… | |
… | |
341 | |
341 | |
342 | The C<TO_JSON> method may safely call die if it wants. If C<TO_JSON> |
342 | The C<TO_JSON> method may safely call die if it wants. If C<TO_JSON> |
343 | returns other blessed objects, those will be handled in the same |
343 | returns other blessed objects, those will be handled in the same |
344 | way. C<TO_JSON> must take care of not causing an endless recursion cycle |
344 | way. C<TO_JSON> must take care of not causing an endless recursion cycle |
345 | (== crash) in this case. The name of C<TO_JSON> was chosen because other |
345 | (== crash) in this case. The name of C<TO_JSON> was chosen because other |
346 | methods called by the Perl core (== not the user of the object) are |
346 | methods called by the Perl core (== not by the user of the object) are |
347 | usually in upper case letters and to avoid collisions with the C<to_json> |
347 | usually in upper case letters and to avoid collisions with the C<to_json> |
348 | function. |
348 | function. |
349 | |
349 | |
350 | This setting does not yet influence C<decode> in any way, but in the |
350 | This setting does not yet influence C<decode> in any way, but in the |
351 | future, global hooks might get installed that influence C<decode> and are |
351 | future, global hooks might get installed that influence C<decode> and are |
… | |
… | |
393 | given character in a string. |
393 | given character in a string. |
394 | |
394 | |
395 | Setting the maximum depth to one disallows any nesting, so that ensures |
395 | Setting the maximum depth to one disallows any nesting, so that ensures |
396 | that the object is only a single hash/object or array. |
396 | that the object is only a single hash/object or array. |
397 | |
397 | |
398 | The argument to C<max_depth> will be rounded up to the next nearest power |
398 | The argument to C<max_depth> will be rounded up to the next highest power |
399 | of two. |
399 | of two. If no argument is given, the highest possible setting will be |
|
|
400 | used, which is rarely useful. |
|
|
401 | |
|
|
402 | See SECURITY CONSIDERATIONS, below, for more info on why this is useful. |
|
|
403 | |
|
|
404 | =item $json = $json->max_size ([$maximum_string_size]) |
|
|
405 | |
|
|
406 | Set the maximum length a JSON text may have (in bytes) where decoding is |
|
|
407 | being attempted. The default is C<0>, meaning no limit. When C<decode> |
|
|
408 | is called on a string longer then this number of characters it will not |
|
|
409 | attempt to decode the string but throw an exception. This setting has no |
|
|
410 | effect on C<encode> (yet). |
|
|
411 | |
|
|
412 | The argument to C<max_size> will be rounded up to the next B<highest> |
|
|
413 | power of two (so may be more than requested). If no argument is given, the |
|
|
414 | limit check will be deactivated (same as when C<0> is specified). |
400 | |
415 | |
401 | See SECURITY CONSIDERATIONS, below, for more info on why this is useful. |
416 | See SECURITY CONSIDERATIONS, below, for more info on why this is useful. |
402 | |
417 | |
403 | =item $json_text = $json->encode ($perl_scalar) |
418 | =item $json_text = $json->encode ($perl_scalar) |
404 | |
419 | |
… | |
… | |
752 | Second, you need to avoid resource-starving attacks. That means you should |
767 | Second, you need to avoid resource-starving attacks. That means you should |
753 | limit the size of JSON texts you accept, or make sure then when your |
768 | limit the size of JSON texts you accept, or make sure then when your |
754 | resources run out, thats just fine (e.g. by using a separate process that |
769 | resources run out, thats just fine (e.g. by using a separate process that |
755 | can crash safely). The size of a JSON text in octets or characters is |
770 | can crash safely). The size of a JSON text in octets or characters is |
756 | usually a good indication of the size of the resources required to decode |
771 | usually a good indication of the size of the resources required to decode |
757 | it into a Perl structure. |
772 | it into a Perl structure. While JSON::XS can check the size of the JSON |
|
|
773 | text, it might be too late when you already have it in memory, so you |
|
|
774 | might want to check the size before you accept the string. |
758 | |
775 | |
759 | Third, JSON::XS recurses using the C stack when decoding objects and |
776 | Third, JSON::XS recurses using the C stack when decoding objects and |
760 | arrays. The C stack is a limited resource: for instance, on my amd64 |
777 | arrays. The C stack is a limited resource: for instance, on my amd64 |
761 | machine with 8MB of stack size I can decode around 180k nested arrays but |
778 | machine with 8MB of stack size I can decode around 180k nested arrays but |
762 | only 14k nested JSON objects (due to perl itself recursing deeply on croak |
779 | only 14k nested JSON objects (due to perl itself recursing deeply on croak |