::XS->new->allow_nonref; |
|
|
1576 | |
|
|
1577 | $text = $json->encode ($data); |
|
|
1578 | $data = $json->decode ($text); |
|
|
1579 | |
|
|
1580 | The long version: JSON being an important and supposedly stable format, |
|
|
1581 | the IETF standardised it as RFC 4627 in 2006. Unfortunately, the inventor |
|
|
1582 | of JSON, Dougles Crockford, unilaterally changed the definition of JSON in |
|
|
1583 | javascript. Rather than create a fork, the IETF decided to standardise the |
|
|
1584 | new syntax (apparently, so Iw as told, without finding it very amusing). |
|
|
1585 | |
|
|
1586 | The biggest difference between thed original JSON and the new JSON is that |
|
|
1587 | the new JSON supports scalars (anything other than arrays and objects) at |
|
|
1588 | the toplevel of a JSON text. While this is strictly backwards compatible |
|
|
1589 | to older versions, it breaks a number of protocols that relied on sending |
|
|
1590 | JSON back-to-back, and is a minor security concern. |
|
|
1591 | |
|
|
1592 | For example, imagine you have two banks communicating, and on one side, |
|
|
1593 | trhe JSON coder gets upgraded. Two messages, such as C<10> and C<1000> |
|
|
1594 | might then be confused to mean C<101000>, something that couldn't happen |
|
|
1595 | in the original JSON, because niether of these messages would be valid |
|
|
1596 | JSON. |
|
|
1597 | |
|
|
1598 | If one side accepts these messages, then an upgrade in the coder on either |
|
|
1599 | side could result in this becoming exploitable. |
|
|
1600 | |
|
|
1601 | This module has always allowed these messages as an optional extension, by |
|
|
1602 | default disabled. The security concerns are the reason why the default is |
|
|
1603 | still disabled, but future versions might/will likely upgrade to the newer |
|
|
1604 | RFC as default format, so you are advised to check your implementation |
|
|
1605 | and/or override the default with C<< ->allow_nonref (0) >> to ensure that |
|
|
1606 | future versions are safe. |
|
|
1607 | |
|
|
1608 | |
|
|
1609 | =head1 INTEROPERABILITY WITH OTHER MODULES |
|
|
1610 | |
|
|
1611 | C<JSON::XS> uses the L<Types::Serialiser> module to provide boolean |
|
|
1612 | constants. That means that the JSON true and false values will be |
|
|
1613 | comaptible to true and false values of iother modules that do the same, |
|
|
1614 | such as L<JSON::PP> and L<CBOR::XS>. |
|
|
1615 | |
|
|
1616 | |
|
|
1617 | =head1 INTEROPERABILITY WITH OTHER JSON DECODERS |
|
|
1618 | |
|
|
1619 | As long as you only serialise data that can be directly expressed in JSON, |
|
|
1620 | C<JSON::XS> is incapable of generating invalid JSON output (modulo bugs, |
|
|
1621 | but C<JSON::XS> has found more bugs in the official JSON testsuite (1) |
|
|
1622 | than the official JSON testsuite has found in C<JSON::XS> (0)). |
|
|
1623 | |
|
|
1624 | When you have trouble decoding JSON generated by this module using other |
|
|
1625 | decoders, then it is very likely that you have an encoding mismatch or the |
|
|
1626 | other decoder is broken. |
|
|
1627 | |
|
|
1628 | When decoding, C<JSON::XS> is strict by default and will likely catch all |
|
|
1629 | errors. There are currently two settings that change this: C<relaxed> |
|
|
1630 | makes C<JSON::XS> accept (but not generate) some non-standard extensions, |
|
|
1631 | and C<allow_tags> will allow you to encode and decode Perl objects, at the |
|
|
1632 | cost of not outputting valid JSON anymore. |
|
|
1633 | |
|
|
1634 | =head2 TAGGED VALUE SYNTAX AND STANDARD JSON EN/DECODERS |
|
|
1635 | |
|
|
1636 | When you use C<allow_tags> to use the extended (and also nonstandard and |
|
|
1637 | invalid) JSON syntax for serialised objects, and you still want to decode |
|
|
1638 | the generated When you want to serialise objects, you can run a regex |
|
|
1639 | to replace the tagged syntax by standard JSON arrays (it only works for |
|
|
1640 | "normal" packagesnames without comma, newlines or single colons). First, |
|
|
1641 | the readable Perl version: |
|
|
1642 | |
|
|
1643 | # if your FREEZE methods return no values, you need this replace first: |
|
|
1644 | $json =~ s/\( \s* (" (?: [^\\":,]+|\\.|::)* ") \s* \) \s* \[\s*\]/[$1]/gx; |
|
|
1645 | |
|
|
1646 | # this works for non-empty constructor arg lists: |
|
|
1647 | $json =~ s/\( \s* (" (?: [^\\":,]+|\\.|::)* ") \s* \) \s* \[/[$1,/gx; |
|
|
1648 | |
|
|
1649 | And here is a less readable version that is easy to adapt to other |
|
|
1650 | languages: |
|
|
1651 | |
|
|
1652 | $json =~ s/\(\s*("([^\\":,]+|\\.|::)*")\s*\)\s*\[/[$1,/g; |
|
|
1653 | |
|
|
1654 | Here is an ECMAScript version (same regex): |
|
|
1655 | |
|
|
1656 | json = json.replace (/\(\s*("([^\\":,]+|\\.|::)*")\s*\)\s*\[/g, "[$1,"); |
|
|
1657 | |
|
|
1658 | Since this syntax converts to standard JSON arrays, it might be hard to |
|
|
1659 | distinguish serialised objects from normal arrays. You can prepend a |
|
|
1660 | "magic number" as first array element to reduce chances of a collision: |
|
|
1661 | |
|
|
1662 | $json =~ s/\(\s*("([^\\":,]+|\\.|::)*")\s*\)\s*\[/["XU1peReLzT4ggEllLanBYq4G9VzliwKF",$1,/g; |
|
|
1663 | |
|
|
1664 | And after decoding the JSON text, you could walk the data |
|
|
1665 | structure looking for arrays with a first element of |
|
|
1666 | C<XU1peReLzT4ggEllLanBYq4G9VzliwKF>. |
|
|
1667 | |
|
|
1668 | The same approach can be used to create the tagged format with another |
|
|
1669 | encoder. First, you create an array with the magic string as first member, |
|
|
1670 | the classname as second, and constructor arguments last, encode it as part |
|
|
1671 | of your JSON structure, and then: |
|
|
1672 | |
|
|
1673 | $json =~ s/\[\s*"XU1peReLzT4ggEllLanBYq4G9VzliwKF"\s*,\s*("([^\\":,]+|\\.|::)*")\s*,/($1)[/g; |
|
|
1674 | |
|
|
1675 | Again, this has some limitations - the magic string must not be encoded |
|
|
1676 | with character escapes, and the constructor arguments must be non-empty. |
|
|
1677 | |
|
|
1678 | |
|
|
1679 | =head1 RFC7159 |
|
|
1680 | |
|
|
1681 | Since this module was written, Google has written a new JSON RFC, RFC 7159 |
|
|
1682 | (and RFC7158). Unfortunately, this RFC breaks compatibility with both the |
|
|
1683 | original JSON specification on www.json.org and RFC4627. |
|
|
1684 | |
|
|
1685 | As far as I can see, you can get partial compatibility when parsing by |
|
|
1686 | using C<< ->allow_nonref >>. However, consider thew security implications |
|
|
1687 | of doing so. |
|
|
1688 | |
|
|
1689 | I haven't decided yet when to break compatibility with RFC4627 by default |
|
|
1690 | (and potentially leave applications insecure) and change the default to |
|
|
1691 | follow RFC7159, but application authors are well advised to call C<< |
|
|
1692 | ->allow_nonref(0) >> even if this is the current default, if they cannot |
|
|
1693 | handle non-reference values, in preparation for the day when the4 default |
|
|
1694 | will change. |
|
|
1695 | |
|
|
1696 | |
1441 | =head1 THREADS |
1697 | =head1 THREADS |
1442 | |
1698 | |
1443 | This module is I<not> guaranteed to be thread safe and there are no |
1699 | This module is I<not> guaranteed to be thread safe and there are no |
1444 | plans to change this until Perl gets thread support (as opposed to the |
1700 | plans to change this until Perl gets thread support (as opposed to the |
1445 | horribly slow so-called "threads" which are simply slow and bloated |
1701 | horribly slow so-called "threads" which are simply slow and bloated |
… | |
… | |
1452 | |
1708 | |
1453 | Sometimes people avoid the Perl locale support and directly call the |
1709 | Sometimes people avoid the Perl locale support and directly call the |
1454 | system's setlocale function with C<LC_ALL>. |
1710 | system's setlocale function with C<LC_ALL>. |
1455 | |
1711 | |
1456 | This breaks both perl and modules such as JSON::XS, as stringification of |
1712 | This breaks both perl and modules such as JSON::XS, as stringification of |
1457 | numbers no longer works correcly (e.g. C<$x = 0.1; print "$x"+1> might |
1713 | numbers no longer works correctly (e.g. C<$x = 0.1; print "$x"+1> might |
1458 | print C<1>, and JSON::XS might output illegal JSON as JSON::XS relies on |
1714 | print C<1>, and JSON::XS might output illegal JSON as JSON::XS relies on |
1459 | perl to stringify numbers). |
1715 | perl to stringify numbers). |
1460 | |
1716 | |
1461 | The solution is simple: don't call C<setlocale>, or use it for only those |
1717 | The solution is simple: don't call C<setlocale>, or use it for only those |
1462 | categories you need, such as C<LC_MESSAGES> or C<LC_CTYPE>. |
1718 | categories you need, such as C<LC_MESSAGES> or C<LC_CTYPE>. |
… | |
… | |
1475 | Please refrain from using rt.cpan.org or any other bug reporting |
1731 | Please refrain from using rt.cpan.org or any other bug reporting |
1476 | service. I put the contact address into my modules for a reason. |
1732 | service. I put the contact address into my modules for a reason. |
1477 | |
1733 | |
1478 | =cut |
1734 | =cut |
1479 | |
1735 | |
1480 | our $true = do { bless \(my $dummy = 1), "JSON::XS::Boolean" }; |
1736 | BEGIN { |
1481 | our $false = do { bless \(my $dummy = 0), "JSON::XS::Boolean" }; |
1737 | *true = \$Types::Serialiser::true; |
|
|
1738 | *true = \&Types::Serialiser::true; |
|
|
1739 | *false = \$Types::Serialiser::false; |
|
|
1740 | *false = \&Types::Serialiser::false; |
|
|
1741 | *is_bool = \&Types::Serialiser::is_bool; |
1482 | |
1742 | |
1483 | sub true() { $true } |
1743 | *JSON::XS::Boolean:: = *Types::Serialiser::Boolean::; |
1484 | sub false() { $false } |
|
|
1485 | |
|
|
1486 | sub is_bool($) { |
|
|
1487 | UNIVERSAL::isa $_[0], "JSON::XS::Boolean" |
|
|
1488 | # or UNIVERSAL::isa $_[0], "JSON::Literal" |
|
|
1489 | } |
1744 | } |
1490 | |
1745 | |
1491 | XSLoader::load "JSON::XS", $VERSION; |
1746 | XSLoader::load "JSON::XS", $VERSION; |
1492 | |
|
|
1493 | package JSON::XS::Boolean; |
|
|
1494 | |
|
|
1495 | use overload |
|
|
1496 | "0+" => sub { ${$_[0]} }, |
|
|
1497 | "++" => sub { $_[0] = ${$_[0]} + 1 }, |
|
|
1498 | "--" => sub { $_[0] = ${$_[0]} - 1 }, |
|
|
1499 | fallback => 1; |
|
|
1500 | |
|
|
1501 | 1; |
|
|
1502 | |
1747 | |
1503 | =head1 SEE ALSO |
1748 | =head1 SEE ALSO |
1504 | |
1749 | |
1505 | The F<json_xs> command line utility for quick experiments. |
1750 | The F<json_xs> command line utility for quick experiments. |
1506 | |
1751 | |
… | |
… | |
1509 | Marc Lehmann <schmorp@schmorp.de> |
1754 | Marc Lehmann <schmorp@schmorp.de> |
1510 | http://home.schmorp.de/ |
1755 | http://home.schmorp.de/ |
1511 | |
1756 | |
1512 | =cut |
1757 | =cut |
1513 | |
1758 | |
|
|
1759 | 1 |
|
|
1760 | |