FAQ

[Catalyst] Catalyst::Controller:REST and JSON vs JSONP issue

Dave Howorth
Aug 26, 2011 at 12:57 pm

James Spath wrote:
FWIW, IMHO the issue is better fixed in JSON::XS et al than in
Catalyst::Action::Serialize::JSON. I don't see why JSON can't always
encode the two problematic characters.
I suppose it could be in JSON::XS .. but JSON::XS is doing nothing
wrong ... the two characters are perfectly valid JSON ... but they are
NOT valid in JavaScript.
That's strictly true, but neither is it doing anything wrong by encoding
the two characters. From the spec <http://www.ietf.org/rfc/rfc4627.txt>:
"Any character may be escaped. If the character is in the Basic
Multilingual Plane (U+0000 through U+FFFF), then it may be
represented as a six-character sequence: a reverse solidus, followed
by the lowercase letter u, followed by four hexadecimal digits that
encode the character's code point."

And it's going against the spirit of the specification, which says, in
section 6 under Security considerations:
"JSON is a subset of JavaScript".

It appears to be a simple oversight in the specification.
Perhaps it could be an option in JSON::XS?
Well that would fit with TMTOWDTI but I'd suggest asking the world
whether anybody has a use case before adding the complication :)

Cheers, Dave
reply

Search Discussions

Discussion Posts

Previous

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 4 of 4 | next ›

2 users in discussion

James Spath: 2 posts Dave Howorth: 2 posts