| … | |
… | |
| 101 | |
101 | |
| 102 | package JSON::XS; |
102 | package JSON::XS; |
| 103 | |
103 | |
| 104 | use common::sense; |
104 | use common::sense; |
| 105 | |
105 | |
| 106 | our $VERSION = '2.24'; |
106 | our $VERSION = '2.27'; |
| 107 | our @ISA = qw(Exporter); |
107 | our @ISA = qw(Exporter); |
| 108 | |
108 | |
| 109 | our @EXPORT = qw(encode_json decode_json to_json from_json); |
109 | our @EXPORT = qw(encode_json decode_json to_json from_json); |
| 110 | |
110 | |
| 111 | sub to_json($) { |
111 | sub to_json($) { |
| … | |
… | |
| 1268 | my $yaml = $to_yaml->encode ($ref) . "\n"; |
1268 | my $yaml = $to_yaml->encode ($ref) . "\n"; |
| 1269 | |
1269 | |
| 1270 | This will I<usually> generate JSON texts that also parse as valid |
1270 | This will I<usually> generate JSON texts that also parse as valid |
| 1271 | YAML. Please note that YAML has hardcoded limits on (simple) object key |
1271 | YAML. Please note that YAML has hardcoded limits on (simple) object key |
| 1272 | lengths that JSON doesn't have and also has different and incompatible |
1272 | lengths that JSON doesn't have and also has different and incompatible |
| 1273 | unicode handling, so you should make sure that your hash keys are |
1273 | unicode character escape syntax, so you should make sure that your hash |
| 1274 | noticeably shorter than the 1024 "stream characters" YAML allows and that |
1274 | keys are noticeably shorter than the 1024 "stream characters" YAML allows |
| 1275 | you do not have characters with codepoint values outside the Unicode BMP |
1275 | and that you do not have characters with codepoint values outside the |
| 1276 | (basic multilingual page). YAML also does not allow C<\/> sequences in |
1276 | Unicode BMP (basic multilingual page). YAML also does not allow C<\/> |
| 1277 | strings (which JSON::XS does not I<currently> generate, but other JSON |
1277 | sequences in strings (which JSON::XS does not I<currently> generate, but |
| 1278 | generators might). |
1278 | other JSON generators might). |
| 1279 | |
1279 | |
| 1280 | There might be other incompatibilities that I am not aware of (or the YAML |
1280 | There might be other incompatibilities that I am not aware of (or the YAML |
| 1281 | specification has been changed yet again - it does so quite often). In |
1281 | specification has been changed yet again - it does so quite often). In |
| 1282 | general you should not try to generate YAML with a JSON generator or vice |
1282 | general you should not try to generate YAML with a JSON generator or vice |
| 1283 | versa, or try to parse JSON with a YAML parser or vice versa: chances are |
1283 | versa, or try to parse JSON with a YAML parser or vice versa: chances are |
| … | |
… | |
| 1301 | proponents, I would kindly suggest reading the JSON spec (which is not |
1301 | proponents, I would kindly suggest reading the JSON spec (which is not |
| 1302 | that difficult or long) and finally make YAML compatible to it, and |
1302 | that difficult or long) and finally make YAML compatible to it, and |
| 1303 | educating users about the changes, instead of spreading lies about the |
1303 | educating users about the changes, instead of spreading lies about the |
| 1304 | real compatibility for many I<years> and trying to silence people who |
1304 | real compatibility for many I<years> and trying to silence people who |
| 1305 | point out that it isn't true. |
1305 | point out that it isn't true. |
|
|
1306 | |
|
|
1307 | Addendum/2009: the YAML 1.2 spec is still incomaptible with JSON, even |
|
|
1308 | though the incompatibilities have been documented (and are known to |
|
|
1309 | Brian) for many years and the spec makes explicit claims that YAML is a |
|
|
1310 | superset of JSON. It would be so easy to fix, but apparently, bullying and |
|
|
1311 | corrupting userdata is so much easier. |
| 1306 | |
1312 | |
| 1307 | =back |
1313 | =back |
| 1308 | |
1314 | |
| 1309 | |
1315 | |
| 1310 | =head2 SPEED |
1316 | =head2 SPEED |
| … | |
… | |
| 1406 | information you might want to make sure that exceptions thrown by JSON::XS |
1412 | information you might want to make sure that exceptions thrown by JSON::XS |
| 1407 | will not end up in front of untrusted eyes. |
1413 | will not end up in front of untrusted eyes. |
| 1408 | |
1414 | |
| 1409 | If you are using JSON::XS to return packets to consumption |
1415 | If you are using JSON::XS to return packets to consumption |
| 1410 | by JavaScript scripts in a browser you should have a look at |
1416 | by JavaScript scripts in a browser you should have a look at |
| 1411 | L<http://jpsykes.com/47/practical-csrf-and-json-security> to see whether |
1417 | L<http://blog.archive.jpsykes.com/47/practical-csrf-and-json-security/> to |
| 1412 | you are vulnerable to some common attack vectors (which really are browser |
1418 | see whether you are vulnerable to some common attack vectors (which really |
| 1413 | design bugs, but it is still you who will have to deal with it, as major |
1419 | are browser design bugs, but it is still you who will have to deal with |
| 1414 | browser developers care only for features, not about getting security |
1420 | it, as major browser developers care only for features, not about getting |
| 1415 | right). |
1421 | security right). |
| 1416 | |
1422 | |
| 1417 | |
1423 | |
| 1418 | =head1 THREADS |
1424 | =head1 THREADS |
| 1419 | |
1425 | |
| 1420 | This module is I<not> guaranteed to be thread safe and there are no |
1426 | This module is I<not> guaranteed to be thread safe and there are no |
