Comments (9)
johnlaing
commented on July 16, 2024
I neglected to include:
> sessionInfo()
R version 3.1.0 (2014-04-10)
Platform: x86_64-pc-linux-gnu (64-bit)
locale:
[1] LC_CTYPE=en_US.UTF-8 LC_NUMERIC=C LC_TIME=en_US.UTF-8
[4] LC_COLLATE=en_US.UTF-8 LC_MONETARY=en_US.UTF-8 LC_MESSAGES=en_US.UTF-8
[7] LC_PAPER=en_US.UTF-8 LC_NAME=C LC_ADDRESS=C
[10] LC_TELEPHONE=C LC_MEASUREMENT=en_US.UTF-8 LC_IDENTIFICATION=C
attached base packages:
[1] stats graphics grDevices utils datasets methods base
other attached packages:
[1] jsonlite_0.9.7
from jsonlite.
jeroen
commented on July 16, 2024
The libjson library implements parsing and validation in separate functions for performance reasons. The fromJSON parser assumes the json is valid. Indeed, this can lead to unexpected parser behavior when parsing invalid json.
I recommend that if you expect your application/service might receive invalid json, you manually run validate(myjson) before calling fromJSON(myjson).
I'll look if there is anything I can do to make the parser more strict.
from jsonlite.
johnlaing
commented on July 16, 2024
Thanks for the quick response. I assume my situation to be a common one, in that you never expect to receive invalid JSON until after it has already happened. Calling validate each time may be a bit inelegant, but it will certainly solve the problem.
from jsonlite.
jeroen
commented on July 16, 2024
Can try to modify some options in JSONOptions.h to make the parser more strict, but not sure if that is a good idea.
from jsonlite.
johnlaing
commented on July 16, 2024
I took a look at the options for flags that might be useful. The only idea I had was to undefine JSON_SAFE, which leads to a segfault in the event of invalid JSON. So that makes it worse.
Would you consider adding a validate argument to fromJSON? That function already includes some convenience-oriented code like automatic handling of file or URL arguments instead of actual JSON text. Adding validation seems to me in the same spirit. I'd be happy to submit a patch if you're interested.
from jsonlite.
jeroen
commented on July 16, 2024
Mmm not sure. The toJSON and fromJSON functions already have a lot of arguments. It's not much shorter to type
fromJSON(mydata, validate=TRUE)
rather than
validate(mydata)
fromJSON(mydata)
The only reason to add it would be if we set it to TRUE by default. I guess I need to do some benchmarking to test the relative performance overhead of validating everything.
from jsonlite.
jeroen
commented on July 16, 2024
I'm adding this in jsonlite 0.9.10: 678135f. However it is set to FALSE by default, because I know that many people currently using fromJSON won't appreciate the unasked performance overhead when upgrading jsonlite.
from jsonlite.
jeroen
commented on July 16, 2024
On cran now.
from jsonlite.
jeroen
commented on July 16, 2024
FYI starting jsonlite version 0.9.12 we are using another parser which always validates the JSON while parsing. The validate argument has been deprecated.
from jsonlite.
Related Issues (20)
- Hardcoded 15 significant digits in num_to_char.c HOT 14
- Support decompression in `jsonlite::read_json` HOT 2
- One error in tests on PowerPC: test-serializeJSON-S4.R
- Can fromJSON coerce type of variable? HOT 3
- [Documentation] Is toJSON's output minified by default? HOT 1
- jsonlite throws SSL connect error through firewall
- spaces and parenthesis in Json Keys names converted to dots. HOT 4
- Behaviour of `toJSON` with `digits=NA` changed from 1.8.4 -> 1.8.5 HOT 2
- Update tests to newer testthat approach HOT 2
- `toJSON()` enters infinite recursion for `labelled` vectors HOT 2
- Error (data_api.R#313): lexical error: invalid char in json text. HOT 1
- yajl vulnerability: 'yajl_tree_parse' memory leak HOT 2
- Adding "undefined" as option to `na` in `toJSON` HOT 3
- Please enable usage of system yajl library HOT 2
- embedded yajl is vulnerable to CVE-2017-16516 and CVE-2022-24795 HOT 3
- Mutating & erring S3-dispatch attempts
- Title for read_json not consistent with rest of documentation like toJSON, fromJSON
- Negative zeros HOT 2
- `fromJSON()` with nested array
- Option for toJSON() to output a decimal point for all doubles
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jsonlite.