ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/JSON-XS/XS.pm
(Generate patch)

Comparing JSON-XS/XS.pm (file contents):
Revision 1.13 by root, Fri Mar 23 18:37:30 2007 UTC vs.
Revision 1.42 by root, Thu Jun 14 23:58:57 2007 UTC

4 4
5=head1 SYNOPSIS 5=head1 SYNOPSIS
6 6
7 use JSON::XS; 7 use JSON::XS;
8 8
9 # exported functions, croak on error 9 # exported functions, they croak on error
10 # and expect/generate UTF-8
10 11
11 $utf8_encoded_json_text = to_json $perl_hash_or_arrayref; 12 $utf8_encoded_json_text = to_json $perl_hash_or_arrayref;
12 $perl_hash_or_arrayref = from_json $utf8_encoded_json_text; 13 $perl_hash_or_arrayref = from_json $utf8_encoded_json_text;
13 14
15 # objToJson and jsonToObj aliases to to_json and from_json
16 # are exported for compatibility to the JSON module,
17 # but should not be used in new code.
18
14 # oo-interface 19 # OO-interface
15 20
16 $coder = JSON::XS->new->ascii->pretty->allow_nonref; 21 $coder = JSON::XS->new->ascii->pretty->allow_nonref;
17 $pretty_printed_unencoded = $coder->encode ($perl_scalar); 22 $pretty_printed_unencoded = $coder->encode ($perl_scalar);
18 $perl_scalar = $coder->decode ($unicode_json_text); 23 $perl_scalar = $coder->decode ($unicode_json_text);
19 24
36 41
37=head2 FEATURES 42=head2 FEATURES
38 43
39=over 4 44=over 4
40 45
41=item * correct handling of unicode issues 46=item * correct unicode handling
42 47
43This module knows how to handle Unicode, and even documents how and when 48This module knows how to handle Unicode, and even documents how and when
44it does so. 49it does so.
45 50
46=item * round-trip integrity 51=item * round-trip integrity
47 52
48When you serialise a perl data structure using only datatypes supported 53When you serialise a perl data structure using only datatypes supported
49by JSON, the deserialised data structure is identical on the Perl level. 54by JSON, the deserialised data structure is identical on the Perl level.
50(e.g. the string "2.0" doesn't suddenly become "2"). 55(e.g. the string "2.0" doesn't suddenly become "2" just because it looks
56like a number).
51 57
52=item * strict checking of JSON correctness 58=item * strict checking of JSON correctness
53 59
54There is no guessing, no generating of illegal JSON strings by default, 60There is no guessing, no generating of illegal JSON texts by default,
55and only JSON is accepted as input by default (the latter is a security 61and only JSON is accepted as input by default (the latter is a security
56feature). 62feature).
57 63
58=item * fast 64=item * fast
59 65
66interface. 72interface.
67 73
68=item * reasonably versatile output formats 74=item * reasonably versatile output formats
69 75
70You can choose between the most compact guarenteed single-line format 76You can choose between the most compact guarenteed single-line format
71possible (nice for simple line-based protocols), a pure-ascii format (for 77possible (nice for simple line-based protocols), a pure-ascii format
72when your transport is not 8-bit clean), or a pretty-printed format (for 78(for when your transport is not 8-bit clean, still supports the whole
73when you want to read that stuff). Or you can combine those features in 79unicode range), or a pretty-printed format (for when you want to read that
74whatever way you like. 80stuff). Or you can combine those features in whatever way you like.
75 81
76=back 82=back
77 83
78=cut 84=cut
79 85
80package JSON::XS; 86package JSON::XS;
81 87
88use strict;
89
82BEGIN { 90BEGIN {
83 $VERSION = '0.3'; 91 our $VERSION = '1.24';
84 @ISA = qw(Exporter); 92 our @ISA = qw(Exporter);
85 93
86 @EXPORT = qw(to_json from_json); 94 our @EXPORT = qw(to_json from_json objToJson jsonToObj);
87 require Exporter; 95 require Exporter;
88 96
89 require XSLoader; 97 require XSLoader;
90 XSLoader::load JSON::XS::, $VERSION; 98 XSLoader::load JSON::XS::, $VERSION;
91} 99}
95The following convinience methods are provided by this module. They are 103The following convinience methods are provided by this module. They are
96exported by default: 104exported by default:
97 105
98=over 4 106=over 4
99 107
100=item $json_string = to_json $perl_scalar 108=item $json_text = to_json $perl_scalar
101 109
102Converts the given Perl data structure (a simple scalar or a reference to 110Converts the given Perl data structure (a simple scalar or a reference to
103a hash or array) to a UTF-8 encoded, binary string (that is, the string contains 111a hash or array) to a UTF-8 encoded, binary string (that is, the string contains
104octets only). Croaks on error. 112octets only). Croaks on error.
105 113
106This function call is functionally identical to C<< JSON::XS->new->utf8->encode ($perl_scalar) >>. 114This function call is functionally identical to:
107 115
116 $json_text = JSON::XS->new->utf8->encode ($perl_scalar)
117
118except being faster.
119
108=item $perl_scalar = from_json $json_string 120=item $perl_scalar = from_json $json_text
109 121
110The opposite of C<to_json>: expects an UTF-8 (binary) string and tries to 122The opposite of C<to_json>: expects an UTF-8 (binary) string and tries to
111parse that as an UTF-8 encoded JSON string, returning the resulting simple 123parse that as an UTF-8 encoded JSON text, returning the resulting simple
112scalar or reference. Croaks on error. 124scalar or reference. Croaks on error.
113 125
114This function call is functionally identical to C<< JSON::XS->new->utf8->decode ($json_string) >>. 126This function call is functionally identical to:
127
128 $perl_scalar = JSON::XS->new->utf8->decode ($json_text)
129
130except being faster.
115 131
116=back 132=back
133
117 134
118=head1 OBJECT-ORIENTED INTERFACE 135=head1 OBJECT-ORIENTED INTERFACE
119 136
120The object oriented interface lets you configure your own encoding or 137The object oriented interface lets you configure your own encoding or
121decoding style, within the limits of supported formats. 138decoding style, within the limits of supported formats.
128strings. All boolean flags described below are by default I<disabled>. 145strings. All boolean flags described below are by default I<disabled>.
129 146
130The mutators for flags all return the JSON object again and thus calls can 147The mutators for flags all return the JSON object again and thus calls can
131be chained: 148be chained:
132 149
133 my $json = JSON::XS->new->utf8(1)->space_after(1)->encode ({a => [1,2]}) 150 my $json = JSON::XS->new->utf8->space_after->encode ({a => [1,2]})
134 => {"a": [1, 2]} 151 => {"a": [1, 2]}
135 152
136=item $json = $json->ascii ([$enable]) 153=item $json = $json->ascii ([$enable])
137 154
138If C<$enable> is true (or missing), then the C<encode> method will 155If C<$enable> is true (or missing), then the C<encode> method will not
139not generate characters outside the code range C<0..127>. Any unicode 156generate characters outside the code range C<0..127> (which is ASCII). Any
140characters outside that range will be escaped using either a single 157unicode characters outside that range will be escaped using either a
141\uXXXX (BMP characters) or a double \uHHHH\uLLLLL escape sequence, as per 158single \uXXXX (BMP characters) or a double \uHHHH\uLLLLL escape sequence,
142RFC4627. 159as per RFC4627. The resulting encoded JSON text can be treated as a native
160unicode string, an ascii-encoded, latin1-encoded or UTF-8 encoded string,
161or any other superset of ASCII.
143 162
144If C<$enable> is false, then the C<encode> method will not escape Unicode 163If C<$enable> is false, then the C<encode> method will not escape Unicode
145characters unless necessary. 164characters unless required by the JSON syntax or other flags. This results
165in a faster and more compact format.
146 166
167The main use for this flag is to produce JSON texts that can be
168transmitted over a 7-bit channel, as the encoded JSON texts will not
169contain any 8 bit characters.
170
147 JSON::XS->new->ascii (1)->encode (chr 0x10401) 171 JSON::XS->new->ascii (1)->encode ([chr 0x10401])
148 => \ud801\udc01 172 => ["\ud801\udc01"]
173
174=item $json = $json->latin1 ([$enable])
175
176If C<$enable> is true (or missing), then the C<encode> method will encode
177the resulting JSON text as latin1 (or iso-8859-1), escaping any characters
178outside the code range C<0..255>. The resulting string can be treated as a
179latin1-encoded JSON text or a native unicode string. The C<decode> method
180will not be affected in any way by this flag, as C<decode> by default
181expects unicode, which is a strict superset of latin1.
182
183If C<$enable> is false, then the C<encode> method will not escape Unicode
184characters unless required by the JSON syntax or other flags.
185
186The main use for this flag is efficiently encoding binary data as JSON
187text, as most octets will not be escaped, resulting in a smaller encoded
188size. The disadvantage is that the resulting JSON text is encoded
189in latin1 (and must correctly be treated as such when storing and
190transfering), a rare encoding for JSON. It is therefore most useful when
191you want to store data structures known to contain binary data efficiently
192in files or databases, not when talking to other JSON encoders/decoders.
193
194 JSON::XS->new->latin1->encode (["\x{89}\x{abc}"]
195 => ["\x{89}\\u0abc"] # (perl syntax, U+abc escaped, U+89 not)
149 196
150=item $json = $json->utf8 ([$enable]) 197=item $json = $json->utf8 ([$enable])
151 198
152If C<$enable> is true (or missing), then the C<encode> method will encode 199If C<$enable> is true (or missing), then the C<encode> method will encode
153the JSON string into UTF-8, as required by many protocols, while the 200the JSON result into UTF-8, as required by many protocols, while the
154C<decode> method expects to be handled an UTF-8-encoded string. Please 201C<decode> method expects to be handled an UTF-8-encoded string. Please
155note that UTF-8-encoded strings do not contain any characters outside the 202note that UTF-8-encoded strings do not contain any characters outside the
156range C<0..255>, they are thus useful for bytewise/binary I/O. 203range C<0..255>, they are thus useful for bytewise/binary I/O. In future
204versions, enabling this option might enable autodetection of the UTF-16
205and UTF-32 encoding families, as described in RFC4627.
157 206
158If C<$enable> is false, then the C<encode> method will return the JSON 207If C<$enable> is false, then the C<encode> method will return the JSON
159string as a (non-encoded) unicode string, while C<decode> expects thus a 208string as a (non-encoded) unicode string, while C<decode> expects thus a
160unicode string. Any decoding or encoding (e.g. to UTF-8 or UTF-16) needs 209unicode string. Any decoding or encoding (e.g. to UTF-8 or UTF-16) needs
161to be done yourself, e.g. using the Encode module. 210to be done yourself, e.g. using the Encode module.
162 211
163Example, output UTF-16-encoded JSON: 212Example, output UTF-16BE-encoded JSON:
213
214 use Encode;
215 $jsontext = encode "UTF-16BE", JSON::XS->new->encode ($object);
216
217Example, decode UTF-32LE-encoded JSON:
218
219 use Encode;
220 $object = JSON::XS->new->decode (decode "UTF-32LE", $jsontext);
164 221
165=item $json = $json->pretty ([$enable]) 222=item $json = $json->pretty ([$enable])
166 223
167This enables (or disables) all of the C<indent>, C<space_before> and 224This enables (or disables) all of the C<indent>, C<space_before> and
168C<space_after> (and in the future possibly more) flags in one call to 225C<space_after> (and in the future possibly more) flags in one call to
184If C<$enable> is true (or missing), then the C<encode> method will use a multiline 241If C<$enable> is true (or missing), then the C<encode> method will use a multiline
185format as output, putting every array member or object/hash key-value pair 242format as output, putting every array member or object/hash key-value pair
186into its own line, identing them properly. 243into its own line, identing them properly.
187 244
188If C<$enable> is false, no newlines or indenting will be produced, and the 245If C<$enable> is false, no newlines or indenting will be produced, and the
189resulting JSON strings is guarenteed not to contain any C<newlines>. 246resulting JSON text is guarenteed not to contain any C<newlines>.
190 247
191This setting has no effect when decoding JSON strings. 248This setting has no effect when decoding JSON texts.
192 249
193=item $json = $json->space_before ([$enable]) 250=item $json = $json->space_before ([$enable])
194 251
195If C<$enable> is true (or missing), then the C<encode> method will add an extra 252If C<$enable> is true (or missing), then the C<encode> method will add an extra
196optional space before the C<:> separating keys from values in JSON objects. 253optional space before the C<:> separating keys from values in JSON objects.
197 254
198If C<$enable> is false, then the C<encode> method will not add any extra 255If C<$enable> is false, then the C<encode> method will not add any extra
199space at those places. 256space at those places.
200 257
201This setting has no effect when decoding JSON strings. You will also most 258This setting has no effect when decoding JSON texts. You will also
202likely combine this setting with C<space_after>. 259most likely combine this setting with C<space_after>.
203 260
204Example, space_before enabled, space_after and indent disabled: 261Example, space_before enabled, space_after and indent disabled:
205 262
206 {"key" :"value"} 263 {"key" :"value"}
207 264
213members. 270members.
214 271
215If C<$enable> is false, then the C<encode> method will not add any extra 272If C<$enable> is false, then the C<encode> method will not add any extra
216space at those places. 273space at those places.
217 274
218This setting has no effect when decoding JSON strings. 275This setting has no effect when decoding JSON texts.
219 276
220Example, space_before and indent disabled, space_after enabled: 277Example, space_before and indent disabled, space_after enabled:
221 278
222 {"key": "value"} 279 {"key": "value"}
223 280
229If C<$enable> is false, then the C<encode> method will output key-value 286If C<$enable> is false, then the C<encode> method will output key-value
230pairs in the order Perl stores them (which will likely change between runs 287pairs in the order Perl stores them (which will likely change between runs
231of the same script). 288of the same script).
232 289
233This option is useful if you want the same data structure to be encoded as 290This option is useful if you want the same data structure to be encoded as
234the same JSON string (given the same overall settings). If it is disabled, 291the same JSON text (given the same overall settings). If it is disabled,
235the same hash migh be encoded differently even if contains the same data, 292the same hash migh be encoded differently even if contains the same data,
236as key-value pairs have no inherent ordering in Perl. 293as key-value pairs have no inherent ordering in Perl.
237 294
238This setting has no effect when decoding JSON strings. 295This setting has no effect when decoding JSON texts.
239 296
240=item $json = $json->allow_nonref ([$enable]) 297=item $json = $json->allow_nonref ([$enable])
241 298
242If C<$enable> is true (or missing), then the C<encode> method can convert a 299If C<$enable> is true (or missing), then the C<encode> method can convert a
243non-reference into its corresponding string, number or null JSON value, 300non-reference into its corresponding string, number or null JSON value,
244which is an extension to RFC4627. Likewise, C<decode> will accept those JSON 301which is an extension to RFC4627. Likewise, C<decode> will accept those JSON
245values instead of croaking. 302values instead of croaking.
246 303
247If C<$enable> is false, then the C<encode> method will croak if it isn't 304If C<$enable> is false, then the C<encode> method will croak if it isn't
248passed an arrayref or hashref, as JSON strings must either be an object 305passed an arrayref or hashref, as JSON texts must either be an object
249or array. Likewise, C<decode> will croak if given something that is not a 306or array. Likewise, C<decode> will croak if given something that is not a
250JSON object or array. 307JSON object or array.
251 308
252Example, encode a Perl scalar as JSON value with enabled C<allow_nonref>, 309Example, encode a Perl scalar as JSON value with enabled C<allow_nonref>,
253resulting in an invalid JSON text: 310resulting in an invalid JSON text:
256 => "Hello, World!" 313 => "Hello, World!"
257 314
258=item $json = $json->shrink ([$enable]) 315=item $json = $json->shrink ([$enable])
259 316
260Perl usually over-allocates memory a bit when allocating space for 317Perl usually over-allocates memory a bit when allocating space for
261strings. This flag optionally resizes strings generated by either 318strings. This flag optionally resizes strings generated by either
262C<encode> or C<decode> to their minimum size possible. This can save 319C<encode> or C<decode> to their minimum size possible. This can save
263memory when your JSON strings are either very very long or you have many 320memory when your JSON texts are either very very long or you have many
264short strings. It will also try to downgrade any strings to octet-form 321short strings. It will also try to downgrade any strings to octet-form
265if possible: perl stores strings internally either in an encoding called 322if possible: perl stores strings internally either in an encoding called
266UTF-X or in octet-form. The latter cannot store everything but uses less 323UTF-X or in octet-form. The latter cannot store everything but uses less
267space in general. 324space in general (and some buggy Perl or C code might even rely on that
325internal representation being used).
268 326
327The actual definition of what shrink does might change in future versions,
328but it will always try to save space at the expense of time.
329
269If C<$enable> is true (or missing), the string returned by C<encode> will be shrunk-to-fit, 330If C<$enable> is true (or missing), the string returned by C<encode> will
270while all strings generated by C<decode> will also be shrunk-to-fit. 331be shrunk-to-fit, while all strings generated by C<decode> will also be
332shrunk-to-fit.
271 333
272If C<$enable> is false, then the normal perl allocation algorithms are used. 334If C<$enable> is false, then the normal perl allocation algorithms are used.
273If you work with your data, then this is likely to be faster. 335If you work with your data, then this is likely to be faster.
274 336
275In the future, this setting might control other things, such as converting 337In the future, this setting might control other things, such as converting
276strings that look like integers or floats into integers or floats 338strings that look like integers or floats into integers or floats
277internally (there is no difference on the Perl level), saving space. 339internally (there is no difference on the Perl level), saving space.
278 340
341=item $json = $json->max_depth ([$maximum_nesting_depth])
342
343Sets the maximum nesting level (default C<512>) accepted while encoding
344or decoding. If the JSON text or Perl data structure has an equal or
345higher nesting level then this limit, then the encoder and decoder will
346stop and croak at that point.
347
348Nesting level is defined by number of hash- or arrayrefs that the encoder
349needs to traverse to reach a given point or the number of C<{> or C<[>
350characters without their matching closing parenthesis crossed to reach a
351given character in a string.
352
353Setting the maximum depth to one disallows any nesting, so that ensures
354that the object is only a single hash/object or array.
355
356The argument to C<max_depth> will be rounded up to the next nearest power
357of two.
358
359See SECURITY CONSIDERATIONS, below, for more info on why this is useful.
360
279=item $json_string = $json->encode ($perl_scalar) 361=item $json_text = $json->encode ($perl_scalar)
280 362
281Converts the given Perl data structure (a simple scalar or a reference 363Converts the given Perl data structure (a simple scalar or a reference
282to a hash or array) to its JSON representation. Simple scalars will be 364to a hash or array) to its JSON representation. Simple scalars will be
283converted into JSON string or number sequences, while references to arrays 365converted into JSON string or number sequences, while references to arrays
284become JSON arrays and references to hashes become JSON objects. Undefined 366become JSON arrays and references to hashes become JSON objects. Undefined
285Perl values (e.g. C<undef>) become JSON C<null> values. Neither C<true> 367Perl values (e.g. C<undef>) become JSON C<null> values. Neither C<true>
286nor C<false> values will be generated. 368nor C<false> values will be generated.
287 369
288=item $perl_scalar = $json->decode ($json_string) 370=item $perl_scalar = $json->decode ($json_text)
289 371
290The opposite of C<encode>: expects a JSON string and tries to parse it, 372The opposite of C<encode>: expects a JSON text and tries to parse it,
291returning the resulting simple scalar or reference. Croaks on error. 373returning the resulting simple scalar or reference. Croaks on error.
292 374
293JSON numbers and strings become simple Perl scalars. JSON arrays become 375JSON numbers and strings become simple Perl scalars. JSON arrays become
294Perl arrayrefs and JSON objects become Perl hashrefs. C<true> becomes 376Perl arrayrefs and JSON objects become Perl hashrefs. C<true> becomes
295C<1>, C<false> becomes C<0> and C<null> becomes C<undef>. 377C<1>, C<false> becomes C<0> and C<null> becomes C<undef>.
296 378
379=item ($perl_scalar, $characters) = $json->decode_prefix ($json_text)
380
381This works like the C<decode> method, but instead of raising an exception
382when there is trailing garbage after the first JSON object, it will
383silently stop parsing there and return the number of characters consumed
384so far.
385
386This is useful if your JSON texts are not delimited by an outer protocol
387(which is not the brightest thing to do in the first place) and you need
388to know where the JSON text ends.
389
390 JSON::XS->new->decode_prefix ("[1] the tail")
391 => ([], 3)
392
297=back 393=back
394
298 395
299=head1 MAPPING 396=head1 MAPPING
300 397
301This section describes how JSON::XS maps Perl values to JSON values and 398This section describes how JSON::XS maps Perl values to JSON values and
302vice versa. These mappings are designed to "do the right thing" in most 399vice versa. These mappings are designed to "do the right thing" in most
305 402
306For the more enlightened: note that in the following descriptions, 403For the more enlightened: note that in the following descriptions,
307lowercase I<perl> refers to the Perl interpreter, while uppcercase I<Perl> 404lowercase I<perl> refers to the Perl interpreter, while uppcercase I<Perl>
308refers to the abstract Perl language itself. 405refers to the abstract Perl language itself.
309 406
407
310=head2 JSON -> PERL 408=head2 JSON -> PERL
311 409
312=over 4 410=over 4
313 411
314=item object 412=item object
315 413
316A JSON object becomes a reference to a hash in Perl. No ordering of object 414A JSON object becomes a reference to a hash in Perl. No ordering of object
317keys is preserved. 415keys is preserved (JSON does not preserver object key ordering itself).
318 416
319=item array 417=item array
320 418
321A JSON array becomes a reference to an array in Perl. 419A JSON array becomes a reference to an array in Perl.
322 420
345 443
346A JSON null atom becomes C<undef> in Perl. 444A JSON null atom becomes C<undef> in Perl.
347 445
348=back 446=back
349 447
448
350=head2 PERL -> JSON 449=head2 PERL -> JSON
351 450
352The mapping from Perl to JSON is slightly more difficult, as Perl is a 451The mapping from Perl to JSON is slightly more difficult, as Perl is a
353truly typeless language, so we can only guess which JSON type is meant by 452truly typeless language, so we can only guess which JSON type is meant by
354a Perl value. 453a Perl value.
356=over 4 455=over 4
357 456
358=item hash references 457=item hash references
359 458
360Perl hash references become JSON objects. As there is no inherent ordering 459Perl hash references become JSON objects. As there is no inherent ordering
361in hash keys, they will usually be encoded in a pseudo-random order that 460in hash keys (or JSON objects), they will usually be encoded in a
362can change between runs of the same program but stays generally the same 461pseudo-random order that can change between runs of the same program but
363within the single run of a program. JSON::XS can optionally sort the hash 462stays generally the same within a single run of a program. JSON::XS can
364keys (determined by the I<canonical> flag), so the same datastructure 463optionally sort the hash keys (determined by the I<canonical> flag), so
365will serialise to the same JSON text (given same settings and version of 464the same datastructure will serialise to the same JSON text (given same
366JSON::XS), but this incurs a runtime overhead. 465settings and version of JSON::XS), but this incurs a runtime overhead
466and is only rarely useful, e.g. when you want to compare some JSON text
467against another for equality.
367 468
368=item array references 469=item array references
369 470
370Perl array references become JSON arrays. 471Perl array references become JSON arrays.
472
473=item other references
474
475Other unblessed references are generally not allowed and will cause an
476exception to be thrown, except for references to the integers C<0> and
477C<1>, which get turned into C<false> and C<true> atoms in JSON. You can
478also use C<JSON::XS::false> and C<JSON::XS::true> to improve readability.
479
480 to_json [\0,JSON::XS::true] # yields [false,true]
371 481
372=item blessed objects 482=item blessed objects
373 483
374Blessed objects are not allowed. JSON::XS currently tries to encode their 484Blessed objects are not allowed. JSON::XS currently tries to encode their
375underlying representation (hash- or arrayref), but this behaviour might 485underlying representation (hash- or arrayref), but this behaviour might
408 $x *= 1; # same thing, the choise is yours. 518 $x *= 1; # same thing, the choise is yours.
409 519
410You can not currently output JSON booleans or force the type in other, 520You can not currently output JSON booleans or force the type in other,
411less obscure, ways. Tell me if you need this capability. 521less obscure, ways. Tell me if you need this capability.
412 522
413=item circular data structures
414
415Those will be encoded until memory or stackspace runs out.
416
417=back 523=back
524
418 525
419=head1 COMPARISON 526=head1 COMPARISON
420 527
421As already mentioned, this module was created because none of the existing 528As already mentioned, this module was created because none of the existing
422JSON modules could be made to work correctly. First I will describe the 529JSON modules could be made to work correctly. First I will describe the
448 555
449Has problems handling many Perl values (e.g. regex results and other magic 556Has problems handling many Perl values (e.g. regex results and other magic
450values will make it croak). 557values will make it croak).
451 558
452Does not even generate valid JSON (C<{1,2}> gets converted to C<{1:2}> 559Does not even generate valid JSON (C<{1,2}> gets converted to C<{1:2}>
453which is not a valid JSON string. 560which is not a valid JSON text.
454 561
455Unmaintained (maintainer unresponsive for many months, bugs are not 562Unmaintained (maintainer unresponsive for many months, bugs are not
456getting fixed). 563getting fixed).
457 564
458=item JSON::Syck 0.21 565=item JSON::Syck 0.21
460Very buggy (often crashes). 567Very buggy (often crashes).
461 568
462Very inflexible (no human-readable format supported, format pretty much 569Very inflexible (no human-readable format supported, format pretty much
463undocumented. I need at least a format for easy reading by humans and a 570undocumented. I need at least a format for easy reading by humans and a
464single-line compact format for use in a protocol, and preferably a way to 571single-line compact format for use in a protocol, and preferably a way to
465generate ASCII-only JSON strings). 572generate ASCII-only JSON texts).
466 573
467Completely broken (and confusingly documented) Unicode handling (unicode 574Completely broken (and confusingly documented) Unicode handling (unicode
468escapes are not working properly, you need to set ImplicitUnicode to 575escapes are not working properly, you need to set ImplicitUnicode to
469I<different> values on en- and decoding to get symmetric behaviour). 576I<different> values on en- and decoding to get symmetric behaviour).
470 577
493 600
494Very inflexible. 601Very inflexible.
495 602
496No roundtripping. 603No roundtripping.
497 604
498Does not generate valid JSON (key strings are often unquoted, empty keys 605Does not generate valid JSON texts (key strings are often unquoted, empty keys
499result in nothing being output) 606result in nothing being output)
500 607
501Does not check input for validity. 608Does not check input for validity.
502 609
503=back 610=back
611
612
613=head2 JSON and YAML
614
615You often hear that JSON is a subset (or a close subset) of YAML. This is,
616however, a mass hysteria and very far from the truth. In general, there is
617no way to configure JSON::XS to output a data structure as valid YAML.
618
619If you really must use JSON::XS to generate YAML, you should use this
620algorithm (subject to change in future versions):
621
622 my $to_yaml = JSON::XS->new->utf8->space_after (1);
623 my $yaml = $to_yaml->encode ($ref) . "\n";
624
625This will usually generate JSON texts that also parse as valid
626YAML. Please note that YAML has hardcoded limits on (simple) object key
627lengths that JSON doesn't have, so you should make sure that your hash
628keys are noticably shorter than the 1024 characters YAML allows.
629
630There might be other incompatibilities that I am not aware of. In general
631you should not try to generate YAML with a JSON generator or vice versa,
632or try to parse JSON with a YAML parser or vice versa: chances are high
633that you will run into severe interoperability problems.
634
504 635
505=head2 SPEED 636=head2 SPEED
506 637
507It seems that JSON::XS is surprisingly fast, as shown in the following 638It seems that JSON::XS is surprisingly fast, as shown in the following
508tables. They have been generated with the help of the C<eg/bench> program 639tables. They have been generated with the help of the C<eg/bench> program
509in the JSON::XS distribution, to make it easy to compare on your own 640in the JSON::XS distribution, to make it easy to compare on your own
510system. 641system.
511 642
512First comes a comparison between various modules using a very short JSON 643First comes a comparison between various modules using a very short
513string (83 bytes), showing the number of encodes/decodes per second 644single-line JSON string:
645
646 {"method": "handleMessage", "params": ["user1", "we were just talking"], \
647 "id": null, "array":[1,11,234,-5,1e5,1e7, true, false]}
648
649It shows the number of encodes/decodes per second (JSON::XS uses
514(JSON::XS is the functional interface, while JSON::XS/2 is the OO 650the functional interface, while JSON::XS/2 uses the OO interface
515interface with pretty-printing and hashkey sorting enabled). Higher is 651with pretty-printing and hashkey sorting enabled, JSON::XS/3 enables
516better: 652shrink). Higher is better:
517 653
518 module | encode | decode | 654 module | encode | decode |
519 -----------|------------|------------| 655 -----------|------------|------------|
520 JSON | 14006 | 6820 | 656 JSON | 7645.468 | 4208.613 |
521 JSON::DWIW | 200937 | 120386 | 657 JSON::DWIW | 40721.398 | 77101.176 |
522 JSON::PC | 85065 | 129366 | 658 JSON::PC | 65948.176 | 78251.940 |
523 JSON::Syck | 59898 | 44232 | 659 JSON::Syck | 22844.793 | 26479.192 |
524 JSON::XS | 1171478 | 342435 | 660 JSON::XS | 388361.481 | 199728.762 |
525 JSON::XS/2 | 730760 | 328714 | 661 JSON::XS/2 | 218453.333 | 192399.266 |
662 JSON::XS/3 | 338250.323 | 192399.266 |
663 Storable | 15779.925 | 14169.946 |
526 -----------+------------+------------+ 664 -----------+------------+------------+
527 665
528That is, JSON::XS is 6 times faster than than JSON::DWIW and about 80 666That is, JSON::XS is about five times faster than JSON::DWIW on encoding,
667about three times faster on decoding, and over fourty times faster
529times faster than JSON, even with pretty-printing and key sorting. 668than JSON, even with pretty-printing and key sorting. It also compares
669favourably to Storable for small amounts of data.
530 670
531Using a longer test string (roughly 18KB, generated from Yahoo! Locals 671Using a longer test string (roughly 18KB, generated from Yahoo! Locals
532search API (http://nanoref.com/yahooapis/mgPdGg): 672search API (http://nanoref.com/yahooapis/mgPdGg):
533 673
534 module | encode | decode | 674 module | encode | decode |
535 -----------|------------|------------| 675 -----------|------------|------------|
536 JSON | 673 | 38 | 676 JSON | 254.685 | 37.665 |
537 JSON::DWIW | 5271 | 770 | 677 JSON::DWIW | 843.343 | 1049.731 |
538 JSON::PC | 9901 | 2491 | 678 JSON::PC | 3602.116 | 2307.352 |
539 JSON::Syck | 2360 | 786 | 679 JSON::Syck | 505.107 | 787.899 |
540 JSON::XS | 37398 | 3202 | 680 JSON::XS | 5747.196 | 3690.220 |
541 JSON::XS/2 | 13765 | 3153 | 681 JSON::XS/2 | 3968.121 | 3676.634 |
682 JSON::XS/3 | 6105.246 | 3662.508 |
683 Storable | 4417.337 | 5285.161 |
542 -----------+------------+------------+ 684 -----------+------------+------------+
543 685
544Again, JSON::XS leads by far in the encoding case, while still beating 686Again, JSON::XS leads by far (except for Storable which non-surprisingly
545every other module in the decoding case. 687decodes faster).
546 688
547On large strings containing lots of unicode characters, some modules 689On large strings containing lots of high unicode characters, some modules
548(such as JSON::PC) decode faster than JSON::XS, but the result will be 690(such as JSON::PC) seem to decode faster than JSON::XS, but the result
549broken due to missing unicode handling. Others refuse to decode or encode 691will be broken due to missing (or wrong) unicode handling. Others refuse
550properly, so it was impossible to prepare a fair comparison table for that 692to decode or encode properly, so it was impossible to prepare a fair
551case. 693comparison table for that case.
552 694
553=head1 RESOURCE LIMITS
554 695
555JSON::XS does not impose any limits on the size of JSON texts or Perl 696=head1 SECURITY CONSIDERATIONS
556values they represent - if your machine can handle it, JSON::XS will 697
557encode or decode it. Future versions might optionally impose structure 698When you are using JSON in a protocol, talking to untrusted potentially
558depth and memory use resource limits. 699hostile creatures requires relatively few measures.
700
701First of all, your JSON decoder should be secure, that is, should not have
702any buffer overflows. Obviously, this module should ensure that and I am
703trying hard on making that true, but you never know.
704
705Second, you need to avoid resource-starving attacks. That means you should
706limit the size of JSON texts you accept, or make sure then when your
707resources run out, thats just fine (e.g. by using a separate process that
708can crash safely). The size of a JSON text in octets or characters is
709usually a good indication of the size of the resources required to decode
710it into a Perl structure.
711
712Third, JSON::XS recurses using the C stack when decoding objects and
713arrays. The C stack is a limited resource: for instance, on my amd64
714machine with 8MB of stack size I can decode around 180k nested arrays but
715only 14k nested JSON objects (due to perl itself recursing deeply on croak
716to free the temporary). If that is exceeded, the program crashes. to be
717conservative, the default nesting limit is set to 512. If your process
718has a smaller stack, you should adjust this setting accordingly with the
719C<max_depth> method.
720
721And last but least, something else could bomb you that I forgot to think
722of. In that case, you get to keep the pieces. I am always open for hints,
723though...
724
725If you are using JSON::XS to return packets to consumption
726by javascript scripts in a browser you should have a look at
727L<http://jpsykes.com/47/practical-csrf-and-json-security> to see wether
728you are vulnerable to some common attack vectors (which really are browser
729design bugs, but it is still you who will have to deal with it, as major
730browser developers care only for features, not about doing security
731right).
732
559 733
560=head1 BUGS 734=head1 BUGS
561 735
562While the goal of this module is to be correct, that unfortunately does 736While the goal of this module is to be correct, that unfortunately does
563not mean its bug-free, only that I think its design is bug-free. It is 737not mean its bug-free, only that I think its design is bug-free. It is
564still very young and not well-tested. If you keep reporting bugs they will 738still relatively early in its development. If you keep reporting bugs they
565be fixed swiftly, though. 739will be fixed swiftly, though.
566 740
567=cut 741=cut
742
743sub true() { \1 }
744sub false() { \0 }
568 745
5691; 7461;
570 747
571=head1 AUTHOR 748=head1 AUTHOR
572 749

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines