Closed Bug 340987 Opened 15 years ago Closed 12 years ago

Implement JSON extensions to the JS language.

Categories

(Core :: JavaScript Engine, defect)

defect
Not set
normal

Tracking

()

RESOLVED DUPLICATE of bug 408838

People

(Reporter: erik, Unassigned)

References

()

Details

(Keywords: perf)

Implement JSON methods on JS objects.

This is planned for JS2.0 but I don't see a reason why it should not be added to JS1.x

As far as I remember these new methods are:

String.prototype.parseJSON
Object.prototype.toJSONString

Sub classes of Object needs to override this.

Array.prototype.toJSONString
String.prototype.toJSONString

Other built in classes can use toString
Interesting.  I'm guessing these differ from eval/uneval by refusing to eval or uneval functions, for example?
This is still being discussed for ES4, it won't make JS1.7.

/be
Assignee: brendan → general
This might be good to do in Mozilla 1.9/Firefox 3, but then we're on the slippery slope to a JS1.8...

/be
Target Milestone: --- → mozilla1.8.1alpha2
Target Milestone: mozilla1.8.1alpha2 → ---
*** Bug 360666 has been marked as a duplicate of this bug. ***
The JSON syntax allows arrays to be the root object. There has been an article on Ajaxian <http://ajaxian.com/archives/the-safety-of-json> that describes a way of stealing cross-domain JSON data (if the JSON is an array) by overriding the Array constructor, then pulling in the JSON with a cross-domain script tag and then capturing the generated array before it goes away. Is it possible to mitigate this attack?
Blocks: js1.8
nrlz, see bug 376957, "Prevent data leaks from cross-site JSON loads".
Blocks: 385349
Depends on: 387522
Blocks: 384370
No longer blocks: 384370
Now that Native JSON Support (bug 387522) has landed, can we set this to be on track with FF3b3? Like that ticket, getting this to land would be a huge performance win - perhaps more so, considering that this would effect thousands of web applications directly.
Keywords: perf
Flags: blocking1.9?
I am wondering if bug 408838 better serves John's needs for exposing native JSON to web content.
I'd love this personally, but time is running short for FF3 and we are way beyond new feature type stuff.  If we can get a low-risk version in great - but we will not hold the release for this.
Flags: wanted1.9+
Flags: blocking1.9?
Flags: blocking1.9-
Bumping to JS1.9.
Blocks: js1.8.5
No longer blocks: js1.8
Blocks: es5
Is this a pure DUP?

/be
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 408838
You need to log in before you can comment on or make changes to this bug.