| 1 | =head1 NAME |
1 | =head1 NAME |
| 2 | |
2 | |
|
|
3 | JSON::XS - JSON serialising/deserialising, done correctly and fast |
|
|
4 | |
| 3 | =encoding utf-8 |
5 | =encoding utf-8 |
| 4 | |
|
|
| 5 | JSON::XS - JSON serialising/deserialising, done correctly and fast |
|
|
| 6 | |
6 | |
| 7 | JSON::XS - 正しくて高速な JSON シリアライザ/デシリアライザ |
7 | JSON::XS - 正しくて高速な JSON シリアライザ/デシリアライザ |
| 8 | (http://fleur.hio.jp/perldoc/mix/lib/JSON/XS.html) |
8 | (http://fleur.hio.jp/perldoc/mix/lib/JSON/XS.html) |
| 9 | |
9 | |
| 10 | =head1 SYNOPSIS |
10 | =head1 SYNOPSIS |
| … | |
… | |
| 37 | primary goal is to be I<correct> and its secondary goal is to be |
37 | primary goal is to be I<correct> and its secondary goal is to be |
| 38 | I<fast>. To reach the latter goal it was written in C. |
38 | I<fast>. To reach the latter goal it was written in C. |
| 39 | |
39 | |
| 40 | Beginning with version 2.0 of the JSON module, when both JSON and |
40 | Beginning with version 2.0 of the JSON module, when both JSON and |
| 41 | JSON::XS are installed, then JSON will fall back on JSON::XS (this can be |
41 | JSON::XS are installed, then JSON will fall back on JSON::XS (this can be |
| 42 | overriden) with no overhead due to emulation (by inheritign constructor |
42 | overridden) with no overhead due to emulation (by inheriting constructor |
| 43 | and methods). If JSON::XS is not available, it will fall back to the |
43 | and methods). If JSON::XS is not available, it will fall back to the |
| 44 | compatible JSON::PP module as backend, so using JSON instead of JSON::XS |
44 | compatible JSON::PP module as backend, so using JSON instead of JSON::XS |
| 45 | gives you a portable JSON API that can be fast when you need and doesn't |
45 | gives you a portable JSON API that can be fast when you need it and |
| 46 | require a C compiler when that is a problem. |
46 | doesn't require a C compiler when that is a problem. |
| 47 | |
47 | |
| 48 | As this is the n-th-something JSON module on CPAN, what was the reason |
48 | As this is the n-th-something JSON module on CPAN, what was the reason |
| 49 | to write yet another JSON module? While it seems there are many JSON |
49 | to write yet another JSON module? While it seems there are many JSON |
| 50 | modules, none of them correctly handle all corner cases, and in most cases |
50 | modules, none of them correctly handle all corner cases, and in most cases |
| 51 | their maintainers are unresponsive, gone missing, or not listening to bug |
51 | their maintainers are unresponsive, gone missing, or not listening to bug |
| 52 | reports for other reasons. |
52 | reports for other reasons. |
| 53 | |
53 | |
| 54 | See COMPARISON, below, for a comparison to some other JSON modules. |
|
|
| 55 | |
|
|
| 56 | See MAPPING, below, on how JSON::XS maps perl values to JSON values and |
54 | See MAPPING, below, on how JSON::XS maps perl values to JSON values and |
| 57 | vice versa. |
55 | vice versa. |
| 58 | |
56 | |
| 59 | =head2 FEATURES |
57 | =head2 FEATURES |
| 60 | |
58 | |
| … | |
… | |
| 65 | This module knows how to handle Unicode, documents how and when it does |
63 | This module knows how to handle Unicode, documents how and when it does |
| 66 | so, and even documents what "correct" means. |
64 | so, and even documents what "correct" means. |
| 67 | |
65 | |
| 68 | =item * round-trip integrity |
66 | =item * round-trip integrity |
| 69 | |
67 | |
| 70 | When you serialise a perl data structure using only datatypes supported |
68 | When you serialise a perl data structure using only data types supported |
| 71 | by JSON, the deserialised data structure is identical on the Perl level. |
69 | by JSON and Perl, the deserialised data structure is identical on the Perl |
| 72 | (e.g. the string "2.0" doesn't suddenly become "2" just because it looks |
70 | level. (e.g. the string "2.0" doesn't suddenly become "2" just because |
| 73 | like a number). There minor I<are> exceptions to this, read the MAPPING |
71 | it looks like a number). There I<are> minor exceptions to this, read the |
| 74 | section below to learn about those. |
72 | MAPPING section below to learn about those. |
| 75 | |
73 | |
| 76 | =item * strict checking of JSON correctness |
74 | =item * strict checking of JSON correctness |
| 77 | |
75 | |
| 78 | There is no guessing, no generating of illegal JSON texts by default, |
76 | There is no guessing, no generating of illegal JSON texts by default, |
| 79 | and only JSON is accepted as input by default (the latter is a security |
77 | and only JSON is accepted as input by default (the latter is a security |
| … | |
… | |
| 84 | Compared to other JSON modules and other serialisers such as Storable, |
82 | Compared to other JSON modules and other serialisers such as Storable, |
| 85 | this module usually compares favourably in terms of speed, too. |
83 | this module usually compares favourably in terms of speed, too. |
| 86 | |
84 | |
| 87 | =item * simple to use |
85 | =item * simple to use |
| 88 | |
86 | |
| 89 | This module has both a simple functional interface as well as an objetc |
87 | This module has both a simple functional interface as well as an object |
| 90 | oriented interface interface. |
88 | oriented interface. |
| 91 | |
89 | |
| 92 | =item * reasonably versatile output formats |
90 | =item * reasonably versatile output formats |
| 93 | |
91 | |
| 94 | You can choose between the most compact guaranteed-single-line format |
92 | You can choose between the most compact guaranteed-single-line format |
| 95 | possible (nice for simple line-based protocols), a pure-ascii format |
93 | possible (nice for simple line-based protocols), a pure-ASCII format |
| 96 | (for when your transport is not 8-bit clean, still supports the whole |
94 | (for when your transport is not 8-bit clean, still supports the whole |
| 97 | Unicode range), or a pretty-printed format (for when you want to read that |
95 | Unicode range), or a pretty-printed format (for when you want to read that |
| 98 | stuff). Or you can combine those features in whatever way you like. |
96 | stuff). Or you can combine those features in whatever way you like. |
| 99 | |
97 | |
| 100 | =back |
98 | =back |
| 101 | |
99 | |
| 102 | =cut |
100 | =cut |
| 103 | |
101 | |
| 104 | package JSON::XS; |
102 | package JSON::XS; |
| 105 | |
103 | |
| 106 | use strict; |
104 | use common::sense; |
| 107 | |
105 | |
| 108 | our $VERSION = '2.1'; |
106 | our $VERSION = 3.04; |
| 109 | our @ISA = qw(Exporter); |
107 | our @ISA = qw(Exporter); |
| 110 | |
108 | |
| 111 | our @EXPORT = qw(encode_json decode_json to_json from_json); |
109 | our @EXPORT = qw(encode_json decode_json); |
| 112 | |
|
|
| 113 | sub to_json($) { |
|
|
| 114 | require Carp; |
|
|
| 115 | Carp::croak ("JSON::XS::to_json has been renamed to encode_json, either downgrade to pre-2.0 versions of JSON::XS or rename the call"); |
|
|
| 116 | } |
|
|
| 117 | |
|
|
| 118 | sub from_json($) { |
|
|
| 119 | require Carp; |
|
|
| 120 | Carp::croak ("JSON::XS::from_json has been renamed to decode_json, either downgrade to pre-2.0 versions of JSON::XS or rename the call"); |
|
|
| 121 | } |
|
|
| 122 | |
110 | |
| 123 | use Exporter; |
111 | use Exporter; |
| 124 | use XSLoader; |
112 | use XSLoader; |
| 125 | |
113 | |
|
|
114 | use Types::Serialiser (); |
|
|
115 | |
| 126 | =head1 FUNCTIONAL INTERFACE |
116 | =head1 FUNCTIONAL INTERFACE |
| 127 | |
117 | |
| 128 | The following convenience methods are provided by this module. They are |
118 | The following convenience methods are provided by this module. They are |
| 129 | exported by default: |
119 | exported by default: |
| 130 | |
120 | |
| … | |
… | |
| 137 | |
127 | |
| 138 | This function call is functionally identical to: |
128 | This function call is functionally identical to: |
| 139 | |
129 | |
| 140 | $json_text = JSON::XS->new->utf8->encode ($perl_scalar) |
130 | $json_text = JSON::XS->new->utf8->encode ($perl_scalar) |
| 141 | |
131 | |
| 142 | except being faster. |
132 | Except being faster. |
| 143 | |
133 | |
| 144 | =item $perl_scalar = decode_json $json_text |
134 | =item $perl_scalar = decode_json $json_text |
| 145 | |
135 | |
| 146 | The opposite of C<encode_json>: expects an UTF-8 (binary) string and tries |
136 | The opposite of C<encode_json>: expects a UTF-8 (binary) string and tries |
| 147 | to parse that as an UTF-8 encoded JSON text, returning the resulting |
137 | to parse that as a UTF-8 encoded JSON text, returning the resulting |
| 148 | reference. Croaks on error. |
138 | reference. Croaks on error. |
| 149 | |
139 | |
| 150 | This function call is functionally identical to: |
140 | This function call is functionally identical to: |
| 151 | |
141 | |
| 152 | $perl_scalar = JSON::XS->new->utf8->decode ($json_text) |
142 | $perl_scalar = JSON::XS->new->utf8->decode ($json_text) |
| 153 | |
143 | |
| 154 | except being faster. |
144 | Except being faster. |
| 155 | |
|
|
| 156 | =item $is_boolean = JSON::XS::is_bool $scalar |
|
|
| 157 | |
|
|
| 158 | Returns true if the passed scalar represents either JSON::XS::true or |
|
|
| 159 | JSON::XS::false, two constants that act like C<1> and C<0>, respectively |
|
|
| 160 | and are used to represent JSON C<true> and C<false> values in Perl. |
|
|
| 161 | |
|
|
| 162 | See MAPPING, below, for more information on how JSON values are mapped to |
|
|
| 163 | Perl. |
|
|
| 164 | |
145 | |
| 165 | =back |
146 | =back |
| 166 | |
147 | |
| 167 | |
148 | |
| 168 | =head1 A FEW NOTES ON UNICODE AND PERL |
149 | =head1 A FEW NOTES ON UNICODE AND PERL |
| … | |
… | |
| 197 | |
178 | |
| 198 | If you didn't know about that flag, just the better, pretend it doesn't |
179 | If you didn't know about that flag, just the better, pretend it doesn't |
| 199 | exist. |
180 | exist. |
| 200 | |
181 | |
| 201 | =item 4. A "Unicode String" is simply a string where each character can be |
182 | =item 4. A "Unicode String" is simply a string where each character can be |
| 202 | validly interpreted as a Unicode codepoint. |
183 | validly interpreted as a Unicode code point. |
| 203 | |
184 | |
| 204 | If you have UTF-8 encoded data, it is no longer a Unicode string, but a |
185 | If you have UTF-8 encoded data, it is no longer a Unicode string, but a |
| 205 | Unicode string encoded in UTF-8, giving you a binary string. |
186 | Unicode string encoded in UTF-8, giving you a binary string. |
| 206 | |
187 | |
| 207 | =item 5. A string containing "high" (> 255) character values is I<not> a UTF-8 string. |
188 | =item 5. A string containing "high" (> 255) character values is I<not> a UTF-8 string. |
| … | |
… | |
| 221 | =over 4 |
202 | =over 4 |
| 222 | |
203 | |
| 223 | =item $json = new JSON::XS |
204 | =item $json = new JSON::XS |
| 224 | |
205 | |
| 225 | Creates a new JSON::XS object that can be used to de/encode JSON |
206 | Creates a new JSON::XS object that can be used to de/encode JSON |
| 226 | strings. All boolean flags described below are by default I<disabled>. |
207 | strings. All boolean flags described below are by default I<disabled> |
|
|
208 | (with the exception of C<allow_nonref>, which defaults to I<enabled> since |
|
|
209 | version C<4.0>). |
| 227 | |
210 | |
| 228 | The mutators for flags all return the JSON object again and thus calls can |
211 | The mutators for flags all return the JSON object again and thus calls can |
| 229 | be chained: |
212 | be chained: |
| 230 | |
213 | |
| 231 | my $json = JSON::XS->new->utf8->space_after->encode ({a => [1,2]}) |
214 | my $json = JSON::XS->new->utf8->space_after->encode ({a => [1,2]}) |
| … | |
… | |
| 289 | |
272 | |
| 290 | =item $enabled = $json->get_utf8 |
273 | =item $enabled = $json->get_utf8 |
| 291 | |
274 | |
| 292 | If C<$enable> is true (or missing), then the C<encode> method will encode |
275 | If C<$enable> is true (or missing), then the C<encode> method will encode |
| 293 | the JSON result into UTF-8, as required by many protocols, while the |
276 | the JSON result into UTF-8, as required by many protocols, while the |
| 294 | C<decode> method expects to be handled an UTF-8-encoded string. Please |
277 | C<decode> method expects to be handed a UTF-8-encoded string. Please |
| 295 | note that UTF-8-encoded strings do not contain any characters outside the |
278 | note that UTF-8-encoded strings do not contain any characters outside the |
| 296 | range C<0..255>, they are thus useful for bytewise/binary I/O. In future |
279 | range C<0..255>, they are thus useful for bytewise/binary I/O. In future |
| 297 | versions, enabling this option might enable autodetection of the UTF-16 |
280 | versions, enabling this option might enable autodetection of the UTF-16 |
| 298 | and UTF-32 encoding families, as described in RFC4627. |
281 | and UTF-32 encoding families, as described in RFC4627. |
| 299 | |
282 | |
| … | |
… | |
| 384 | |
367 | |
| 385 | =item $enabled = $json->get_relaxed |
368 | =item $enabled = $json->get_relaxed |
| 386 | |
369 | |
| 387 | If C<$enable> is true (or missing), then C<decode> will accept some |
370 | If C<$enable> is true (or missing), then C<decode> will accept some |
| 388 | extensions to normal JSON syntax (see below). C<encode> will not be |
371 | extensions to normal JSON syntax (see below). C<encode> will not be |
| 389 | affected in anyway. I<Be aware that this option makes you accept invalid |
372 | affected in any way. I<Be aware that this option makes you accept invalid |
| 390 | JSON texts as if they were valid!>. I suggest only to use this option to |
373 | JSON texts as if they were valid!>. I suggest only to use this option to |
| 391 | parse application-specific files written by humans (configuration files, |
374 | parse application-specific files written by humans (configuration files, |
| 392 | resource files etc.) |
375 | resource files etc.) |
| 393 | |
376 | |
| 394 | If C<$enable> is false (the default), then C<decode> will only accept |
377 | If C<$enable> is false (the default), then C<decode> will only accept |
| … | |
… | |
| 423 | [ |
406 | [ |
| 424 | 1, # this comment not allowed in JSON |
407 | 1, # this comment not allowed in JSON |
| 425 | # neither this one... |
408 | # neither this one... |
| 426 | ] |
409 | ] |
| 427 | |
410 | |
|
|
411 | =item * literal ASCII TAB characters in strings |
|
|
412 | |
|
|
413 | Literal ASCII TAB characters are now allowed in strings (and treated as |
|
|
414 | C<\t>). |
|
|
415 | |
|
|
416 | [ |
|
|
417 | "Hello\tWorld", |
|
|
418 | "Hello<TAB>World", # literal <TAB> would not normally be allowed |
|
|
419 | ] |
|
|
420 | |
| 428 | =back |
421 | =back |
| 429 | |
422 | |
| 430 | =item $json = $json->canonical ([$enable]) |
423 | =item $json = $json->canonical ([$enable]) |
| 431 | |
424 | |
| 432 | =item $enabled = $json->get_canonical |
425 | =item $enabled = $json->get_canonical |
| … | |
… | |
| 434 | If C<$enable> is true (or missing), then the C<encode> method will output JSON objects |
427 | If C<$enable> is true (or missing), then the C<encode> method will output JSON objects |
| 435 | by sorting their keys. This is adding a comparatively high overhead. |
428 | by sorting their keys. This is adding a comparatively high overhead. |
| 436 | |
429 | |
| 437 | If C<$enable> is false, then the C<encode> method will output key-value |
430 | If C<$enable> is false, then the C<encode> method will output key-value |
| 438 | pairs in the order Perl stores them (which will likely change between runs |
431 | pairs in the order Perl stores them (which will likely change between runs |
| 439 | of the same script). |
432 | of the same script, and can change even within the same run from 5.18 |
|
|
433 | onwards). |
| 440 | |
434 | |
| 441 | This option is useful if you want the same data structure to be encoded as |
435 | This option is useful if you want the same data structure to be encoded as |
| 442 | the same JSON text (given the same overall settings). If it is disabled, |
436 | the same JSON text (given the same overall settings). If it is disabled, |
| 443 | the same hash might be encoded differently even if contains the same data, |
437 | the same hash might be encoded differently even if contains the same data, |
| 444 | as key-value pairs have no inherent ordering in Perl. |
438 | as key-value pairs have no inherent ordering in Perl. |
| 445 | |
439 | |
| 446 | This setting has no effect when decoding JSON texts. |
440 | This setting has no effect when decoding JSON texts. |
| 447 | |
441 | |
|
|
442 | This setting has currently no effect on tied hashes. |
|
|
443 | |
| 448 | =item $json = $json->allow_nonref ([$enable]) |
444 | =item $json = $json->allow_nonref ([$enable]) |
| 449 | |
445 | |
| 450 | =item $enabled = $json->get_allow_nonref |
446 | =item $enabled = $json->get_allow_nonref |
|
|
447 | |
|
|
448 | Unlike other boolean options, this opotion is enabled by default beginning |
|
|
449 | with version C<4.0>. See L<SECURITY CONSIDERATIONS> for the gory details. |
| 451 | |
450 | |
| 452 | If C<$enable> is true (or missing), then the C<encode> method can convert a |
451 | If C<$enable> is true (or missing), then the C<encode> method can convert a |
| 453 | non-reference into its corresponding string, number or null JSON value, |
452 | non-reference into its corresponding string, number or null JSON value, |
| 454 | which is an extension to RFC4627. Likewise, C<decode> will accept those JSON |
453 | which is an extension to RFC4627. Likewise, C<decode> will accept those JSON |
| 455 | values instead of croaking. |
454 | values instead of croaking. |
| … | |
… | |
| 457 | If C<$enable> is false, then the C<encode> method will croak if it isn't |
456 | If C<$enable> is false, then the C<encode> method will croak if it isn't |
| 458 | passed an arrayref or hashref, as JSON texts must either be an object |
457 | passed an arrayref or hashref, as JSON texts must either be an object |
| 459 | or array. Likewise, C<decode> will croak if given something that is not a |
458 | or array. Likewise, C<decode> will croak if given something that is not a |
| 460 | JSON object or array. |
459 | JSON object or array. |
| 461 | |
460 | |
| 462 | Example, encode a Perl scalar as JSON value with enabled C<allow_nonref>, |
461 | Example, encode a Perl scalar as JSON value without enabled C<allow_nonref>, |
| 463 | resulting in an invalid JSON text: |
462 | resulting in an error: |
| 464 | |
463 | |
| 465 | JSON::XS->new->allow_nonref->encode ("Hello, World!") |
464 | JSON::XS->new->allow_nonref (0)->encode ("Hello, World!") |
| 466 | => "Hello, World!" |
465 | => hash- or arrayref expected... |
|
|
466 | |
|
|
467 | =item $json = $json->allow_unknown ([$enable]) |
|
|
468 | |
|
|
469 | =item $enabled = $json->get_allow_unknown |
|
|
470 | |
|
|
471 | If C<$enable> is true (or missing), then C<encode> will I<not> throw an |
|
|
472 | exception when it encounters values it cannot represent in JSON (for |
|
|
473 | example, filehandles) but instead will encode a JSON C<null> value. Note |
|
|
474 | that blessed objects are not included here and are handled separately by |
|
|
475 | c<allow_nonref>. |
|
|
476 | |
|
|
477 | If C<$enable> is false (the default), then C<encode> will throw an |
|
|
478 | exception when it encounters anything it cannot encode as JSON. |
|
|
479 | |
|
|
480 | This option does not affect C<decode> in any way, and it is recommended to |
|
|
481 | leave it off unless you know your communications partner. |
| 467 | |
482 | |
| 468 | =item $json = $json->allow_blessed ([$enable]) |
483 | =item $json = $json->allow_blessed ([$enable]) |
| 469 | |
484 | |
| 470 | =item $enabled = $json->get_allow_blessed |
485 | =item $enabled = $json->get_allow_blessed |
| 471 | |
486 | |
|
|
487 | See L<OBJECT SERIALISATION> for details. |
|
|
488 | |
| 472 | If C<$enable> is true (or missing), then the C<encode> method will not |
489 | If C<$enable> is true (or missing), then the C<encode> method will not |
| 473 | barf when it encounters a blessed reference. Instead, the value of the |
490 | barf when it encounters a blessed reference that it cannot convert |
| 474 | B<convert_blessed> option will decide whether C<null> (C<convert_blessed> |
491 | otherwise. Instead, a JSON C<null> value is encoded instead of the object. |
| 475 | disabled or no C<TO_JSON> method found) or a representation of the |
|
|
| 476 | object (C<convert_blessed> enabled and C<TO_JSON> method found) is being |
|
|
| 477 | encoded. Has no effect on C<decode>. |
|
|
| 478 | |
492 | |
| 479 | If C<$enable> is false (the default), then C<encode> will throw an |
493 | If C<$enable> is false (the default), then C<encode> will throw an |
| 480 | exception when it encounters a blessed object. |
494 | exception when it encounters a blessed object that it cannot convert |
|
|
495 | otherwise. |
|
|
496 | |
|
|
497 | This setting has no effect on C<decode>. |
| 481 | |
498 | |
| 482 | =item $json = $json->convert_blessed ([$enable]) |
499 | =item $json = $json->convert_blessed ([$enable]) |
| 483 | |
500 | |
| 484 | =item $enabled = $json->get_convert_blessed |
501 | =item $enabled = $json->get_convert_blessed |
|
|
502 | |
|
|
503 | See L<OBJECT SERIALISATION> for details. |
| 485 | |
504 | |
| 486 | If C<$enable> is true (or missing), then C<encode>, upon encountering a |
505 | If C<$enable> is true (or missing), then C<encode>, upon encountering a |
| 487 | blessed object, will check for the availability of the C<TO_JSON> method |
506 | blessed object, will check for the availability of the C<TO_JSON> method |
| 488 | on the object's class. If found, it will be called in scalar context |
507 | on the object's class. If found, it will be called in scalar context and |
| 489 | and the resulting scalar will be encoded instead of the object. If no |
508 | the resulting scalar will be encoded instead of the object. |
| 490 | C<TO_JSON> method is found, the value of C<allow_blessed> will decide what |
|
|
| 491 | to do. |
|
|
| 492 | |
509 | |
| 493 | The C<TO_JSON> method may safely call die if it wants. If C<TO_JSON> |
510 | The C<TO_JSON> method may safely call die if it wants. If C<TO_JSON> |
| 494 | returns other blessed objects, those will be handled in the same |
511 | returns other blessed objects, those will be handled in the same |
| 495 | way. C<TO_JSON> must take care of not causing an endless recursion cycle |
512 | way. C<TO_JSON> must take care of not causing an endless recursion cycle |
| 496 | (== crash) in this case. The name of C<TO_JSON> was chosen because other |
513 | (== crash) in this case. The name of C<TO_JSON> was chosen because other |
| 497 | methods called by the Perl core (== not by the user of the object) are |
514 | methods called by the Perl core (== not by the user of the object) are |
| 498 | usually in upper case letters and to avoid collisions with any C<to_json> |
515 | usually in upper case letters and to avoid collisions with any C<to_json> |
| 499 | function or method. |
516 | function or method. |
| 500 | |
517 | |
| 501 | This setting does not yet influence C<decode> in any way, but in the |
518 | If C<$enable> is false (the default), then C<encode> will not consider |
| 502 | future, global hooks might get installed that influence C<decode> and are |
519 | this type of conversion. |
| 503 | enabled by this setting. |
|
|
| 504 | |
520 | |
| 505 | If C<$enable> is false, then the C<allow_blessed> setting will decide what |
521 | This setting has no effect on C<decode>. |
| 506 | to do when a blessed object is found. |
522 | |
|
|
523 | =item $json = $json->allow_tags ([$enable]) |
|
|
524 | |
|
|
525 | =item $enabled = $json->get_allow_tags |
|
|
526 | |
|
|
527 | See L<OBJECT SERIALISATION> for details. |
|
|
528 | |
|
|
529 | If C<$enable> is true (or missing), then C<encode>, upon encountering a |
|
|
530 | blessed object, will check for the availability of the C<FREEZE> method on |
|
|
531 | the object's class. If found, it will be used to serialise the object into |
|
|
532 | a nonstandard tagged JSON value (that JSON decoders cannot decode). |
|
|
533 | |
|
|
534 | It also causes C<decode> to parse such tagged JSON values and deserialise |
|
|
535 | them via a call to the C<THAW> method. |
|
|
536 | |
|
|
537 | If C<$enable> is false (the default), then C<encode> will not consider |
|
|
538 | this type of conversion, and tagged JSON values will cause a parse error |
|
|
539 | in C<decode>, as if tags were not part of the grammar. |
| 507 | |
540 | |
| 508 | =item $json = $json->filter_json_object ([$coderef->($hashref)]) |
541 | =item $json = $json->filter_json_object ([$coderef->($hashref)]) |
| 509 | |
542 | |
| 510 | When C<$coderef> is specified, it will be called from C<decode> each |
543 | When C<$coderef> is specified, it will be called from C<decode> each |
| 511 | time it decodes a JSON object. The only argument is a reference to the |
544 | time it decodes a JSON object. The only argument is a reference to |
| 512 | newly-created hash. If the code references returns a single scalar (which |
545 | the newly-created hash. If the code reference returns a single scalar |
| 513 | need not be a reference), this value (i.e. a copy of that scalar to avoid |
546 | (which need not be a reference), this value (or rather a copy of it) is |
| 514 | aliasing) is inserted into the deserialised data structure. If it returns |
547 | inserted into the deserialised data structure. If it returns an empty |
| 515 | an empty list (NOTE: I<not> C<undef>, which is a valid scalar), the |
548 | list (NOTE: I<not> C<undef>, which is a valid scalar), the original |
| 516 | original deserialised hash will be inserted. This setting can slow down |
549 | deserialised hash will be inserted. This setting can slow down decoding |
| 517 | decoding considerably. |
550 | considerably. |
| 518 | |
551 | |
| 519 | When C<$coderef> is omitted or undefined, any existing callback will |
552 | When C<$coderef> is omitted or undefined, any existing callback will |
| 520 | be removed and C<decode> will not change the deserialised hash in any |
553 | be removed and C<decode> will not change the deserialised hash in any |
| 521 | way. |
554 | way. |
| 522 | |
555 | |
| … | |
… | |
| 612 | =item $json = $json->max_depth ([$maximum_nesting_depth]) |
645 | =item $json = $json->max_depth ([$maximum_nesting_depth]) |
| 613 | |
646 | |
| 614 | =item $max_depth = $json->get_max_depth |
647 | =item $max_depth = $json->get_max_depth |
| 615 | |
648 | |
| 616 | Sets the maximum nesting level (default C<512>) accepted while encoding |
649 | Sets the maximum nesting level (default C<512>) accepted while encoding |
| 617 | or decoding. If the JSON text or Perl data structure has an equal or |
650 | or decoding. If a higher nesting level is detected in JSON text or a Perl |
| 618 | higher nesting level then this limit, then the encoder and decoder will |
651 | data structure, then the encoder and decoder will stop and croak at that |
| 619 | stop and croak at that point. |
652 | point. |
| 620 | |
653 | |
| 621 | Nesting level is defined by number of hash- or arrayrefs that the encoder |
654 | Nesting level is defined by number of hash- or arrayrefs that the encoder |
| 622 | needs to traverse to reach a given point or the number of C<{> or C<[> |
655 | needs to traverse to reach a given point or the number of C<{> or C<[> |
| 623 | characters without their matching closing parenthesis crossed to reach a |
656 | characters without their matching closing parenthesis crossed to reach a |
| 624 | given character in a string. |
657 | given character in a string. |
| 625 | |
658 | |
| 626 | Setting the maximum depth to one disallows any nesting, so that ensures |
659 | Setting the maximum depth to one disallows any nesting, so that ensures |
| 627 | that the object is only a single hash/object or array. |
660 | that the object is only a single hash/object or array. |
| 628 | |
661 | |
| 629 | The argument to C<max_depth> will be rounded up to the next highest power |
|
|
| 630 | of two. If no argument is given, the highest possible setting will be |
662 | If no argument is given, the highest possible setting will be used, which |
| 631 | used, which is rarely useful. |
663 | is rarely useful. |
|
|
664 | |
|
|
665 | Note that nesting is implemented by recursion in C. The default value has |
|
|
666 | been chosen to be as large as typical operating systems allow without |
|
|
667 | crashing. |
| 632 | |
668 | |
| 633 | See SECURITY CONSIDERATIONS, below, for more info on why this is useful. |
669 | See SECURITY CONSIDERATIONS, below, for more info on why this is useful. |
| 634 | |
670 | |
| 635 | =item $json = $json->max_size ([$maximum_string_size]) |
671 | =item $json = $json->max_size ([$maximum_string_size]) |
| 636 | |
672 | |
| 637 | =item $max_size = $json->get_max_size |
673 | =item $max_size = $json->get_max_size |
| 638 | |
674 | |
| 639 | Set the maximum length a JSON text may have (in bytes) where decoding is |
675 | Set the maximum length a JSON text may have (in bytes) where decoding is |
| 640 | being attempted. The default is C<0>, meaning no limit. When C<decode> |
676 | being attempted. The default is C<0>, meaning no limit. When C<decode> |
| 641 | is called on a string longer then this number of characters it will not |
677 | is called on a string that is longer then this many bytes, it will not |
| 642 | attempt to decode the string but throw an exception. This setting has no |
678 | attempt to decode the string but throw an exception. This setting has no |
| 643 | effect on C<encode> (yet). |
679 | effect on C<encode> (yet). |
| 644 | |
680 | |
| 645 | The argument to C<max_size> will be rounded up to the next B<highest> |
681 | If no argument is given, the limit check will be deactivated (same as when |
| 646 | power of two (so may be more than requested). If no argument is given, the |
682 | C<0> is specified). |
| 647 | limit check will be deactivated (same as when C<0> is specified). |
|
|
| 648 | |
683 | |
| 649 | See SECURITY CONSIDERATIONS, below, for more info on why this is useful. |
684 | See SECURITY CONSIDERATIONS, below, for more info on why this is useful. |
| 650 | |
685 | |
| 651 | =item $json_text = $json->encode ($perl_scalar) |
686 | =item $json_text = $json->encode ($perl_scalar) |
| 652 | |
687 | |
| 653 | Converts the given Perl data structure (a simple scalar or a reference |
688 | Converts the given Perl value or data structure to its JSON |
| 654 | to a hash or array) to its JSON representation. Simple scalars will be |
689 | representation. Croaks on error. |
| 655 | converted into JSON string or number sequences, while references to arrays |
|
|
| 656 | become JSON arrays and references to hashes become JSON objects. Undefined |
|
|
| 657 | Perl values (e.g. C<undef>) become JSON C<null> values. Neither C<true> |
|
|
| 658 | nor C<false> values will be generated. |
|
|
| 659 | |
690 | |
| 660 | =item $perl_scalar = $json->decode ($json_text) |
691 | =item $perl_scalar = $json->decode ($json_text) |
| 661 | |
692 | |
| 662 | The opposite of C<encode>: expects a JSON text and tries to parse it, |
693 | The opposite of C<encode>: expects a JSON text and tries to parse it, |
| 663 | returning the resulting simple scalar or reference. Croaks on error. |
694 | returning the resulting simple scalar or reference. Croaks on error. |
| 664 | |
|
|
| 665 | JSON numbers and strings become simple Perl scalars. JSON arrays become |
|
|
| 666 | Perl arrayrefs and JSON objects become Perl hashrefs. C<true> becomes |
|
|
| 667 | C<1>, C<false> becomes C<0> and C<null> becomes C<undef>. |
|
|
| 668 | |
695 | |
| 669 | =item ($perl_scalar, $characters) = $json->decode_prefix ($json_text) |
696 | =item ($perl_scalar, $characters) = $json->decode_prefix ($json_text) |
| 670 | |
697 | |
| 671 | This works like the C<decode> method, but instead of raising an exception |
698 | This works like the C<decode> method, but instead of raising an exception |
| 672 | when there is trailing garbage after the first JSON object, it will |
699 | when there is trailing garbage after the first JSON object, it will |
| 673 | silently stop parsing there and return the number of characters consumed |
700 | silently stop parsing there and return the number of characters consumed |
| 674 | so far. |
701 | so far. |
| 675 | |
702 | |
| 676 | This is useful if your JSON texts are not delimited by an outer protocol |
703 | This is useful if your JSON texts are not delimited by an outer protocol |
| 677 | (which is not the brightest thing to do in the first place) and you need |
|
|
| 678 | to know where the JSON text ends. |
704 | and you need to know where the JSON text ends. |
| 679 | |
705 | |
| 680 | JSON::XS->new->decode_prefix ("[1] the tail") |
706 | JSON::XS->new->decode_prefix ("[1] the tail") |
| 681 | => ([], 3) |
707 | => ([1], 3) |
| 682 | |
708 | |
| 683 | =back |
709 | =back |
| 684 | |
710 | |
| 685 | |
711 | |
| 686 | =head1 INCREMENTAL PARSING |
712 | =head1 INCREMENTAL PARSING |
| 687 | |
|
|
| 688 | [This section and the API it details is still EXPERIMENTAL] |
|
|
| 689 | |
713 | |
| 690 | In some cases, there is the need for incremental parsing of JSON |
714 | In some cases, there is the need for incremental parsing of JSON |
| 691 | texts. While this module always has to keep both JSON text and resulting |
715 | texts. While this module always has to keep both JSON text and resulting |
| 692 | Perl data structure in memory at one time, it does allow you to parse a |
716 | Perl data structure in memory at one time, it does allow you to parse a |
| 693 | JSON stream incrementally. It does so by accumulating text until it has |
717 | JSON stream incrementally. It does so by accumulating text until it has |
| 694 | a full JSON object, which it then can decode. This process is similar to |
718 | a full JSON object, which it then can decode. This process is similar to |
| 695 | using C<decode_prefix> to see if a full JSON object is available, but is |
719 | using C<decode_prefix> to see if a full JSON object is available, but |
| 696 | much more efficient (JSON::XS will only attempt to parse the JSON text |
720 | is much more efficient (and can be implemented with a minimum of method |
|
|
721 | calls). |
|
|
722 | |
|
|
723 | JSON::XS will only attempt to parse the JSON text once it is sure it |
| 697 | once it is sure it has enough text to get a decisive result, using a very |
724 | has enough text to get a decisive result, using a very simple but |
| 698 | simple but truly incremental parser). |
725 | truly incremental parser. This means that it sometimes won't stop as |
|
|
726 | early as the full parser, for example, it doesn't detect mismatched |
|
|
727 | parentheses. The only thing it guarantees is that it starts decoding as |
|
|
728 | soon as a syntactically valid JSON text has been seen. This means you need |
|
|
729 | to set resource limits (e.g. C<max_size>) to ensure the parser will stop |
|
|
730 | parsing in the presence if syntax errors. |
| 699 | |
731 | |
| 700 | The following two methods deal with this. |
732 | The following methods implement this incremental parser. |
| 701 | |
733 | |
| 702 | =over 4 |
734 | =over 4 |
| 703 | |
735 | |
| 704 | =item [void, scalar or list context] = $json->incr_parse ([$string]) |
736 | =item [void, scalar or list context] = $json->incr_parse ([$string]) |
| 705 | |
737 | |
| … | |
… | |
| 716 | |
748 | |
| 717 | If the method is called in scalar context, then it will try to extract |
749 | If the method is called in scalar context, then it will try to extract |
| 718 | exactly I<one> JSON object. If that is successful, it will return this |
750 | exactly I<one> JSON object. If that is successful, it will return this |
| 719 | object, otherwise it will return C<undef>. If there is a parse error, |
751 | object, otherwise it will return C<undef>. If there is a parse error, |
| 720 | this method will croak just as C<decode> would do (one can then use |
752 | this method will croak just as C<decode> would do (one can then use |
| 721 | C<incr_skip> to skip the errornous part). This is the most common way of |
753 | C<incr_skip> to skip the erroneous part). This is the most common way of |
| 722 | using the method. |
754 | using the method. |
| 723 | |
755 | |
| 724 | And finally, in list context, it will try to extract as many objects |
756 | And finally, in list context, it will try to extract as many objects |
| 725 | from the stream as it can find and return them, or the empty list |
757 | from the stream as it can find and return them, or the empty list |
| 726 | otherwise. For this to work, there must be no separators between the JSON |
758 | otherwise. For this to work, there must be no separators (other than |
| 727 | objects or arrays, instead they must be concatenated back-to-back. If |
759 | whitespace) between the JSON objects or arrays, instead they must be |
| 728 | an error occurs, an exception will be raised as in the scalar context |
760 | concatenated back-to-back. If an error occurs, an exception will be |
| 729 | case. Note that in this case, any previously-parsed JSON texts will be |
761 | raised as in the scalar context case. Note that in this case, any |
| 730 | lost. |
762 | previously-parsed JSON texts will be lost. |
|
|
763 | |
|
|
764 | Example: Parse some JSON arrays/objects in a given string and return |
|
|
765 | them. |
|
|
766 | |
|
|
767 | my @objs = JSON::XS->new->incr_parse ("[5][7][1,2]"); |
| 731 | |
768 | |
| 732 | =item $lvalue_string = $json->incr_text |
769 | =item $lvalue_string = $json->incr_text |
| 733 | |
770 | |
| 734 | This method returns the currently stored JSON fragment as an lvalue, that |
771 | This method returns the currently stored JSON fragment as an lvalue, that |
| 735 | is, you can manipulate it. This I<only> works when a preceding call to |
772 | is, you can manipulate it. This I<only> works when a preceding call to |
| … | |
… | |
| 737 | all other circumstances you must not call this function (I mean it. |
774 | all other circumstances you must not call this function (I mean it. |
| 738 | although in simple tests it might actually work, it I<will> fail under |
775 | although in simple tests it might actually work, it I<will> fail under |
| 739 | real world conditions). As a special exception, you can also call this |
776 | real world conditions). As a special exception, you can also call this |
| 740 | method before having parsed anything. |
777 | method before having parsed anything. |
| 741 | |
778 | |
|
|
779 | That means you can only use this function to look at or manipulate text |
|
|
780 | before or after complete JSON objects, not while the parser is in the |
|
|
781 | middle of parsing a JSON object. |
|
|
782 | |
| 742 | This function is useful in two cases: a) finding the trailing text after a |
783 | This function is useful in two cases: a) finding the trailing text after a |
| 743 | JSON object or b) parsing multiple JSON objects separated by non-JSON text |
784 | JSON object or b) parsing multiple JSON objects separated by non-JSON text |
| 744 | (such as commas). |
785 | (such as commas). |
| 745 | |
786 | |
| 746 | =item $json->incr_skip |
787 | =item $json->incr_skip |
| 747 | |
788 | |
| 748 | This will reset the state of the incremental parser and will remove the |
789 | This will reset the state of the incremental parser and will remove |
| 749 | parsed text from the input buffer. This is useful after C<incr_parse> |
790 | the parsed text from the input buffer so far. This is useful after |
| 750 | died, in which case the input buffer and incremental parser state is left |
791 | C<incr_parse> died, in which case the input buffer and incremental parser |
| 751 | unchanged, to skip the text parsed so far and to reset the parse state. |
792 | state is left unchanged, to skip the text parsed so far and to reset the |
|
|
793 | parse state. |
|
|
794 | |
|
|
795 | The difference to C<incr_reset> is that only text until the parse error |
|
|
796 | occurred is removed. |
|
|
797 | |
|
|
798 | =item $json->incr_reset |
|
|
799 | |
|
|
800 | This completely resets the incremental parser, that is, after this call, |
|
|
801 | it will be as if the parser had never parsed anything. |
|
|
802 | |
|
|
803 | This is useful if you want to repeatedly parse JSON objects and want to |
|
|
804 | ignore any trailing data, which means you have to reset the parser after |
|
|
805 | each successful decode. |
| 752 | |
806 | |
| 753 | =back |
807 | =back |
| 754 | |
808 | |
| 755 | =head2 LIMITATIONS |
809 | =head2 LIMITATIONS |
| 756 | |
810 | |
| 757 | All options that affect decoding are supported, except |
811 | All options that affect decoding are supported, except |
| 758 | C<allow_nonref>. The reason for this is that it cannot be made to |
812 | C<allow_nonref>. The reason for this is that it cannot be made to work |
| 759 | work sensibly: JSON objects and arrays are self-delimited, i.e. you can concatenate |
813 | sensibly: JSON objects and arrays are self-delimited, i.e. you can |
| 760 | them back to back and still decode them perfectly. This does not hold true |
814 | concatenate them back to back and still decode them perfectly. This does |
| 761 | for JSON numbers, however. |
815 | not hold true for JSON numbers, however. |
| 762 | |
816 | |
| 763 | For example, is the string C<1> a single JSON number, or is it simply the |
817 | For example, is the string C<1> a single JSON number, or is it simply the |
| 764 | start of C<12>? Or is C<12> a single JSON number, or the concatenation |
818 | start of C<12>? Or is C<12> a single JSON number, or the concatenation |
| 765 | of C<1> and C<2>? In neither case you can tell, and this is why JSON::XS |
819 | of C<1> and C<2>? In neither case you can tell, and this is why JSON::XS |
| 766 | takes the conservative route and disallows this case. |
820 | takes the conservative route and disallows this case. |
| … | |
… | |
| 945 | If the number consists of digits only, JSON::XS will try to represent |
999 | If the number consists of digits only, JSON::XS will try to represent |
| 946 | it as an integer value. If that fails, it will try to represent it as |
1000 | it as an integer value. If that fails, it will try to represent it as |
| 947 | a numeric (floating point) value if that is possible without loss of |
1001 | a numeric (floating point) value if that is possible without loss of |
| 948 | precision. Otherwise it will preserve the number as a string value (in |
1002 | precision. Otherwise it will preserve the number as a string value (in |
| 949 | which case you lose roundtripping ability, as the JSON number will be |
1003 | which case you lose roundtripping ability, as the JSON number will be |
| 950 | re-encoded toa JSON string). |
1004 | re-encoded to a JSON string). |
| 951 | |
1005 | |
| 952 | Numbers containing a fractional or exponential part will always be |
1006 | Numbers containing a fractional or exponential part will always be |
| 953 | represented as numeric (floating point) values, possibly at a loss of |
1007 | represented as numeric (floating point) values, possibly at a loss of |
| 954 | precision (in which case you might lose perfect roundtripping ability, but |
1008 | precision (in which case you might lose perfect roundtripping ability, but |
| 955 | the JSON number will still be re-encoded as a JSON number). |
1009 | the JSON number will still be re-encoded as a JSON number). |
| 956 | |
1010 | |
|
|
1011 | Note that precision is not accuracy - binary floating point values cannot |
|
|
1012 | represent most decimal fractions exactly, and when converting from and to |
|
|
1013 | floating point, JSON::XS only guarantees precision up to but not including |
|
|
1014 | the least significant bit. |
|
|
1015 | |
| 957 | =item true, false |
1016 | =item true, false |
| 958 | |
1017 | |
| 959 | These JSON atoms become C<JSON::XS::true> and C<JSON::XS::false>, |
1018 | These JSON atoms become C<Types::Serialiser::true> and |
| 960 | respectively. They are overloaded to act almost exactly like the numbers |
1019 | C<Types::Serialiser::false>, respectively. They are overloaded to act |
| 961 | C<1> and C<0>. You can check whether a scalar is a JSON boolean by using |
1020 | almost exactly like the numbers C<1> and C<0>. You can check whether |
| 962 | the C<JSON::XS::is_bool> function. |
1021 | a scalar is a JSON boolean by using the C<Types::Serialiser::is_bool> |
|
|
1022 | function (after C<use Types::Serialier>, of course). |
| 963 | |
1023 | |
| 964 | =item null |
1024 | =item null |
| 965 | |
1025 | |
| 966 | A JSON null atom becomes C<undef> in Perl. |
1026 | A JSON null atom becomes C<undef> in Perl. |
|
|
1027 | |
|
|
1028 | =item shell-style comments (C<< # I<text> >>) |
|
|
1029 | |
|
|
1030 | As a nonstandard extension to the JSON syntax that is enabled by the |
|
|
1031 | C<relaxed> setting, shell-style comments are allowed. They can start |
|
|
1032 | anywhere outside strings and go till the end of the line. |
|
|
1033 | |
|
|
1034 | =item tagged values (C<< (I<tag>)I<value> >>). |
|
|
1035 | |
|
|
1036 | Another nonstandard extension to the JSON syntax, enabled with the |
|
|
1037 | C<allow_tags> setting, are tagged values. In this implementation, the |
|
|
1038 | I<tag> must be a perl package/class name encoded as a JSON string, and the |
|
|
1039 | I<value> must be a JSON array encoding optional constructor arguments. |
|
|
1040 | |
|
|
1041 | See L<OBJECT SERIALISATION>, below, for details. |
| 967 | |
1042 | |
| 968 | =back |
1043 | =back |
| 969 | |
1044 | |
| 970 | |
1045 | |
| 971 | =head2 PERL -> JSON |
1046 | =head2 PERL -> JSON |
| … | |
… | |
| 976 | |
1051 | |
| 977 | =over 4 |
1052 | =over 4 |
| 978 | |
1053 | |
| 979 | =item hash references |
1054 | =item hash references |
| 980 | |
1055 | |
| 981 | Perl hash references become JSON objects. As there is no inherent ordering |
1056 | Perl hash references become JSON objects. As there is no inherent |
| 982 | in hash keys (or JSON objects), they will usually be encoded in a |
1057 | ordering in hash keys (or JSON objects), they will usually be encoded |
| 983 | pseudo-random order that can change between runs of the same program but |
1058 | in a pseudo-random order. JSON::XS can optionally sort the hash keys |
| 984 | stays generally the same within a single run of a program. JSON::XS can |
1059 | (determined by the I<canonical> flag), so the same datastructure will |
| 985 | optionally sort the hash keys (determined by the I<canonical> flag), so |
1060 | serialise to the same JSON text (given same settings and version of |
| 986 | the same datastructure will serialise to the same JSON text (given same |
1061 | JSON::XS), but this incurs a runtime overhead and is only rarely useful, |
| 987 | settings and version of JSON::XS), but this incurs a runtime overhead |
1062 | e.g. when you want to compare some JSON text against another for equality. |
| 988 | and is only rarely useful, e.g. when you want to compare some JSON text |
|
|
| 989 | against another for equality. |
|
|
| 990 | |
1063 | |
| 991 | =item array references |
1064 | =item array references |
| 992 | |
1065 | |
| 993 | Perl array references become JSON arrays. |
1066 | Perl array references become JSON arrays. |
| 994 | |
1067 | |
| 995 | =item other references |
1068 | =item other references |
| 996 | |
1069 | |
| 997 | Other unblessed references are generally not allowed and will cause an |
1070 | Other unblessed references are generally not allowed and will cause an |
| 998 | exception to be thrown, except for references to the integers C<0> and |
1071 | exception to be thrown, except for references to the integers C<0> and |
| 999 | C<1>, which get turned into C<false> and C<true> atoms in JSON. You can |
1072 | C<1>, which get turned into C<false> and C<true> atoms in JSON. |
| 1000 | also use C<JSON::XS::false> and C<JSON::XS::true> to improve readability. |
|
|
| 1001 | |
1073 | |
|
|
1074 | Since C<JSON::XS> uses the boolean model from L<Types::Serialiser>, you |
|
|
1075 | can also C<use Types::Serialiser> and then use C<Types::Serialiser::false> |
|
|
1076 | and C<Types::Serialiser::true> to improve readability. |
|
|
1077 | |
|
|
1078 | use Types::Serialiser; |
| 1002 | encode_json [\0,JSON::XS::true] # yields [false,true] |
1079 | encode_json [\0, Types::Serialiser::true] # yields [false,true] |
| 1003 | |
1080 | |
| 1004 | =item JSON::XS::true, JSON::XS::false |
1081 | =item Types::Serialiser::true, Types::Serialiser::false |
| 1005 | |
1082 | |
| 1006 | These special values become JSON true and JSON false values, |
1083 | These special values from the L<Types::Serialiser> module become JSON true |
| 1007 | respectively. You can also use C<\1> and C<\0> directly if you want. |
1084 | and JSON false values, respectively. You can also use C<\1> and C<\0> |
|
|
1085 | directly if you want. |
| 1008 | |
1086 | |
| 1009 | =item blessed objects |
1087 | =item blessed objects |
| 1010 | |
1088 | |
| 1011 | Blessed objects are not directly representable in JSON. See the |
1089 | Blessed objects are not directly representable in JSON, but C<JSON::XS> |
| 1012 | C<allow_blessed> and C<convert_blessed> methods on various options on |
1090 | allows various ways of handling objects. See L<OBJECT SERIALISATION>, |
| 1013 | how to deal with this: basically, you can choose between throwing an |
1091 | below, for details. |
| 1014 | exception, encoding the reference as if it weren't blessed, or provide |
|
|
| 1015 | your own serialiser method. |
|
|
| 1016 | |
1092 | |
| 1017 | =item simple scalars |
1093 | =item simple scalars |
| 1018 | |
1094 | |
| 1019 | Simple Perl scalars (any scalar that is not a reference) are the most |
1095 | Simple Perl scalars (any scalar that is not a reference) are the most |
| 1020 | difficult objects to encode: JSON::XS will encode undefined scalars as |
1096 | difficult objects to encode: JSON::XS will encode undefined scalars as |
| … | |
… | |
| 1048 | |
1124 | |
| 1049 | You can not currently force the type in other, less obscure, ways. Tell me |
1125 | You can not currently force the type in other, less obscure, ways. Tell me |
| 1050 | if you need this capability (but don't forget to explain why it's needed |
1126 | if you need this capability (but don't forget to explain why it's needed |
| 1051 | :). |
1127 | :). |
| 1052 | |
1128 | |
|
|
1129 | Note that numerical precision has the same meaning as under Perl (so |
|
|
1130 | binary to decimal conversion follows the same rules as in Perl, which |
|
|
1131 | can differ to other languages). Also, your perl interpreter might expose |
|
|
1132 | extensions to the floating point numbers of your platform, such as |
|
|
1133 | infinities or NaN's - these cannot be represented in JSON, and it is an |
|
|
1134 | error to pass those in. |
|
|
1135 | |
| 1053 | =back |
1136 | =back |
|
|
1137 | |
|
|
1138 | =head2 OBJECT SERIALISATION |
|
|
1139 | |
|
|
1140 | As JSON cannot directly represent Perl objects, you have to choose between |
|
|
1141 | a pure JSON representation (without the ability to deserialise the object |
|
|
1142 | automatically again), and a nonstandard extension to the JSON syntax, |
|
|
1143 | tagged values. |
|
|
1144 | |
|
|
1145 | =head3 SERIALISATION |
|
|
1146 | |
|
|
1147 | What happens when C<JSON::XS> encounters a Perl object depends on the |
|
|
1148 | C<allow_blessed>, C<convert_blessed> and C<allow_tags> settings, which are |
|
|
1149 | used in this order: |
|
|
1150 | |
|
|
1151 | =over 4 |
|
|
1152 | |
|
|
1153 | =item 1. C<allow_tags> is enabled and the object has a C<FREEZE> method. |
|
|
1154 | |
|
|
1155 | In this case, C<JSON::XS> uses the L<Types::Serialiser> object |
|
|
1156 | serialisation protocol to create a tagged JSON value, using a nonstandard |
|
|
1157 | extension to the JSON syntax. |
|
|
1158 | |
|
|
1159 | This works by invoking the C<FREEZE> method on the object, with the first |
|
|
1160 | argument being the object to serialise, and the second argument being the |
|
|
1161 | constant string C<JSON> to distinguish it from other serialisers. |
|
|
1162 | |
|
|
1163 | The C<FREEZE> method can return any number of values (i.e. zero or |
|
|
1164 | more). These values and the paclkage/classname of the object will then be |
|
|
1165 | encoded as a tagged JSON value in the following format: |
|
|
1166 | |
|
|
1167 | ("classname")[FREEZE return values...] |
|
|
1168 | |
|
|
1169 | e.g.: |
|
|
1170 | |
|
|
1171 | ("URI")["http://www.google.com/"] |
|
|
1172 | ("MyDate")[2013,10,29] |
|
|
1173 | ("ImageData::JPEG")["Z3...VlCg=="] |
|
|
1174 | |
|
|
1175 | For example, the hypothetical C<My::Object> C<FREEZE> method might use the |
|
|
1176 | objects C<type> and C<id> members to encode the object: |
|
|
1177 | |
|
|
1178 | sub My::Object::FREEZE { |
|
|
1179 | my ($self, $serialiser) = @_; |
|
|
1180 | |
|
|
1181 | ($self->{type}, $self->{id}) |
|
|
1182 | } |
|
|
1183 | |
|
|
1184 | =item 2. C<convert_blessed> is enabled and the object has a C<TO_JSON> method. |
|
|
1185 | |
|
|
1186 | In this case, the C<TO_JSON> method of the object is invoked in scalar |
|
|
1187 | context. It must return a single scalar that can be directly encoded into |
|
|
1188 | JSON. This scalar replaces the object in the JSON text. |
|
|
1189 | |
|
|
1190 | For example, the following C<TO_JSON> method will convert all L<URI> |
|
|
1191 | objects to JSON strings when serialised. The fatc that these values |
|
|
1192 | originally were L<URI> objects is lost. |
|
|
1193 | |
|
|
1194 | sub URI::TO_JSON { |
|
|
1195 | my ($uri) = @_; |
|
|
1196 | $uri->as_string |
|
|
1197 | } |
|
|
1198 | |
|
|
1199 | =item 3. C<allow_blessed> is enabled. |
|
|
1200 | |
|
|
1201 | The object will be serialised as a JSON null value. |
|
|
1202 | |
|
|
1203 | =item 4. none of the above |
|
|
1204 | |
|
|
1205 | If none of the settings are enabled or the respective methods are missing, |
|
|
1206 | C<JSON::XS> throws an exception. |
|
|
1207 | |
|
|
1208 | =back |
|
|
1209 | |
|
|
1210 | =head3 DESERIALISATION |
|
|
1211 | |
|
|
1212 | For deserialisation there are only two cases to consider: either |
|
|
1213 | nonstandard tagging was used, in which case C<allow_tags> decides, |
|
|
1214 | or objects cannot be automatically be deserialised, in which |
|
|
1215 | case you can use postprocessing or the C<filter_json_object> or |
|
|
1216 | C<filter_json_single_key_object> callbacks to get some real objects our of |
|
|
1217 | your JSON. |
|
|
1218 | |
|
|
1219 | This section only considers the tagged value case: I a tagged JSON object |
|
|
1220 | is encountered during decoding and C<allow_tags> is disabled, a parse |
|
|
1221 | error will result (as if tagged values were not part of the grammar). |
|
|
1222 | |
|
|
1223 | If C<allow_tags> is enabled, C<JSON::XS> will look up the C<THAW> method |
|
|
1224 | of the package/classname used during serialisation (it will not attempt |
|
|
1225 | to load the package as a Perl module). If there is no such method, the |
|
|
1226 | decoding will fail with an error. |
|
|
1227 | |
|
|
1228 | Otherwise, the C<THAW> method is invoked with the classname as first |
|
|
1229 | argument, the constant string C<JSON> as second argument, and all the |
|
|
1230 | values from the JSON array (the values originally returned by the |
|
|
1231 | C<FREEZE> method) as remaining arguments. |
|
|
1232 | |
|
|
1233 | The method must then return the object. While technically you can return |
|
|
1234 | any Perl scalar, you might have to enable the C<enable_nonref> setting to |
|
|
1235 | make that work in all cases, so better return an actual blessed reference. |
|
|
1236 | |
|
|
1237 | As an example, let's implement a C<THAW> function that regenerates the |
|
|
1238 | C<My::Object> from the C<FREEZE> example earlier: |
|
|
1239 | |
|
|
1240 | sub My::Object::THAW { |
|
|
1241 | my ($class, $serialiser, $type, $id) = @_; |
|
|
1242 | |
|
|
1243 | $class->new (type => $type, id => $id) |
|
|
1244 | } |
| 1054 | |
1245 | |
| 1055 | |
1246 | |
| 1056 | =head1 ENCODING/CODESET FLAG NOTES |
1247 | =head1 ENCODING/CODESET FLAG NOTES |
| 1057 | |
1248 | |
| 1058 | The interested reader might have seen a number of flags that signify |
1249 | The interested reader might have seen a number of flags that signify |
| … | |
… | |
| 1083 | =item C<utf8> flag disabled |
1274 | =item C<utf8> flag disabled |
| 1084 | |
1275 | |
| 1085 | When C<utf8> is disabled (the default), then C<encode>/C<decode> generate |
1276 | When C<utf8> is disabled (the default), then C<encode>/C<decode> generate |
| 1086 | and expect Unicode strings, that is, characters with high ordinal Unicode |
1277 | and expect Unicode strings, that is, characters with high ordinal Unicode |
| 1087 | values (> 255) will be encoded as such characters, and likewise such |
1278 | values (> 255) will be encoded as such characters, and likewise such |
| 1088 | characters are decoded as-is, no canges to them will be done, except |
1279 | characters are decoded as-is, no changes to them will be done, except |
| 1089 | "(re-)interpreting" them as Unicode codepoints or Unicode characters, |
1280 | "(re-)interpreting" them as Unicode codepoints or Unicode characters, |
| 1090 | respectively (to Perl, these are the same thing in strings unless you do |
1281 | respectively (to Perl, these are the same thing in strings unless you do |
| 1091 | funny/weird/dumb stuff). |
1282 | funny/weird/dumb stuff). |
| 1092 | |
1283 | |
| 1093 | This is useful when you want to do the encoding yourself (e.g. when you |
1284 | This is useful when you want to do the encoding yourself (e.g. when you |
| … | |
… | |
| 1103 | expect your input strings to be encoded as UTF-8, that is, no "character" |
1294 | expect your input strings to be encoded as UTF-8, that is, no "character" |
| 1104 | of the input string must have any value > 255, as UTF-8 does not allow |
1295 | of the input string must have any value > 255, as UTF-8 does not allow |
| 1105 | that. |
1296 | that. |
| 1106 | |
1297 | |
| 1107 | The C<utf8> flag therefore switches between two modes: disabled means you |
1298 | The C<utf8> flag therefore switches between two modes: disabled means you |
| 1108 | will get a Unicode string in Perl, enabled means you get an UTF-8 encoded |
1299 | will get a Unicode string in Perl, enabled means you get a UTF-8 encoded |
| 1109 | octet/binary string in Perl. |
1300 | octet/binary string in Perl. |
| 1110 | |
1301 | |
| 1111 | =item C<latin1> or C<ascii> flags enabled |
1302 | =item C<latin1> or C<ascii> flags enabled |
| 1112 | |
1303 | |
| 1113 | With C<latin1> (or C<ascii>) enabled, C<encode> will escape characters |
1304 | With C<latin1> (or C<ascii>) enabled, C<encode> will escape characters |
| … | |
… | |
| 1149 | proper subset of most 8-bit and multibyte encodings in use in the world. |
1340 | proper subset of most 8-bit and multibyte encodings in use in the world. |
| 1150 | |
1341 | |
| 1151 | =back |
1342 | =back |
| 1152 | |
1343 | |
| 1153 | |
1344 | |
|
|
1345 | =head2 JSON and ECMAscript |
|
|
1346 | |
|
|
1347 | JSON syntax is based on how literals are represented in javascript (the |
|
|
1348 | not-standardised predecessor of ECMAscript) which is presumably why it is |
|
|
1349 | called "JavaScript Object Notation". |
|
|
1350 | |
|
|
1351 | However, JSON is not a subset (and also not a superset of course) of |
|
|
1352 | ECMAscript (the standard) or javascript (whatever browsers actually |
|
|
1353 | implement). |
|
|
1354 | |
|
|
1355 | If you want to use javascript's C<eval> function to "parse" JSON, you |
|
|
1356 | might run into parse errors for valid JSON texts, or the resulting data |
|
|
1357 | structure might not be queryable: |
|
|
1358 | |
|
|
1359 | One of the problems is that U+2028 and U+2029 are valid characters inside |
|
|
1360 | JSON strings, but are not allowed in ECMAscript string literals, so the |
|
|
1361 | following Perl fragment will not output something that can be guaranteed |
|
|
1362 | to be parsable by javascript's C<eval>: |
|
|
1363 | |
|
|
1364 | use JSON::XS; |
|
|
1365 | |
|
|
1366 | print encode_json [chr 0x2028]; |
|
|
1367 | |
|
|
1368 | The right fix for this is to use a proper JSON parser in your javascript |
|
|
1369 | programs, and not rely on C<eval> (see for example Douglas Crockford's |
|
|
1370 | F<json2.js> parser). |
|
|
1371 | |
|
|
1372 | If this is not an option, you can, as a stop-gap measure, simply encode to |
|
|
1373 | ASCII-only JSON: |
|
|
1374 | |
|
|
1375 | use JSON::XS; |
|
|
1376 | |
|
|
1377 | print JSON::XS->new->ascii->encode ([chr 0x2028]); |
|
|
1378 | |
|
|
1379 | Note that this will enlarge the resulting JSON text quite a bit if you |
|
|
1380 | have many non-ASCII characters. You might be tempted to run some regexes |
|
|
1381 | to only escape U+2028 and U+2029, e.g.: |
|
|
1382 | |
|
|
1383 | # DO NOT USE THIS! |
|
|
1384 | my $json = JSON::XS->new->utf8->encode ([chr 0x2028]); |
|
|
1385 | $json =~ s/\xe2\x80\xa8/\\u2028/g; # escape U+2028 |
|
|
1386 | $json =~ s/\xe2\x80\xa9/\\u2029/g; # escape U+2029 |
|
|
1387 | print $json; |
|
|
1388 | |
|
|
1389 | Note that I<this is a bad idea>: the above only works for U+2028 and |
|
|
1390 | U+2029 and thus only for fully ECMAscript-compliant parsers. Many existing |
|
|
1391 | javascript implementations, however, have issues with other characters as |
|
|
1392 | well - using C<eval> naively simply I<will> cause problems. |
|
|
1393 | |
|
|
1394 | Another problem is that some javascript implementations reserve |
|
|
1395 | some property names for their own purposes (which probably makes |
|
|
1396 | them non-ECMAscript-compliant). For example, Iceweasel reserves the |
|
|
1397 | C<__proto__> property name for its own purposes. |
|
|
1398 | |
|
|
1399 | If that is a problem, you could parse try to filter the resulting JSON |
|
|
1400 | output for these property strings, e.g.: |
|
|
1401 | |
|
|
1402 | $json =~ s/"__proto__"\s*:/"__proto__renamed":/g; |
|
|
1403 | |
|
|
1404 | This works because C<__proto__> is not valid outside of strings, so every |
|
|
1405 | occurrence of C<"__proto__"\s*:> must be a string used as property name. |
|
|
1406 | |
|
|
1407 | If you know of other incompatibilities, please let me know. |
|
|
1408 | |
|
|
1409 | |
| 1154 | =head2 JSON and YAML |
1410 | =head2 JSON and YAML |
| 1155 | |
1411 | |
| 1156 | You often hear that JSON is a subset of YAML. This is, however, a mass |
1412 | You often hear that JSON is a subset of YAML. This is, however, a mass |
| 1157 | hysteria(*) and very far from the truth (as of the time of this writing), |
1413 | hysteria(*) and very far from the truth (as of the time of this writing), |
| 1158 | so let me state it clearly: I<in general, there is no way to configure |
1414 | so let me state it clearly: I<in general, there is no way to configure |
| … | |
… | |
| 1166 | my $yaml = $to_yaml->encode ($ref) . "\n"; |
1422 | my $yaml = $to_yaml->encode ($ref) . "\n"; |
| 1167 | |
1423 | |
| 1168 | This will I<usually> generate JSON texts that also parse as valid |
1424 | This will I<usually> generate JSON texts that also parse as valid |
| 1169 | YAML. Please note that YAML has hardcoded limits on (simple) object key |
1425 | YAML. Please note that YAML has hardcoded limits on (simple) object key |
| 1170 | lengths that JSON doesn't have and also has different and incompatible |
1426 | lengths that JSON doesn't have and also has different and incompatible |
| 1171 | unicode handling, so you should make sure that your hash keys are |
1427 | unicode character escape syntax, so you should make sure that your hash |
| 1172 | noticeably shorter than the 1024 "stream characters" YAML allows and that |
1428 | keys are noticeably shorter than the 1024 "stream characters" YAML allows |
| 1173 | you do not have characters with codepoint values outside the Unicode BMP |
1429 | and that you do not have characters with codepoint values outside the |
| 1174 | (basic multilingual page). YAML also does not allow C<\/> sequences in |
1430 | Unicode BMP (basic multilingual page). YAML also does not allow C<\/> |
| 1175 | strings (which JSON::XS does not I<currently> generate, but other JSON |
1431 | sequences in strings (which JSON::XS does not I<currently> generate, but |
| 1176 | generators might). |
1432 | other JSON generators might). |
| 1177 | |
1433 | |
| 1178 | There might be other incompatibilities that I am not aware of (or the YAML |
1434 | There might be other incompatibilities that I am not aware of (or the YAML |
| 1179 | specification has been changed yet again - it does so quite often). In |
1435 | specification has been changed yet again - it does so quite often). In |
| 1180 | general you should not try to generate YAML with a JSON generator or vice |
1436 | general you should not try to generate YAML with a JSON generator or vice |
| 1181 | versa, or try to parse JSON with a YAML parser or vice versa: chances are |
1437 | versa, or try to parse JSON with a YAML parser or vice versa: chances are |
| … | |
… | |
| 1200 | that difficult or long) and finally make YAML compatible to it, and |
1456 | that difficult or long) and finally make YAML compatible to it, and |
| 1201 | educating users about the changes, instead of spreading lies about the |
1457 | educating users about the changes, instead of spreading lies about the |
| 1202 | real compatibility for many I<years> and trying to silence people who |
1458 | real compatibility for many I<years> and trying to silence people who |
| 1203 | point out that it isn't true. |
1459 | point out that it isn't true. |
| 1204 | |
1460 | |
|
|
1461 | Addendum/2009: the YAML 1.2 spec is still incompatible with JSON, even |
|
|
1462 | though the incompatibilities have been documented (and are known to Brian) |
|
|
1463 | for many years and the spec makes explicit claims that YAML is a superset |
|
|
1464 | of JSON. It would be so easy to fix, but apparently, bullying people and |
|
|
1465 | corrupting userdata is so much easier. |
|
|
1466 | |
| 1205 | =back |
1467 | =back |
| 1206 | |
1468 | |
| 1207 | |
1469 | |
| 1208 | =head2 SPEED |
1470 | =head2 SPEED |
| 1209 | |
1471 | |
| … | |
… | |
| 1214 | |
1476 | |
| 1215 | First comes a comparison between various modules using |
1477 | First comes a comparison between various modules using |
| 1216 | a very short single-line JSON string (also available at |
1478 | a very short single-line JSON string (also available at |
| 1217 | L<http://dist.schmorp.de/misc/json/short.json>). |
1479 | L<http://dist.schmorp.de/misc/json/short.json>). |
| 1218 | |
1480 | |
| 1219 | {"method": "handleMessage", "params": ["user1", "we were just talking"], \ |
1481 | {"method": "handleMessage", "params": ["user1", |
| 1220 | "id": null, "array":[1,11,234,-5,1e5,1e7, true, false]} |
1482 | "we were just talking"], "id": null, "array":[1,11,234,-5,1e5,1e7, |
|
|
1483 | 1, 0]} |
| 1221 | |
1484 | |
| 1222 | It shows the number of encodes/decodes per second (JSON::XS uses |
1485 | It shows the number of encodes/decodes per second (JSON::XS uses |
| 1223 | the functional interface, while JSON::XS/2 uses the OO interface |
1486 | the functional interface, while JSON::XS/2 uses the OO interface |
| 1224 | with pretty-printing and hashkey sorting enabled, JSON::XS/3 enables |
1487 | with pretty-printing and hashkey sorting enabled, JSON::XS/3 enables |
| 1225 | shrink). Higher is better: |
1488 | shrink. JSON::DWIW/DS uses the deserialise function, while JSON::DWIW::FJ |
|
|
1489 | uses the from_json method). Higher is better: |
| 1226 | |
1490 | |
| 1227 | module | encode | decode | |
1491 | module | encode | decode | |
| 1228 | -----------|------------|------------| |
1492 | --------------|------------|------------| |
| 1229 | JSON 1.x | 4990.842 | 4088.813 | |
1493 | JSON::DWIW/DS | 86302.551 | 102300.098 | |
| 1230 | JSON::DWIW | 51653.990 | 71575.154 | |
1494 | JSON::DWIW/FJ | 86302.551 | 75983.768 | |
| 1231 | JSON::PC | 65948.176 | 74631.744 | |
1495 | JSON::PP | 15827.562 | 6638.658 | |
| 1232 | JSON::PP | 8931.652 | 3817.168 | |
1496 | JSON::Syck | 63358.066 | 47662.545 | |
| 1233 | JSON::Syck | 24877.248 | 27776.848 | |
1497 | JSON::XS | 511500.488 | 511500.488 | |
| 1234 | JSON::XS | 388361.481 | 227951.304 | |
1498 | JSON::XS/2 | 291271.111 | 388361.481 | |
| 1235 | JSON::XS/2 | 227951.304 | 218453.333 | |
1499 | JSON::XS/3 | 361577.931 | 361577.931 | |
| 1236 | JSON::XS/3 | 338250.323 | 218453.333 | |
1500 | Storable | 66788.280 | 265462.278 | |
| 1237 | Storable | 16500.016 | 135300.129 | |
|
|
| 1238 | -----------+------------+------------+ |
1501 | --------------+------------+------------+ |
| 1239 | |
1502 | |
| 1240 | That is, JSON::XS is about five times faster than JSON::DWIW on encoding, |
1503 | That is, JSON::XS is almost six times faster than JSON::DWIW on encoding, |
| 1241 | about three times faster on decoding, and over forty times faster |
1504 | about five times faster on decoding, and over thirty to seventy times |
| 1242 | than JSON, even with pretty-printing and key sorting. It also compares |
1505 | faster than JSON's pure perl implementation. It also compares favourably |
| 1243 | favourably to Storable for small amounts of data. |
1506 | to Storable for small amounts of data. |
| 1244 | |
1507 | |
| 1245 | Using a longer test string (roughly 18KB, generated from Yahoo! Locals |
1508 | Using a longer test string (roughly 18KB, generated from Yahoo! Locals |
| 1246 | search API (L<http://dist.schmorp.de/misc/json/long.json>). |
1509 | search API (L<http://dist.schmorp.de/misc/json/long.json>). |
| 1247 | |
1510 | |
| 1248 | module | encode | decode | |
1511 | module | encode | decode | |
| 1249 | -----------|------------|------------| |
1512 | --------------|------------|------------| |
| 1250 | JSON 1.x | 55.260 | 34.971 | |
1513 | JSON::DWIW/DS | 1647.927 | 2673.916 | |
| 1251 | JSON::DWIW | 825.228 | 1082.513 | |
1514 | JSON::DWIW/FJ | 1630.249 | 2596.128 | |
| 1252 | JSON::PC | 3571.444 | 2394.829 | |
|
|
| 1253 | JSON::PP | 210.987 | 32.574 | |
1515 | JSON::PP | 400.640 | 62.311 | |
| 1254 | JSON::Syck | 552.551 | 787.544 | |
1516 | JSON::Syck | 1481.040 | 1524.869 | |
| 1255 | JSON::XS | 5780.463 | 4854.519 | |
1517 | JSON::XS | 20661.596 | 9541.183 | |
| 1256 | JSON::XS/2 | 3869.998 | 4798.975 | |
1518 | JSON::XS/2 | 10683.403 | 9416.938 | |
| 1257 | JSON::XS/3 | 5862.880 | 4798.975 | |
1519 | JSON::XS/3 | 20661.596 | 9400.054 | |
| 1258 | Storable | 4445.002 | 5235.027 | |
1520 | Storable | 19765.806 | 10000.725 | |
| 1259 | -----------+------------+------------+ |
1521 | --------------+------------+------------+ |
| 1260 | |
1522 | |
| 1261 | Again, JSON::XS leads by far (except for Storable which non-surprisingly |
1523 | Again, JSON::XS leads by far (except for Storable which non-surprisingly |
| 1262 | decodes faster). |
1524 | decodes a bit faster). |
| 1263 | |
1525 | |
| 1264 | On large strings containing lots of high Unicode characters, some modules |
1526 | On large strings containing lots of high Unicode characters, some modules |
| 1265 | (such as JSON::PC) seem to decode faster than JSON::XS, but the result |
1527 | (such as JSON::PC) seem to decode faster than JSON::XS, but the result |
| 1266 | will be broken due to missing (or wrong) Unicode handling. Others refuse |
1528 | will be broken due to missing (or wrong) Unicode handling. Others refuse |
| 1267 | to decode or encode properly, so it was impossible to prepare a fair |
1529 | to decode or encode properly, so it was impossible to prepare a fair |
| … | |
… | |
| 1303 | information you might want to make sure that exceptions thrown by JSON::XS |
1565 | information you might want to make sure that exceptions thrown by JSON::XS |
| 1304 | will not end up in front of untrusted eyes. |
1566 | will not end up in front of untrusted eyes. |
| 1305 | |
1567 | |
| 1306 | If you are using JSON::XS to return packets to consumption |
1568 | If you are using JSON::XS to return packets to consumption |
| 1307 | by JavaScript scripts in a browser you should have a look at |
1569 | by JavaScript scripts in a browser you should have a look at |
| 1308 | L<http://jpsykes.com/47/practical-csrf-and-json-security> to see whether |
1570 | L<http://blog.archive.jpsykes.com/47/practical-csrf-and-json-security/> to |
| 1309 | you are vulnerable to some common attack vectors (which really are browser |
1571 | see whether you are vulnerable to some common attack vectors (which really |
| 1310 | design bugs, but it is still you who will have to deal with it, as major |
1572 | are browser design bugs, but it is still you who will have to deal with |
| 1311 | browser developers care only for features, not about getting security |
1573 | it, as major browser developers care only for features, not about getting |
| 1312 | right). |
1574 | security right). |
| 1313 | |
1575 | |
| 1314 | |
1576 | |
|
|
1577 | =head2 "OLD" VS. "NEW" JSON (RFC 4627 VS. RFC 7159) |
|
|
1578 | |
|
|
1579 | JSON originally required JSON texts to represent an array or object - |
|
|
1580 | scalar values were explicitly not allowed. This has changed, and versions |
|
|
1581 | of JSON::XS beginning with C<4.0> reflect this by allowing scalar values |
|
|
1582 | by default. |
|
|
1583 | |
|
|
1584 | One reason why one might not want this is that this removes a fundamental |
|
|
1585 | property of JSON texts, namely that they are self-delimited and |
|
|
1586 | self-contained, or in other words, you could take any number of "old" |
|
|
1587 | JSON texts and paste them together, and the result would be unambiguously |
|
|
1588 | parseable: |
|
|
1589 | |
|
|
1590 | [1,3]{"k":5}[][null] # four JSON texts, without doubt |
|
|
1591 | |
|
|
1592 | By allowing scalars, this property is lost: in the following example, is |
|
|
1593 | this one JSON text (the number 12) or two JSON texts (the numbers 1 and |
|
|
1594 | 2): |
|
|
1595 | |
|
|
1596 | 12 # could be 12, or 1 and 2 |
|
|
1597 | |
|
|
1598 | Another lost property of "old" JSON is that no lookahead is required to |
|
|
1599 | know the end of a JSON text, i.e. the JSON text definitely ended at the |
|
|
1600 | last C<]> or C<}> character, there was no need to read extra characters. |
|
|
1601 | |
|
|
1602 | For example, a viable network protocol with "old" JSON was to simply |
|
|
1603 | exchange JSON texts without delimiter. For "new" JSON, you have to use a |
|
|
1604 | suitable delimiter (such as a newline) after every JSON text or ensure you |
|
|
1605 | never encode/decode scalar values. |
|
|
1606 | |
|
|
1607 | Most protocols do work by only transferring arrays or objects, and the |
|
|
1608 | easiest way to avoid problems with the "new" JSON definition is to |
|
|
1609 | explicitly disallow scalar values in your encoder and decoder: |
|
|
1610 | |
|
|
1611 | $json_coder = JSON::XS->new->allow_nonref (0) |
|
|
1612 | |
|
|
1613 | This is a somewhat unhappy situation, and the blame can fully be put on |
|
|
1614 | JSON's inmventor, Douglas Crockford, who unilaterally changed the format |
|
|
1615 | in 2006 without consulting the IETF, forcing the IETF to either fork the |
|
|
1616 | format or go with it (as I was told, the IETF wasn't amused). |
|
|
1617 | |
|
|
1618 | |
|
|
1619 | =head1 INTEROPERABILITY WITH OTHER MODULES |
|
|
1620 | |
|
|
1621 | C<JSON::XS> uses the L<Types::Serialiser> module to provide boolean |
|
|
1622 | constants. That means that the JSON true and false values will be |
|
|
1623 | comaptible to true and false values of other modules that do the same, |
|
|
1624 | such as L<JSON::PP> and L<CBOR::XS>. |
|
|
1625 | |
|
|
1626 | |
|
|
1627 | =head1 INTEROPERABILITY WITH OTHER JSON DECODERS |
|
|
1628 | |
|
|
1629 | As long as you only serialise data that can be directly expressed in JSON, |
|
|
1630 | C<JSON::XS> is incapable of generating invalid JSON output (modulo bugs, |
|
|
1631 | but C<JSON::XS> has found more bugs in the official JSON testsuite (1) |
|
|
1632 | than the official JSON testsuite has found in C<JSON::XS> (0)). |
|
|
1633 | |
|
|
1634 | When you have trouble decoding JSON generated by this module using other |
|
|
1635 | decoders, then it is very likely that you have an encoding mismatch or the |
|
|
1636 | other decoder is broken. |
|
|
1637 | |
|
|
1638 | When decoding, C<JSON::XS> is strict by default and will likely catch all |
|
|
1639 | errors. There are currently two settings that change this: C<relaxed> |
|
|
1640 | makes C<JSON::XS> accept (but not generate) some non-standard extensions, |
|
|
1641 | and C<allow_tags> will allow you to encode and decode Perl objects, at the |
|
|
1642 | cost of not outputting valid JSON anymore. |
|
|
1643 | |
|
|
1644 | =head2 TAGGED VALUE SYNTAX AND STANDARD JSON EN/DECODERS |
|
|
1645 | |
|
|
1646 | When you use C<allow_tags> to use the extended (and also nonstandard and |
|
|
1647 | invalid) JSON syntax for serialised objects, and you still want to decode |
|
|
1648 | the generated When you want to serialise objects, you can run a regex |
|
|
1649 | to replace the tagged syntax by standard JSON arrays (it only works for |
|
|
1650 | "normal" package names without comma, newlines or single colons). First, |
|
|
1651 | the readable Perl version: |
|
|
1652 | |
|
|
1653 | # if your FREEZE methods return no values, you need this replace first: |
|
|
1654 | $json =~ s/\( \s* (" (?: [^\\":,]+|\\.|::)* ") \s* \) \s* \[\s*\]/[$1]/gx; |
|
|
1655 | |
|
|
1656 | # this works for non-empty constructor arg lists: |
|
|
1657 | $json =~ s/\( \s* (" (?: [^\\":,]+|\\.|::)* ") \s* \) \s* \[/[$1,/gx; |
|
|
1658 | |
|
|
1659 | And here is a less readable version that is easy to adapt to other |
|
|
1660 | languages: |
|
|
1661 | |
|
|
1662 | $json =~ s/\(\s*("([^\\":,]+|\\.|::)*")\s*\)\s*\[/[$1,/g; |
|
|
1663 | |
|
|
1664 | Here is an ECMAScript version (same regex): |
|
|
1665 | |
|
|
1666 | json = json.replace (/\(\s*("([^\\":,]+|\\.|::)*")\s*\)\s*\[/g, "[$1,"); |
|
|
1667 | |
|
|
1668 | Since this syntax converts to standard JSON arrays, it might be hard to |
|
|
1669 | distinguish serialised objects from normal arrays. You can prepend a |
|
|
1670 | "magic number" as first array element to reduce chances of a collision: |
|
|
1671 | |
|
|
1672 | $json =~ s/\(\s*("([^\\":,]+|\\.|::)*")\s*\)\s*\[/["XU1peReLzT4ggEllLanBYq4G9VzliwKF",$1,/g; |
|
|
1673 | |
|
|
1674 | And after decoding the JSON text, you could walk the data |
|
|
1675 | structure looking for arrays with a first element of |
|
|
1676 | C<XU1peReLzT4ggEllLanBYq4G9VzliwKF>. |
|
|
1677 | |
|
|
1678 | The same approach can be used to create the tagged format with another |
|
|
1679 | encoder. First, you create an array with the magic string as first member, |
|
|
1680 | the classname as second, and constructor arguments last, encode it as part |
|
|
1681 | of your JSON structure, and then: |
|
|
1682 | |
|
|
1683 | $json =~ s/\[\s*"XU1peReLzT4ggEllLanBYq4G9VzliwKF"\s*,\s*("([^\\":,]+|\\.|::)*")\s*,/($1)[/g; |
|
|
1684 | |
|
|
1685 | Again, this has some limitations - the magic string must not be encoded |
|
|
1686 | with character escapes, and the constructor arguments must be non-empty. |
|
|
1687 | |
|
|
1688 | |
|
|
1689 | =head1 RFC7159 |
|
|
1690 | |
|
|
1691 | Since this module was written, Google has written a new JSON RFC, RFC 7159 |
|
|
1692 | (and RFC7158). Unfortunately, this RFC breaks compatibility with both the |
|
|
1693 | original JSON specification on www.json.org and RFC4627. |
|
|
1694 | |
|
|
1695 | As far as I can see, you can get partial compatibility when parsing by |
|
|
1696 | using C<< ->allow_nonref >>. However, consider the security implications |
|
|
1697 | of doing so. |
|
|
1698 | |
|
|
1699 | I haven't decided yet when to break compatibility with RFC4627 by default |
|
|
1700 | (and potentially leave applications insecure) and change the default to |
|
|
1701 | follow RFC7159, but application authors are well advised to call C<< |
|
|
1702 | ->allow_nonref(0) >> even if this is the current default, if they cannot |
|
|
1703 | handle non-reference values, in preparation for the day when the default |
|
|
1704 | will change. |
|
|
1705 | |
|
|
1706 | |
| 1315 | =head1 THREADS |
1707 | =head1 (I-)THREADS |
| 1316 | |
1708 | |
| 1317 | This module is I<not> guaranteed to be thread safe and there are no |
1709 | This module is I<not> guaranteed to be ithread (or MULTIPLICITY-) safe |
| 1318 | plans to change this until Perl gets thread support (as opposed to the |
1710 | and there are no plans to change this. Note that perl's builtin so-called |
| 1319 | horribly slow so-called "threads" which are simply slow and bloated |
1711 | threads/ithreads are officially deprecated and should not be used. |
| 1320 | process simulations - use fork, it's I<much> faster, cheaper, better). |
|
|
| 1321 | |
1712 | |
| 1322 | (It might actually work, but you have been warned). |
1713 | |
|
|
1714 | =head1 THE PERILS OF SETLOCALE |
|
|
1715 | |
|
|
1716 | Sometimes people avoid the Perl locale support and directly call the |
|
|
1717 | system's setlocale function with C<LC_ALL>. |
|
|
1718 | |
|
|
1719 | This breaks both perl and modules such as JSON::XS, as stringification of |
|
|
1720 | numbers no longer works correctly (e.g. C<$x = 0.1; print "$x"+1> might |
|
|
1721 | print C<1>, and JSON::XS might output illegal JSON as JSON::XS relies on |
|
|
1722 | perl to stringify numbers). |
|
|
1723 | |
|
|
1724 | The solution is simple: don't call C<setlocale>, or use it for only those |
|
|
1725 | categories you need, such as C<LC_MESSAGES> or C<LC_CTYPE>. |
|
|
1726 | |
|
|
1727 | If you need C<LC_NUMERIC>, you should enable it only around the code that |
|
|
1728 | actually needs it (avoiding stringification of numbers), and restore it |
|
|
1729 | afterwards. |
| 1323 | |
1730 | |
| 1324 | |
1731 | |
| 1325 | =head1 BUGS |
1732 | =head1 BUGS |
| 1326 | |
1733 | |
| 1327 | While the goal of this module is to be correct, that unfortunately does |
1734 | While the goal of this module is to be correct, that unfortunately does |
| 1328 | not mean it's bug-free, only that I think its design is bug-free. It is |
1735 | not mean it's bug-free, only that I think its design is bug-free. If you |
| 1329 | still relatively early in its development. If you keep reporting bugs they |
1736 | keep reporting bugs they will be fixed swiftly, though. |
| 1330 | will be fixed swiftly, though. |
|
|
| 1331 | |
1737 | |
| 1332 | Please refrain from using rt.cpan.org or any other bug reporting |
1738 | Please refrain from using rt.cpan.org or any other bug reporting |
| 1333 | service. I put the contact address into my modules for a reason. |
1739 | service. I put the contact address into my modules for a reason. |
| 1334 | |
1740 | |
| 1335 | =cut |
1741 | =cut |
| 1336 | |
1742 | |
| 1337 | our $true = do { bless \(my $dummy = 1), "JSON::XS::Boolean" }; |
1743 | BEGIN { |
| 1338 | our $false = do { bless \(my $dummy = 0), "JSON::XS::Boolean" }; |
1744 | *true = \$Types::Serialiser::true; |
|
|
1745 | *true = \&Types::Serialiser::true; |
|
|
1746 | *false = \$Types::Serialiser::false; |
|
|
1747 | *false = \&Types::Serialiser::false; |
|
|
1748 | *is_bool = \&Types::Serialiser::is_bool; |
| 1339 | |
1749 | |
| 1340 | sub true() { $true } |
1750 | *JSON::XS::Boolean:: = *Types::Serialiser::Boolean::; |
| 1341 | sub false() { $false } |
|
|
| 1342 | |
|
|
| 1343 | sub is_bool($) { |
|
|
| 1344 | UNIVERSAL::isa $_[0], "JSON::XS::Boolean" |
|
|
| 1345 | # or UNIVERSAL::isa $_[0], "JSON::Literal" |
|
|
| 1346 | } |
1751 | } |
| 1347 | |
1752 | |
| 1348 | XSLoader::load "JSON::XS", $VERSION; |
1753 | XSLoader::load "JSON::XS", $VERSION; |
| 1349 | |
|
|
| 1350 | package JSON::XS::Boolean; |
|
|
| 1351 | |
|
|
| 1352 | use overload |
|
|
| 1353 | "0+" => sub { ${$_[0]} }, |
|
|
| 1354 | "++" => sub { $_[0] = ${$_[0]} + 1 }, |
|
|
| 1355 | "--" => sub { $_[0] = ${$_[0]} - 1 }, |
|
|
| 1356 | fallback => 1; |
|
|
| 1357 | |
|
|
| 1358 | 1; |
|
|
| 1359 | |
1754 | |
| 1360 | =head1 SEE ALSO |
1755 | =head1 SEE ALSO |
| 1361 | |
1756 | |
| 1362 | The F<json_xs> command line utility for quick experiments. |
1757 | The F<json_xs> command line utility for quick experiments. |
| 1363 | |
1758 | |
| … | |
… | |
| 1366 | Marc Lehmann <schmorp@schmorp.de> |
1761 | Marc Lehmann <schmorp@schmorp.de> |
| 1367 | http://home.schmorp.de/ |
1762 | http://home.schmorp.de/ |
| 1368 | |
1763 | |
| 1369 | =cut |
1764 | =cut |
| 1370 | |
1765 | |
|
|
1766 | 1 |
|
|
1767 | |
