Implement JSON extensions to the JS language.

RESOLVED DUPLICATE of bug 408838

Status

()

Core
JavaScript Engine
RESOLVED DUPLICATE of bug 408838
11 years ago
8 years ago

People

(Reporter: Erik Arvidsson, Unassigned)

Tracking

(Blocks: 1 bug, {perf})

Trunk
Points:
---
Dependency tree / graph
Bug Flags:
blocking1.9 -
wanted1.9 +

Firefox Tracking Flags

(Not tracked)

Details

(URL)

(Reporter)

Description

11 years ago
Implement JSON methods on JS objects.

This is planned for JS2.0 but I don't see a reason why it should not be added to JS1.x

As far as I remember these new methods are:

String.prototype.parseJSON
Object.prototype.toJSONString

Sub classes of Object needs to override this.

Array.prototype.toJSONString
String.prototype.toJSONString

Other built in classes can use toString

Comment 1

11 years ago
Interesting.  I'm guessing these differ from eval/uneval by refusing to eval or uneval functions, for example?
This is still being discussed for ES4, it won't make JS1.7.

/be
Assignee: brendan → general
This might be good to do in Mozilla 1.9/Firefox 3, but then we're on the slippery slope to a JS1.8...

/be
Target Milestone: --- → mozilla1.8.1alpha2
Target Milestone: mozilla1.8.1alpha2 → ---
*** Bug 360666 has been marked as a duplicate of this bug. ***

Comment 5

11 years ago
The JSON syntax allows arrays to be the root object. There has been an article on Ajaxian <http://ajaxian.com/archives/the-safety-of-json> that describes a way of stealing cross-domain JSON data (if the JSON is an array) by overriding the Array constructor, then pulling in the JSON with a cross-domain script tag and then capturing the generated array before it goes away. Is it possible to mitigate this attack?

Updated

10 years ago
Blocks: 380236

Comment 6

10 years ago
nrlz, see bug 376957, "Prevent data leaks from cross-site JSON loads".

Updated

10 years ago
Blocks: 385349
Blocks: 386789

Updated

10 years ago
Depends on: 387522

Updated

10 years ago
Blocks: 384370
No longer blocks: 384370

Comment 7

10 years ago
Now that Native JSON Support (bug 387522) has landed, can we set this to be on track with FF3b3? Like that ticket, getting this to land would be a huge performance win - perhaps more so, considering that this would effect thousands of web applications directly.
Keywords: perf

Updated

10 years ago
Flags: blocking1.9?
I am wondering if bug 408838 better serves John's needs for exposing native JSON to web content.

Comment 9

10 years ago
I'd love this personally, but time is running short for FF3 and we are way beyond new feature type stuff.  If we can get a low-risk version in great - but we will not hold the release for this.
Flags: wanted1.9+
Flags: blocking1.9?
Flags: blocking1.9-

Comment 10

10 years ago
Bumping to JS1.9.
Blocks: 429508
No longer blocks: 380236

Updated

9 years ago
Blocks: 445494
(Reporter)

Updated

9 years ago
Is this a pure DUP?

/be

Updated

8 years ago
Status: NEW → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 408838
You need to log in before you can comment on or make changes to this bug.