Perl-Sensitive Sunglasses | |
PerlMonks |
JSON::XS and escaping literal stringsby abelard12 (Novice) |
on Jun 06, 2018 at 23:00 UTC ( [id://1216070]=perlquestion: print w/replies, xml ) | Need Help?? |
abelard12 has asked for the wisdom of the Perl Monks concerning the following question: I'm using JSON::XS to generate an ld+json object. I'm not clear on what the correct way is to escape string literal values. JSON::PP has an escape_slash() method. JSON::XS does not. But there is also a Cpanel::JSON::XS fork that does implement it. Cpanel::JSON::XS includes this note: According to the JSON Grammar, the forward slash character (U+002F) "/" need to be escaped. But by default strings are encoded without escaping slashes in all perl JSON encoders. So what is best practice? Why doesn't JSON::XS offer the escape_slash() method? Is it a false sense of security? If so, what's the safest route? To escape all of the strings in the data structure before encoding to JSON? It seems like having an escape option as part of the JSON encoding would be less error-prone. What are y'all doing? This page talks about the problem and recommends using jsesc with Node: https://www.man42.net/blog/2016/12/safely-escape-user-data-in-a-script-tag/ What's the equivalent of jsesc for Perl? Thanks!
Back to
Seekers of Perl Wisdom
|
|