Comments (9)
I neglected to include:
> sessionInfo()
R version 3.1.0 (2014-04-10)
Platform: x86_64-pc-linux-gnu (64-bit)
locale:
[1] LC_CTYPE=en_US.UTF-8 LC_NUMERIC=C LC_TIME=en_US.UTF-8
[4] LC_COLLATE=en_US.UTF-8 LC_MONETARY=en_US.UTF-8 LC_MESSAGES=en_US.UTF-8
[7] LC_PAPER=en_US.UTF-8 LC_NAME=C LC_ADDRESS=C
[10] LC_TELEPHONE=C LC_MEASUREMENT=en_US.UTF-8 LC_IDENTIFICATION=C
attached base packages:
[1] stats graphics grDevices utils datasets methods base
other attached packages:
[1] jsonlite_0.9.7
from jsonlite.
The libjson
library implements parsing and validation in separate functions for performance reasons. The fromJSON
parser assumes the json
is valid. Indeed, this can lead to unexpected parser behavior when parsing invalid json.
I recommend that if you expect your application/service might receive invalid json, you manually run validate(myjson)
before calling fromJSON(myjson)
.
I'll look if there is anything I can do to make the parser more strict.
from jsonlite.
Thanks for the quick response. I assume my situation to be a common one, in that you never expect to receive invalid JSON until after it has already happened. Calling validate each time may be a bit inelegant, but it will certainly solve the problem.
from jsonlite.
Can try to modify some options in JSONOptions.h to make the parser more strict, but not sure if that is a good idea.
from jsonlite.
I took a look at the options for flags that might be useful. The only idea I had was to undefine JSON_SAFE, which leads to a segfault in the event of invalid JSON. So that makes it worse.
Would you consider adding a validate argument to fromJSON? That function already includes some convenience-oriented code like automatic handling of file or URL arguments instead of actual JSON text. Adding validation seems to me in the same spirit. I'd be happy to submit a patch if you're interested.
from jsonlite.
Mmm not sure. The toJSON
and fromJSON
functions already have a lot of arguments. It's not much shorter to type
fromJSON(mydata, validate=TRUE)
rather than
validate(mydata)
fromJSON(mydata)
The only reason to add it would be if we set it to TRUE
by default. I guess I need to do some benchmarking to test the relative performance overhead of validating everything.
from jsonlite.
I'm adding this in jsonlite 0.9.10: 678135f. However it is set to FALSE
by default, because I know that many people currently using fromJSON
won't appreciate the unasked performance overhead when upgrading jsonlite
.
from jsonlite.
On cran now.
from jsonlite.
FYI starting jsonlite version 0.9.12 we are using another parser which always validates the JSON while parsing. The validate
argument has been deprecated.
from jsonlite.
Related Issues (20)
- Hardcoded 15 significant digits in num_to_char.c HOT 14
- Support decompression in `jsonlite::read_json` HOT 2
- One error in tests on PowerPC: test-serializeJSON-S4.R
- Can fromJSON coerce type of variable? HOT 3
- [Documentation] Is toJSON's output minified by default? HOT 1
- jsonlite throws SSL connect error through firewall
- spaces and parenthesis in Json Keys names converted to dots. HOT 4
- Behaviour of `toJSON` with `digits=NA` changed from 1.8.4 -> 1.8.5 HOT 2
- Update tests to newer testthat approach HOT 2
- `toJSON()` enters infinite recursion for `labelled` vectors HOT 2
- Error (data_api.R#313): lexical error: invalid char in json text. HOT 1
- yajl vulnerability: 'yajl_tree_parse' memory leak HOT 2
- Adding "undefined" as option to `na` in `toJSON` HOT 3
- Please enable usage of system yajl library HOT 2
- embedded yajl is vulnerable to CVE-2017-16516 and CVE-2022-24795 HOT 3
- Mutating & erring S3-dispatch attempts
- Title for read_json not consistent with rest of documentation like toJSON, fromJSON
- Negative zeros HOT 2
- `fromJSON()` with nested array
- Option for toJSON() to output a decimal point for all doubles
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jsonlite.