[erlang-questions] No JSON/MAPS interoperability in 17.0?

Thomas Lindgren thomasl_erlang@REDACTED
Mon Mar 10 11:03:01 CET 2014


"What about a JSON-encoded string containing "</script>", should that be avoided by Erlang’s builtin parser? What about "]]>"? What about the two characters that are accepted in JSON but not in JavaScript"

To what extent are these issues problematic in an Erlang environment? 

My proposal: support an optional plugin API for sanitizing strings, and provide a standard plugin that detects these cases.

Best,
Thomas



On Sunday, March 9, 2014 6:05 PM, Anthony Ramine <n.oxyde@REDACTED> wrote:
 
What about the utter lack of proper specifications around JSON? The fact that you always have to think about where the JSON will be injected?
>
>What about a JSON-encoded string containing "</script>", should that be avoided by Erlang’s builtin parser? What about "]]>"? What about the two characters that are accepted in JSON but not in JavaScript?
>
>Just because other languages include such a thing doesn’t mean Erlang should too. If diversity is not a reason to reject it, other languages providing it is not a reason to include it either.
>
>-- 
>Anthony Ramine
>
>Le 9 mars 2014 à 15:56, liuyanghejerry <liuyanghejerry@REDACTED> a écrit :
>
>> 于 2014/3/8 22:01, Anthony Ramine 写道:
>>> The problem is not about what is accepted, it’s about how one’s (un)parser works. Sometimes you want a streaming-like API, sometimes the whole tree, etc. The Postel principle is orthogonal here.
>>> 
>> 
>> So, all languages with JSON module in their standard library seems unbelievable? Because people need different parsers, so we give them no parser? I don't think this is a reason for rejecting it.
>> 
>> _______________________________________________
>> erlang-questions mailing list
>> erlang-questions@REDACTED
>> http://erlang.org/mailman/listinfo/erlang-questions
>
>
>_______________________________________________
>erlang-questions mailing list
>erlang-questions@REDACTED
>http://erlang.org/mailman/listinfo/erlang-questions
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20140310/ebd491b8/attachment.htm>


More information about the erlang-questions mailing list