| … | |
… | |
| 1163 | to free the temporary). If that is exceeded, the program crashes. To be |
1163 | to free the temporary). If that is exceeded, the program crashes. To be |
| 1164 | conservative, the default nesting limit is set to 512. If your process |
1164 | conservative, the default nesting limit is set to 512. If your process |
| 1165 | has a smaller stack, you should adjust this setting accordingly with the |
1165 | has a smaller stack, you should adjust this setting accordingly with the |
| 1166 | C<max_depth> method. |
1166 | C<max_depth> method. |
| 1167 | |
1167 | |
| 1168 | And last but least, something else could bomb you that I forgot to think |
1168 | Something else could bomb you, too, that I forgot to think of. In that |
| 1169 | of. In that case, you get to keep the pieces. I am always open for hints, |
1169 | case, you get to keep the pieces. I am always open for hints, though... |
| 1170 | though... |
1170 | |
|
|
1171 | Also keep in mind that JSON::XS might leak contents of your Perl data |
|
|
1172 | structures in its error messages, so when you serialise sensitive |
|
|
1173 | information you might want to make sure that exceptions thrown by JSON::XS |
|
|
1174 | will not end up in front of untrusted eyes. |
| 1171 | |
1175 | |
| 1172 | If you are using JSON::XS to return packets to consumption |
1176 | If you are using JSON::XS to return packets to consumption |
| 1173 | by JavaScript scripts in a browser you should have a look at |
1177 | by JavaScript scripts in a browser you should have a look at |
| 1174 | L<http://jpsykes.com/47/practical-csrf-and-json-security> to see whether |
1178 | L<http://jpsykes.com/47/practical-csrf-and-json-security> to see whether |
| 1175 | you are vulnerable to some common attack vectors (which really are browser |
1179 | you are vulnerable to some common attack vectors (which really are browser |
