| … | |
… | |
| 4 | |
4 | |
| 5 | =head1 SYNOPSIS |
5 | =head1 SYNOPSIS |
| 6 | |
6 | |
| 7 | use JSON::XS; |
7 | use JSON::XS; |
| 8 | |
8 | |
| 9 | # exported functions, croak on error |
9 | # exported functions, they croak on error |
|
|
10 | # and expect/generate UTF-8 |
| 10 | |
11 | |
| 11 | $utf8_encoded_json_text = to_json $perl_hash_or_arrayref; |
12 | $utf8_encoded_json_text = to_json $perl_hash_or_arrayref; |
| 12 | $perl_hash_or_arrayref = from_json $utf8_encoded_json_text; |
13 | $perl_hash_or_arrayref = from_json $utf8_encoded_json_text; |
| 13 | |
14 | |
|
|
15 | # objToJson and jsonToObj aliases to to_json and from_json |
|
|
16 | # are exported for compatibility to the JSON module, |
|
|
17 | # but should not be used in new code. |
|
|
18 | |
| 14 | # oo-interface |
19 | # OO-interface |
| 15 | |
20 | |
| 16 | $coder = JSON::XS->new->ascii->pretty->allow_nonref; |
21 | $coder = JSON::XS->new->ascii->pretty->allow_nonref; |
| 17 | $pretty_printed_unencoded = $coder->encode ($perl_scalar); |
22 | $pretty_printed_unencoded = $coder->encode ($perl_scalar); |
| 18 | $perl_scalar = $coder->decode ($unicode_json_text); |
23 | $perl_scalar = $coder->decode ($unicode_json_text); |
| 19 | |
24 | |
| … | |
… | |
| 36 | |
41 | |
| 37 | =head2 FEATURES |
42 | =head2 FEATURES |
| 38 | |
43 | |
| 39 | =over 4 |
44 | =over 4 |
| 40 | |
45 | |
| 41 | =item * correct handling of unicode issues |
46 | =item * correct unicode handling |
| 42 | |
47 | |
| 43 | This module knows how to handle Unicode, and even documents how and when |
48 | This module knows how to handle Unicode, and even documents how and when |
| 44 | it does so. |
49 | it does so. |
| 45 | |
50 | |
| 46 | =item * round-trip integrity |
51 | =item * round-trip integrity |
| 47 | |
52 | |
| 48 | When you serialise a perl data structure using only datatypes supported |
53 | When you serialise a perl data structure using only datatypes supported |
| 49 | by JSON, the deserialised data structure is identical on the Perl level. |
54 | by JSON, the deserialised data structure is identical on the Perl level. |
| 50 | (e.g. the string "2.0" doesn't suddenly become "2"). |
55 | (e.g. the string "2.0" doesn't suddenly become "2" just because it looks |
|
|
56 | like a number). |
| 51 | |
57 | |
| 52 | =item * strict checking of JSON correctness |
58 | =item * strict checking of JSON correctness |
| 53 | |
59 | |
| 54 | There is no guessing, no generating of illegal JSON texts by default, |
60 | There is no guessing, no generating of illegal JSON texts by default, |
| 55 | and only JSON is accepted as input by default (the latter is a security |
61 | and only JSON is accepted as input by default (the latter is a security |
| … | |
… | |
| 66 | interface. |
72 | interface. |
| 67 | |
73 | |
| 68 | =item * reasonably versatile output formats |
74 | =item * reasonably versatile output formats |
| 69 | |
75 | |
| 70 | You can choose between the most compact guarenteed single-line format |
76 | You can choose between the most compact guarenteed single-line format |
| 71 | possible (nice for simple line-based protocols), a pure-ascii format (for |
77 | possible (nice for simple line-based protocols), a pure-ascii format |
| 72 | when your transport is not 8-bit clean), or a pretty-printed format (for |
78 | (for when your transport is not 8-bit clean, still supports the whole |
| 73 | when you want to read that stuff). Or you can combine those features in |
79 | unicode range), or a pretty-printed format (for when you want to read that |
| 74 | whatever way you like. |
80 | stuff). Or you can combine those features in whatever way you like. |
| 75 | |
81 | |
| 76 | =back |
82 | =back |
| 77 | |
83 | |
| 78 | =cut |
84 | =cut |
| 79 | |
85 | |
| 80 | package JSON::XS; |
86 | package JSON::XS; |
| 81 | |
87 | |
|
|
88 | use strict; |
|
|
89 | |
| 82 | BEGIN { |
90 | BEGIN { |
| 83 | $VERSION = '0.5'; |
91 | our $VERSION = '1.24'; |
| 84 | @ISA = qw(Exporter); |
92 | our @ISA = qw(Exporter); |
| 85 | |
93 | |
| 86 | @EXPORT = qw(to_json from_json); |
94 | our @EXPORT = qw(to_json from_json objToJson jsonToObj); |
| 87 | require Exporter; |
95 | require Exporter; |
| 88 | |
96 | |
| 89 | require XSLoader; |
97 | require XSLoader; |
| 90 | XSLoader::load JSON::XS::, $VERSION; |
98 | XSLoader::load JSON::XS::, $VERSION; |
| 91 | } |
99 | } |
| … | |
… | |
| 120 | $perl_scalar = JSON::XS->new->utf8->decode ($json_text) |
128 | $perl_scalar = JSON::XS->new->utf8->decode ($json_text) |
| 121 | |
129 | |
| 122 | except being faster. |
130 | except being faster. |
| 123 | |
131 | |
| 124 | =back |
132 | =back |
|
|
133 | |
| 125 | |
134 | |
| 126 | =head1 OBJECT-ORIENTED INTERFACE |
135 | =head1 OBJECT-ORIENTED INTERFACE |
| 127 | |
136 | |
| 128 | The object oriented interface lets you configure your own encoding or |
137 | The object oriented interface lets you configure your own encoding or |
| 129 | decoding style, within the limits of supported formats. |
138 | decoding style, within the limits of supported formats. |
| … | |
… | |
| 145 | |
154 | |
| 146 | If C<$enable> is true (or missing), then the C<encode> method will not |
155 | If C<$enable> is true (or missing), then the C<encode> method will not |
| 147 | generate characters outside the code range C<0..127> (which is ASCII). Any |
156 | generate characters outside the code range C<0..127> (which is ASCII). Any |
| 148 | unicode characters outside that range will be escaped using either a |
157 | unicode characters outside that range will be escaped using either a |
| 149 | single \uXXXX (BMP characters) or a double \uHHHH\uLLLLL escape sequence, |
158 | single \uXXXX (BMP characters) or a double \uHHHH\uLLLLL escape sequence, |
| 150 | as per RFC4627. |
159 | as per RFC4627. The resulting encoded JSON text can be treated as a native |
|
|
160 | unicode string, an ascii-encoded, latin1-encoded or UTF-8 encoded string, |
|
|
161 | or any other superset of ASCII. |
| 151 | |
162 | |
| 152 | If C<$enable> is false, then the C<encode> method will not escape Unicode |
163 | If C<$enable> is false, then the C<encode> method will not escape Unicode |
| 153 | characters unless required by the JSON syntax. This results in a faster |
164 | characters unless required by the JSON syntax or other flags. This results |
| 154 | and more compact format. |
165 | in a faster and more compact format. |
|
|
166 | |
|
|
167 | The main use for this flag is to produce JSON texts that can be |
|
|
168 | transmitted over a 7-bit channel, as the encoded JSON texts will not |
|
|
169 | contain any 8 bit characters. |
| 155 | |
170 | |
| 156 | JSON::XS->new->ascii (1)->encode ([chr 0x10401]) |
171 | JSON::XS->new->ascii (1)->encode ([chr 0x10401]) |
| 157 | => ["\ud801\udc01"] |
172 | => ["\ud801\udc01"] |
|
|
173 | |
|
|
174 | =item $json = $json->latin1 ([$enable]) |
|
|
175 | |
|
|
176 | If C<$enable> is true (or missing), then the C<encode> method will encode |
|
|
177 | the resulting JSON text as latin1 (or iso-8859-1), escaping any characters |
|
|
178 | outside the code range C<0..255>. The resulting string can be treated as a |
|
|
179 | latin1-encoded JSON text or a native unicode string. The C<decode> method |
|
|
180 | will not be affected in any way by this flag, as C<decode> by default |
|
|
181 | expects unicode, which is a strict superset of latin1. |
|
|
182 | |
|
|
183 | If C<$enable> is false, then the C<encode> method will not escape Unicode |
|
|
184 | characters unless required by the JSON syntax or other flags. |
|
|
185 | |
|
|
186 | The main use for this flag is efficiently encoding binary data as JSON |
|
|
187 | text, as most octets will not be escaped, resulting in a smaller encoded |
|
|
188 | size. The disadvantage is that the resulting JSON text is encoded |
|
|
189 | in latin1 (and must correctly be treated as such when storing and |
|
|
190 | transfering), a rare encoding for JSON. It is therefore most useful when |
|
|
191 | you want to store data structures known to contain binary data efficiently |
|
|
192 | in files or databases, not when talking to other JSON encoders/decoders. |
|
|
193 | |
|
|
194 | JSON::XS->new->latin1->encode (["\x{89}\x{abc}"] |
|
|
195 | => ["\x{89}\\u0abc"] # (perl syntax, U+abc escaped, U+89 not) |
| 158 | |
196 | |
| 159 | =item $json = $json->utf8 ([$enable]) |
197 | =item $json = $json->utf8 ([$enable]) |
| 160 | |
198 | |
| 161 | If C<$enable> is true (or missing), then the C<encode> method will encode |
199 | If C<$enable> is true (or missing), then the C<encode> method will encode |
| 162 | the JSON result into UTF-8, as required by many protocols, while the |
200 | the JSON result into UTF-8, as required by many protocols, while the |
| … | |
… | |
| 275 | => "Hello, World!" |
313 | => "Hello, World!" |
| 276 | |
314 | |
| 277 | =item $json = $json->shrink ([$enable]) |
315 | =item $json = $json->shrink ([$enable]) |
| 278 | |
316 | |
| 279 | Perl usually over-allocates memory a bit when allocating space for |
317 | Perl usually over-allocates memory a bit when allocating space for |
| 280 | strings. This flag optionally resizes strings generated by either |
318 | strings. This flag optionally resizes strings generated by either |
| 281 | C<encode> or C<decode> to their minimum size possible. This can save |
319 | C<encode> or C<decode> to their minimum size possible. This can save |
| 282 | memory when your JSON texts are either very very long or you have many |
320 | memory when your JSON texts are either very very long or you have many |
| 283 | short strings. It will also try to downgrade any strings to octet-form |
321 | short strings. It will also try to downgrade any strings to octet-form |
| 284 | if possible: perl stores strings internally either in an encoding called |
322 | if possible: perl stores strings internally either in an encoding called |
| 285 | UTF-X or in octet-form. The latter cannot store everything but uses less |
323 | UTF-X or in octet-form. The latter cannot store everything but uses less |
| 286 | space in general. |
324 | space in general (and some buggy Perl or C code might even rely on that |
|
|
325 | internal representation being used). |
| 287 | |
326 | |
|
|
327 | The actual definition of what shrink does might change in future versions, |
|
|
328 | but it will always try to save space at the expense of time. |
|
|
329 | |
| 288 | If C<$enable> is true (or missing), the string returned by C<encode> will be shrunk-to-fit, |
330 | If C<$enable> is true (or missing), the string returned by C<encode> will |
| 289 | while all strings generated by C<decode> will also be shrunk-to-fit. |
331 | be shrunk-to-fit, while all strings generated by C<decode> will also be |
|
|
332 | shrunk-to-fit. |
| 290 | |
333 | |
| 291 | If C<$enable> is false, then the normal perl allocation algorithms are used. |
334 | If C<$enable> is false, then the normal perl allocation algorithms are used. |
| 292 | If you work with your data, then this is likely to be faster. |
335 | If you work with your data, then this is likely to be faster. |
| 293 | |
336 | |
| 294 | In the future, this setting might control other things, such as converting |
337 | In the future, this setting might control other things, such as converting |
| 295 | strings that look like integers or floats into integers or floats |
338 | strings that look like integers or floats into integers or floats |
| 296 | internally (there is no difference on the Perl level), saving space. |
339 | internally (there is no difference on the Perl level), saving space. |
|
|
340 | |
|
|
341 | =item $json = $json->max_depth ([$maximum_nesting_depth]) |
|
|
342 | |
|
|
343 | Sets the maximum nesting level (default C<512>) accepted while encoding |
|
|
344 | or decoding. If the JSON text or Perl data structure has an equal or |
|
|
345 | higher nesting level then this limit, then the encoder and decoder will |
|
|
346 | stop and croak at that point. |
|
|
347 | |
|
|
348 | Nesting level is defined by number of hash- or arrayrefs that the encoder |
|
|
349 | needs to traverse to reach a given point or the number of C<{> or C<[> |
|
|
350 | characters without their matching closing parenthesis crossed to reach a |
|
|
351 | given character in a string. |
|
|
352 | |
|
|
353 | Setting the maximum depth to one disallows any nesting, so that ensures |
|
|
354 | that the object is only a single hash/object or array. |
|
|
355 | |
|
|
356 | The argument to C<max_depth> will be rounded up to the next nearest power |
|
|
357 | of two. |
|
|
358 | |
|
|
359 | See SECURITY CONSIDERATIONS, below, for more info on why this is useful. |
| 297 | |
360 | |
| 298 | =item $json_text = $json->encode ($perl_scalar) |
361 | =item $json_text = $json->encode ($perl_scalar) |
| 299 | |
362 | |
| 300 | Converts the given Perl data structure (a simple scalar or a reference |
363 | Converts the given Perl data structure (a simple scalar or a reference |
| 301 | to a hash or array) to its JSON representation. Simple scalars will be |
364 | to a hash or array) to its JSON representation. Simple scalars will be |
| … | |
… | |
| 311 | |
374 | |
| 312 | JSON numbers and strings become simple Perl scalars. JSON arrays become |
375 | JSON numbers and strings become simple Perl scalars. JSON arrays become |
| 313 | Perl arrayrefs and JSON objects become Perl hashrefs. C<true> becomes |
376 | Perl arrayrefs and JSON objects become Perl hashrefs. C<true> becomes |
| 314 | C<1>, C<false> becomes C<0> and C<null> becomes C<undef>. |
377 | C<1>, C<false> becomes C<0> and C<null> becomes C<undef>. |
| 315 | |
378 | |
|
|
379 | =item ($perl_scalar, $characters) = $json->decode_prefix ($json_text) |
|
|
380 | |
|
|
381 | This works like the C<decode> method, but instead of raising an exception |
|
|
382 | when there is trailing garbage after the first JSON object, it will |
|
|
383 | silently stop parsing there and return the number of characters consumed |
|
|
384 | so far. |
|
|
385 | |
|
|
386 | This is useful if your JSON texts are not delimited by an outer protocol |
|
|
387 | (which is not the brightest thing to do in the first place) and you need |
|
|
388 | to know where the JSON text ends. |
|
|
389 | |
|
|
390 | JSON::XS->new->decode_prefix ("[1] the tail") |
|
|
391 | => ([], 3) |
|
|
392 | |
| 316 | =back |
393 | =back |
|
|
394 | |
| 317 | |
395 | |
| 318 | =head1 MAPPING |
396 | =head1 MAPPING |
| 319 | |
397 | |
| 320 | This section describes how JSON::XS maps Perl values to JSON values and |
398 | This section describes how JSON::XS maps Perl values to JSON values and |
| 321 | vice versa. These mappings are designed to "do the right thing" in most |
399 | vice versa. These mappings are designed to "do the right thing" in most |
| … | |
… | |
| 323 | (what you put in comes out as something equivalent). |
401 | (what you put in comes out as something equivalent). |
| 324 | |
402 | |
| 325 | For the more enlightened: note that in the following descriptions, |
403 | For the more enlightened: note that in the following descriptions, |
| 326 | lowercase I<perl> refers to the Perl interpreter, while uppcercase I<Perl> |
404 | lowercase I<perl> refers to the Perl interpreter, while uppcercase I<Perl> |
| 327 | refers to the abstract Perl language itself. |
405 | refers to the abstract Perl language itself. |
|
|
406 | |
| 328 | |
407 | |
| 329 | =head2 JSON -> PERL |
408 | =head2 JSON -> PERL |
| 330 | |
409 | |
| 331 | =over 4 |
410 | =over 4 |
| 332 | |
411 | |
| … | |
… | |
| 364 | |
443 | |
| 365 | A JSON null atom becomes C<undef> in Perl. |
444 | A JSON null atom becomes C<undef> in Perl. |
| 366 | |
445 | |
| 367 | =back |
446 | =back |
| 368 | |
447 | |
|
|
448 | |
| 369 | =head2 PERL -> JSON |
449 | =head2 PERL -> JSON |
| 370 | |
450 | |
| 371 | The mapping from Perl to JSON is slightly more difficult, as Perl is a |
451 | The mapping from Perl to JSON is slightly more difficult, as Perl is a |
| 372 | truly typeless language, so we can only guess which JSON type is meant by |
452 | truly typeless language, so we can only guess which JSON type is meant by |
| 373 | a Perl value. |
453 | a Perl value. |
| … | |
… | |
| 375 | =over 4 |
455 | =over 4 |
| 376 | |
456 | |
| 377 | =item hash references |
457 | =item hash references |
| 378 | |
458 | |
| 379 | Perl hash references become JSON objects. As there is no inherent ordering |
459 | Perl hash references become JSON objects. As there is no inherent ordering |
| 380 | in hash keys, they will usually be encoded in a pseudo-random order that |
460 | in hash keys (or JSON objects), they will usually be encoded in a |
| 381 | can change between runs of the same program but stays generally the same |
461 | pseudo-random order that can change between runs of the same program but |
| 382 | within a single run of a program. JSON::XS can optionally sort the hash |
462 | stays generally the same within a single run of a program. JSON::XS can |
| 383 | keys (determined by the I<canonical> flag), so the same datastructure |
463 | optionally sort the hash keys (determined by the I<canonical> flag), so |
| 384 | will serialise to the same JSON text (given same settings and version of |
464 | the same datastructure will serialise to the same JSON text (given same |
| 385 | JSON::XS), but this incurs a runtime overhead. |
465 | settings and version of JSON::XS), but this incurs a runtime overhead |
|
|
466 | and is only rarely useful, e.g. when you want to compare some JSON text |
|
|
467 | against another for equality. |
| 386 | |
468 | |
| 387 | =item array references |
469 | =item array references |
| 388 | |
470 | |
| 389 | Perl array references become JSON arrays. |
471 | Perl array references become JSON arrays. |
|
|
472 | |
|
|
473 | =item other references |
|
|
474 | |
|
|
475 | Other unblessed references are generally not allowed and will cause an |
|
|
476 | exception to be thrown, except for references to the integers C<0> and |
|
|
477 | C<1>, which get turned into C<false> and C<true> atoms in JSON. You can |
|
|
478 | also use C<JSON::XS::false> and C<JSON::XS::true> to improve readability. |
|
|
479 | |
|
|
480 | to_json [\0,JSON::XS::true] # yields [false,true] |
| 390 | |
481 | |
| 391 | =item blessed objects |
482 | =item blessed objects |
| 392 | |
483 | |
| 393 | Blessed objects are not allowed. JSON::XS currently tries to encode their |
484 | Blessed objects are not allowed. JSON::XS currently tries to encode their |
| 394 | underlying representation (hash- or arrayref), but this behaviour might |
485 | underlying representation (hash- or arrayref), but this behaviour might |
| … | |
… | |
| 427 | $x *= 1; # same thing, the choise is yours. |
518 | $x *= 1; # same thing, the choise is yours. |
| 428 | |
519 | |
| 429 | You can not currently output JSON booleans or force the type in other, |
520 | You can not currently output JSON booleans or force the type in other, |
| 430 | less obscure, ways. Tell me if you need this capability. |
521 | less obscure, ways. Tell me if you need this capability. |
| 431 | |
522 | |
| 432 | =item circular data structures |
|
|
| 433 | |
|
|
| 434 | Those will be encoded until memory or stackspace runs out. |
|
|
| 435 | |
|
|
| 436 | =back |
523 | =back |
|
|
524 | |
| 437 | |
525 | |
| 438 | =head1 COMPARISON |
526 | =head1 COMPARISON |
| 439 | |
527 | |
| 440 | As already mentioned, this module was created because none of the existing |
528 | As already mentioned, this module was created because none of the existing |
| 441 | JSON modules could be made to work correctly. First I will describe the |
529 | JSON modules could be made to work correctly. First I will describe the |
| … | |
… | |
| 519 | |
607 | |
| 520 | Does not check input for validity. |
608 | Does not check input for validity. |
| 521 | |
609 | |
| 522 | =back |
610 | =back |
| 523 | |
611 | |
|
|
612 | |
|
|
613 | =head2 JSON and YAML |
|
|
614 | |
|
|
615 | You often hear that JSON is a subset (or a close subset) of YAML. This is, |
|
|
616 | however, a mass hysteria and very far from the truth. In general, there is |
|
|
617 | no way to configure JSON::XS to output a data structure as valid YAML. |
|
|
618 | |
|
|
619 | If you really must use JSON::XS to generate YAML, you should use this |
|
|
620 | algorithm (subject to change in future versions): |
|
|
621 | |
|
|
622 | my $to_yaml = JSON::XS->new->utf8->space_after (1); |
|
|
623 | my $yaml = $to_yaml->encode ($ref) . "\n"; |
|
|
624 | |
|
|
625 | This will usually generate JSON texts that also parse as valid |
|
|
626 | YAML. Please note that YAML has hardcoded limits on (simple) object key |
|
|
627 | lengths that JSON doesn't have, so you should make sure that your hash |
|
|
628 | keys are noticably shorter than the 1024 characters YAML allows. |
|
|
629 | |
|
|
630 | There might be other incompatibilities that I am not aware of. In general |
|
|
631 | you should not try to generate YAML with a JSON generator or vice versa, |
|
|
632 | or try to parse JSON with a YAML parser or vice versa: chances are high |
|
|
633 | that you will run into severe interoperability problems. |
|
|
634 | |
|
|
635 | |
| 524 | =head2 SPEED |
636 | =head2 SPEED |
| 525 | |
637 | |
| 526 | It seems that JSON::XS is surprisingly fast, as shown in the following |
638 | It seems that JSON::XS is surprisingly fast, as shown in the following |
| 527 | tables. They have been generated with the help of the C<eg/bench> program |
639 | tables. They have been generated with the help of the C<eg/bench> program |
| 528 | in the JSON::XS distribution, to make it easy to compare on your own |
640 | in the JSON::XS distribution, to make it easy to compare on your own |
| 529 | system. |
641 | system. |
| 530 | |
642 | |
| 531 | First comes a comparison between various modules using a very short JSON |
643 | First comes a comparison between various modules using a very short |
| 532 | string (83 bytes), showing the number of encodes/decodes per second |
644 | single-line JSON string: |
|
|
645 | |
|
|
646 | {"method": "handleMessage", "params": ["user1", "we were just talking"], \ |
|
|
647 | "id": null, "array":[1,11,234,-5,1e5,1e7, true, false]} |
|
|
648 | |
|
|
649 | It shows the number of encodes/decodes per second (JSON::XS uses |
| 533 | (JSON::XS is the functional interface, while JSON::XS/2 is the OO |
650 | the functional interface, while JSON::XS/2 uses the OO interface |
| 534 | interface with pretty-printing and hashkey sorting enabled). Higher is |
651 | with pretty-printing and hashkey sorting enabled, JSON::XS/3 enables |
| 535 | better: |
652 | shrink). Higher is better: |
| 536 | |
653 | |
| 537 | module | encode | decode | |
654 | module | encode | decode | |
| 538 | -----------|------------|------------| |
655 | -----------|------------|------------| |
| 539 | JSON | 14006 | 6820 | |
656 | JSON | 7645.468 | 4208.613 | |
| 540 | JSON::DWIW | 200937 | 120386 | |
657 | JSON::DWIW | 40721.398 | 77101.176 | |
| 541 | JSON::PC | 85065 | 129366 | |
658 | JSON::PC | 65948.176 | 78251.940 | |
| 542 | JSON::Syck | 59898 | 44232 | |
659 | JSON::Syck | 22844.793 | 26479.192 | |
| 543 | JSON::XS | 1171478 | 342435 | |
660 | JSON::XS | 388361.481 | 199728.762 | |
| 544 | JSON::XS/2 | 730760 | 328714 | |
661 | JSON::XS/2 | 218453.333 | 192399.266 | |
|
|
662 | JSON::XS/3 | 338250.323 | 192399.266 | |
|
|
663 | Storable | 15779.925 | 14169.946 | |
| 545 | -----------+------------+------------+ |
664 | -----------+------------+------------+ |
| 546 | |
665 | |
| 547 | That is, JSON::XS is 6 times faster than than JSON::DWIW and about 80 |
666 | That is, JSON::XS is about five times faster than JSON::DWIW on encoding, |
|
|
667 | about three times faster on decoding, and over fourty times faster |
| 548 | times faster than JSON, even with pretty-printing and key sorting. |
668 | than JSON, even with pretty-printing and key sorting. It also compares |
|
|
669 | favourably to Storable for small amounts of data. |
| 549 | |
670 | |
| 550 | Using a longer test string (roughly 18KB, generated from Yahoo! Locals |
671 | Using a longer test string (roughly 18KB, generated from Yahoo! Locals |
| 551 | search API (http://nanoref.com/yahooapis/mgPdGg): |
672 | search API (http://nanoref.com/yahooapis/mgPdGg): |
| 552 | |
673 | |
| 553 | module | encode | decode | |
674 | module | encode | decode | |
| 554 | -----------|------------|------------| |
675 | -----------|------------|------------| |
| 555 | JSON | 673 | 38 | |
676 | JSON | 254.685 | 37.665 | |
| 556 | JSON::DWIW | 5271 | 770 | |
677 | JSON::DWIW | 843.343 | 1049.731 | |
| 557 | JSON::PC | 9901 | 2491 | |
678 | JSON::PC | 3602.116 | 2307.352 | |
| 558 | JSON::Syck | 2360 | 786 | |
679 | JSON::Syck | 505.107 | 787.899 | |
| 559 | JSON::XS | 37398 | 3202 | |
680 | JSON::XS | 5747.196 | 3690.220 | |
| 560 | JSON::XS/2 | 13765 | 3153 | |
681 | JSON::XS/2 | 3968.121 | 3676.634 | |
|
|
682 | JSON::XS/3 | 6105.246 | 3662.508 | |
|
|
683 | Storable | 4417.337 | 5285.161 | |
| 561 | -----------+------------+------------+ |
684 | -----------+------------+------------+ |
| 562 | |
685 | |
| 563 | Again, JSON::XS leads by far in the encoding case, while still beating |
686 | Again, JSON::XS leads by far (except for Storable which non-surprisingly |
| 564 | every other module in the decoding case. |
687 | decodes faster). |
| 565 | |
688 | |
| 566 | On large strings containing lots of unicode characters, some modules |
689 | On large strings containing lots of high unicode characters, some modules |
| 567 | (such as JSON::PC) decode faster than JSON::XS, but the result will be |
690 | (such as JSON::PC) seem to decode faster than JSON::XS, but the result |
| 568 | broken due to missing unicode handling. Others refuse to decode or encode |
691 | will be broken due to missing (or wrong) unicode handling. Others refuse |
| 569 | properly, so it was impossible to prepare a fair comparison table for that |
692 | to decode or encode properly, so it was impossible to prepare a fair |
| 570 | case. |
693 | comparison table for that case. |
| 571 | |
694 | |
| 572 | =head1 RESOURCE LIMITS |
|
|
| 573 | |
695 | |
| 574 | JSON::XS does not impose any limits on the size of JSON texts or Perl |
696 | =head1 SECURITY CONSIDERATIONS |
| 575 | values they represent - if your machine can handle it, JSON::XS will |
697 | |
| 576 | encode or decode it. Future versions might optionally impose structure |
698 | When you are using JSON in a protocol, talking to untrusted potentially |
| 577 | depth and memory use resource limits. |
699 | hostile creatures requires relatively few measures. |
|
|
700 | |
|
|
701 | First of all, your JSON decoder should be secure, that is, should not have |
|
|
702 | any buffer overflows. Obviously, this module should ensure that and I am |
|
|
703 | trying hard on making that true, but you never know. |
|
|
704 | |
|
|
705 | Second, you need to avoid resource-starving attacks. That means you should |
|
|
706 | limit the size of JSON texts you accept, or make sure then when your |
|
|
707 | resources run out, thats just fine (e.g. by using a separate process that |
|
|
708 | can crash safely). The size of a JSON text in octets or characters is |
|
|
709 | usually a good indication of the size of the resources required to decode |
|
|
710 | it into a Perl structure. |
|
|
711 | |
|
|
712 | Third, JSON::XS recurses using the C stack when decoding objects and |
|
|
713 | arrays. The C stack is a limited resource: for instance, on my amd64 |
|
|
714 | machine with 8MB of stack size I can decode around 180k nested arrays but |
|
|
715 | only 14k nested JSON objects (due to perl itself recursing deeply on croak |
|
|
716 | to free the temporary). If that is exceeded, the program crashes. to be |
|
|
717 | conservative, the default nesting limit is set to 512. If your process |
|
|
718 | has a smaller stack, you should adjust this setting accordingly with the |
|
|
719 | C<max_depth> method. |
|
|
720 | |
|
|
721 | And last but least, something else could bomb you that I forgot to think |
|
|
722 | of. In that case, you get to keep the pieces. I am always open for hints, |
|
|
723 | though... |
|
|
724 | |
|
|
725 | If you are using JSON::XS to return packets to consumption |
|
|
726 | by javascript scripts in a browser you should have a look at |
|
|
727 | L<http://jpsykes.com/47/practical-csrf-and-json-security> to see wether |
|
|
728 | you are vulnerable to some common attack vectors (which really are browser |
|
|
729 | design bugs, but it is still you who will have to deal with it, as major |
|
|
730 | browser developers care only for features, not about doing security |
|
|
731 | right). |
|
|
732 | |
| 578 | |
733 | |
| 579 | =head1 BUGS |
734 | =head1 BUGS |
| 580 | |
735 | |
| 581 | While the goal of this module is to be correct, that unfortunately does |
736 | While the goal of this module is to be correct, that unfortunately does |
| 582 | not mean its bug-free, only that I think its design is bug-free. It is |
737 | not mean its bug-free, only that I think its design is bug-free. It is |
| 583 | still very young and not well-tested. If you keep reporting bugs they will |
738 | still relatively early in its development. If you keep reporting bugs they |
| 584 | be fixed swiftly, though. |
739 | will be fixed swiftly, though. |
| 585 | |
740 | |
| 586 | =cut |
741 | =cut |
|
|
742 | |
|
|
743 | sub true() { \1 } |
|
|
744 | sub false() { \0 } |
| 587 | |
745 | |
| 588 | 1; |
746 | 1; |
| 589 | |
747 | |
| 590 | =head1 AUTHOR |
748 | =head1 AUTHOR |
| 591 | |
749 | |
