| … | |
… | |
| 938 | directly when available (so will be 100% compatible with it, including |
938 | directly when available (so will be 100% compatible with it, including |
| 939 | speed), or it uses JSON::PP, which is basically JSON::XS translated to |
939 | speed), or it uses JSON::PP, which is basically JSON::XS translated to |
| 940 | Pure Perl, which should be 100% compatible with JSON::XS, just a bit |
940 | Pure Perl, which should be 100% compatible with JSON::XS, just a bit |
| 941 | slower. |
941 | slower. |
| 942 | |
942 | |
| 943 | You cannot really lose by using this module. |
943 | You cannot really lose by using this module, especially as it tries very |
|
|
944 | hard to work even with ancient Perl versions, while JSON::XS does not. |
| 944 | |
945 | |
| 945 | =item JSON 1.07 |
946 | =item JSON 1.07 |
| 946 | |
947 | |
| 947 | Slow (but very portable, as it is written in pure Perl). |
948 | Slow (but very portable, as it is written in pure Perl). |
| 948 | |
949 | |
| … | |
… | |
| 1162 | to free the temporary). If that is exceeded, the program crashes. To be |
1163 | to free the temporary). If that is exceeded, the program crashes. To be |
| 1163 | conservative, the default nesting limit is set to 512. If your process |
1164 | conservative, the default nesting limit is set to 512. If your process |
| 1164 | has a smaller stack, you should adjust this setting accordingly with the |
1165 | has a smaller stack, you should adjust this setting accordingly with the |
| 1165 | C<max_depth> method. |
1166 | C<max_depth> method. |
| 1166 | |
1167 | |
| 1167 | And last but least, something else could bomb you that I forgot to think |
1168 | Something else could bomb you, too, that I forgot to think of. In that |
| 1168 | of. In that case, you get to keep the pieces. I am always open for hints, |
1169 | case, you get to keep the pieces. I am always open for hints, though... |
| 1169 | though... |
1170 | |
|
|
1171 | Also keep in mind that JSON::XS might leak contents of your Perl data |
|
|
1172 | structures in its error messages, so when you serialise sensitive |
|
|
1173 | information you might want to make sure that exceptions thrown by JSON::XS |
|
|
1174 | will not end up in front of untrusted eyes. |
| 1170 | |
1175 | |
| 1171 | If you are using JSON::XS to return packets to consumption |
1176 | If you are using JSON::XS to return packets to consumption |
| 1172 | by JavaScript scripts in a browser you should have a look at |
1177 | by JavaScript scripts in a browser you should have a look at |
| 1173 | L<http://jpsykes.com/47/practical-csrf-and-json-security> to see whether |
1178 | L<http://jpsykes.com/47/practical-csrf-and-json-security> to see whether |
| 1174 | you are vulnerable to some common attack vectors (which really are browser |
1179 | you are vulnerable to some common attack vectors (which really are browser |
