File Coverage

blib/lib/Cpanel/JSON/XS.pm

Criterion	Covered	Total	%
statement	33	48	68.7
branch	19	26	73.0
condition	8	15	53.3
subroutine	11	15	73.3
pod	4	4	100.0
total	75	108	69.4

line	stmt	bran	cond	sub	pod	time	code
1							package Cpanel::JSON::XS;
2							our $VERSION = '4.17';
3							our $XS_VERSION = $VERSION;
4							# $VERSION = eval $VERSION;
5
6							=pod
7
8							=head1 NAME
9
10							Cpanel::JSON::XS - cPanel fork of JSON::XS, fast and correct serializing
11
12							=head1 SYNOPSIS
13
14							use Cpanel::JSON::XS;
15
16							# exported functions, they croak on error
17							# and expect/generate UTF-8
18
19							$utf8_encoded_json_text = encode_json $perl_hash_or_arrayref;
20							$perl_hash_or_arrayref = decode_json $utf8_encoded_json_text;
21
22							# OO-interface
23
24							$coder = Cpanel::JSON::XS->new->ascii->pretty->allow_nonref;
25							$pretty_printed_unencoded = $coder->encode ($perl_scalar);
26							$perl_scalar = $coder->decode ($unicode_json_text);
27
28							# Note that 5.6 misses most smart utf8 and encoding functionalities
29							# of newer releases.
30
31							# Note that L will automatically use Cpanel::JSON::XS
32							# if available, at virtually no speed overhead either, so you should
33							# be able to just:
34
35							use JSON::MaybeXS;
36
37							# and do the same things, except that you have a pure-perl fallback now.
38
39							Note that this module will be replaced by a new JSON::Safe module soon,
40							with the same API just guaranteed safe defaults.
41
42							=head1 DESCRIPTION
43
44							This module converts Perl data structures to JSON and vice versa. Its
45							primary goal is to be I and its secondary goal is to be
46							I. To reach the latter goal it was written in C.
47
48							As this is the n-th-something JSON module on CPAN, what was the reason
49							to write yet another JSON module? While it seems there are many JSON
50							modules, none of them correctly handle all corner cases, and in most cases
51							their maintainers are unresponsive, gone missing, or not listening to bug
52							reports for other reasons.
53
54							See below for the cPanel fork.
55
56							See MAPPING, below, on how Cpanel::JSON::XS maps perl values to JSON
57							values and vice versa.
58
59							=head2 FEATURES
60
61							=over 4
62
63							=item * correct Unicode handling
64
65							This module knows how to handle Unicode with Perl version higher than 5.8.5,
66							documents how and when it does so, and even documents what "correct" means.
67
68							=item * round-trip integrity
69
70							When you serialize a perl data structure using only data types supported
71							by JSON and Perl, the deserialized data structure is identical on the Perl
72							level. (e.g. the string "2.0" doesn't suddenly become "2" just because
73							it looks like a number). There I minor exceptions to this, read the
74							MAPPING section below to learn about those.
75
76							=item * strict checking of JSON correctness
77
78							There is no guessing, no generating of illegal JSON texts by default,
79							and only JSON is accepted as input by default. the latter is a security
80							feature.
81
82							=item * fast
83
84							Compared to other JSON modules and other serializers such as Storable,
85							this module usually compares favourably in terms of speed, too.
86
87							=item * simple to use
88
89							This module has both a simple functional interface as well as an object
90							oriented interface.
91
92							=item * reasonably versatile output formats
93
94							You can choose between the most compact guaranteed-single-line format
95							possible (nice for simple line-based protocols), a pure-ASCII format
96							(for when your transport is not 8-bit clean, still supports the whole
97							Unicode range), or a pretty-printed format (for when you want to read that
98							stuff). Or you can combine those features in whatever way you like.
99
100							=back
101
102							=head2 cPanel fork
103
104							Since the original author MLEHMANN has no public
105							bugtracker, this cPanel fork sits now on github.
106
107							src repo: L
108							original: L
109
110							RT: L
111							or L
112
113							B
114
115							- stricter decode_json() as documented. non-refs are disallowed.
116							added a 2nd optional argument. decode() honors now allow_nonref.
117
118							- fixed encode of numbers for dual-vars. Different string
119							representations are preserved, but numbers with temporary strings
120							which represent the same number are here treated as numbers, not
121							strings. Cpanel::JSON::XS is a bit slower, but preserves numeric
122							types better.
123
124							- numbers ending with .0 stray numbers, are not converted to
125							integers. [#63] dual-vars which are represented as number not
126							integer (42+"bar" != 5.8.9) are now encoded as number (=> 42.0)
127							because internally it's now a NOK type. However !!1 which is
128							wrongly encoded in 5.8 as "1"/1.0 is still represented as integer.
129
130							- different handling of inf/nan. Default now to null, optionally with
131							stringify_infnan() to "inf"/"nan". [#28, #32]
132
133							- added C extension, non-JSON and non JSON parsable, allows
134							C<\xNN> and C<\NNN> sequences.
135
136							- 5.6.2 support; sacrificing some utf8 features (assuming bytes
137							all-over), no multi-byte unicode characters with 5.6.
138
139							- interop for true/false overloading. JSON::XS, JSON::PP and Mojo::JSON
140							representations for booleans are accepted and JSON::XS accepts
141							Cpanel::JSON::XS booleans [#13, #37]
142							Fixed overloading of booleans. Cpanel::JSON::XS::true stringifies again
143							to "1", not "true", analog to all other JSON modules.
144
145							- native boolean mapping of yes and no to true and false, as in YAML::XS.
146							In perl C is yes, C is no.
147							The JSON value true maps to 1, false maps to 0. [#39]
148
149							- support arbitrary stringification with encode, with convert_blessed
150							and allow_blessed.
151
152							- ithread support. Cpanel::JSON::XS is thread-safe, JSON::XS not
153
154							- is_bool can be called as method, JSON::XS::is_bool not.
155
156							- performance optimizations for threaded Perls
157
158							- relaxed mode, allowing many popular extensions
159
160							- additional fixes for:
161
162							- [cpan #88061] AIX atof without USE_LONG_DOUBLE
163
164							- #10 unshare_hek crash
165
166							- #7, #29 avoid re-blessing where possible. It fails in JSON::XS for
167							READONLY values, i.e. restricted hashes.
168
169							- #41 overloading of booleans, use the object not the reference.
170
171							- #62 -Dusequadmath conversion and no SEGV.
172
173							- #72 parsing of values followed \0, like 1\0 does fail.
174
175							- #72 parsing of illegal unicode or non-unicode characters.
176
177							- #96 locale-insensitive numeric conversion
178
179							- #154 numeric conversion fixed since 5.22, using the same strtold as perl5.
180
181							- public maintenance and bugtracker
182
183							- use ppport.h, sanify XS.xs comment styles, harness C coding style
184
185							- common::sense is optional. When available it is not used in the
186							published production module, just during development and testing.
187
188							- extended testsuite, passes all http://seriot.ch/parsing_json.html
189							tests. In fact it is the only know JSON decoder which does so,
190							while also being the fastest.
191
192							- support many more options and methods from JSON::PP:
193							stringify_infnan, allow_unknown, allow_stringify, allow_barekey,
194							encode_stringify, allow_bignum, allow_singlequote, sort_by
195							(partially), escape_slash, convert_blessed, ... optional
196							decode_json(, allow_nonref) arg.
197							relaxed implements allow_dupkeys.
198
199							- support all 5 unicode L's: UTF-8, UTF-16LE, UTF-16BE, UTF-32LE,
200							UTF-32BE, encoding internally to UTF-8.
201
202							=cut
203
204							our @ISA = qw(Exporter);
205							our @EXPORT = qw(encode_json decode_json to_json from_json);
206
207							sub to_json($@) {
208	0	0		0	1	0	if ($] >= 5.008) {
209	0					0	require Carp;
210	0					0	Carp::croak ("Cpanel::JSON::XS::to_json has been renamed to encode_json,".
211							" either downgrade to pre-2.0 versions of Cpanel::JSON::XS or".
212							" rename the call");
213							} else {
214	0					0	_to_json(@_);
215							}
216							}
217
218							sub from_json($@) {
219	0	0		0	1	0	if ($] >= 5.008) {
220	0					0	require Carp;
221	0					0	Carp::croak ("Cpanel::JSON::XS::from_json has been renamed to decode_json,".
222							" either downgrade to pre-2.0 versions of Cpanel::JSON::XS or".
223							" rename the call");
224							} else {
225	0					0	_from_json(@_);
226							}
227							}
228
229	57			57		2654196	use Exporter;
	57					450
	57					2158
230	57			57		274	use XSLoader;
	57					93
	57					32667
231
232							=head1 FUNCTIONAL INTERFACE
233
234							The following convenience methods are provided by this module. They are
235							exported by default:
236
237							=over 4
238
239							=item $json_text = encode_json $perl_scalar, [json_type]
240
241							Converts the given Perl data structure to a UTF-8 encoded, binary string
242							(that is, the string contains octets only). Croaks on error.
243
244							This function call is functionally identical to:
245
246							$json_text = Cpanel::JSON::XS->new->utf8->encode ($perl_scalar, $json_type)
247
248							Except being faster.
249
250							For the type argument see L.
251
252							=item $perl_scalar = decode_json $json_text [, $allow_nonref [, my $json_type ] ]
253
254							The opposite of C: expects an UTF-8 (binary) string of an
255							json reference and tries to parse that as an UTF-8 encoded JSON text,
256							returning the resulting reference. Croaks on error.
257
258							This function call is functionally identical to:
259
260							$perl_scalar = Cpanel::JSON::XS->new->utf8->decode ($json_text, $json_type)
261
262							except being faster.
263
264							Note that older decode_json versions in Cpanel::JSON::XS older than
265							3.0116 and JSON::XS did not set allow_nonref but allowed them due to a
266							bug in the decoder.
267
268							If the new optional $allow_nonref argument is set and not false, the
269							allow_nonref option will be set and the function will act is described
270							as in the relaxed RFC 7159 allowing all values such as objects,
271							arrays, strings, numbers, "null", "true", and "false".
272
273							For the type argument see L.
274
275							=item $is_boolean = Cpanel::JSON::XS::is_bool $scalar
276
277							Returns true if the passed scalar represents either C
278							or C, two constants that act like C<1> and C<0>,
279							respectively and are used to represent JSON C and C
280							values in Perl.
281
282							See MAPPING, below, for more information on how JSON values are mapped
283							to Perl.
284
285							=back
286
287							=head1 DEPRECATED FUNCTIONS
288
289							=over
290
291							=item from_json
292
293							from_json has been renamed to decode_json
294
295							=item to_json
296
297							to_json has been renamed to encode_json
298
299							=back
300
301
302							=head1 A FEW NOTES ON UNICODE AND PERL
303
304							Since this often leads to confusion, here are a few very clear words on
305							how Unicode works in Perl, modulo bugs.
306
307							=over 4
308
309							=item 1. Perl strings can store characters with ordinal values > 255.
310
311							This enables you to store Unicode characters as single characters in a
312							Perl string - very natural.
313
314							=item 2. Perl does I associate an encoding with your strings.
315
316							... until you force it to, e.g. when matching it against a regex, or
317							printing the scalar to a file, in which case Perl either interprets
318							your string as locale-encoded text, octets/binary, or as Unicode,
319							depending on various settings. In no case is an encoding stored
320							together with your data, it is I that decides encoding, not any
321							magical meta data.
322
323							=item 3. The internal utf-8 flag has no meaning with regards to the
324							encoding of your string.
325
326							=item 4. A "Unicode String" is simply a string where each character
327							can be validly interpreted as a Unicode code point.
328
329							If you have UTF-8 encoded data, it is no longer a Unicode string, but
330							a Unicode string encoded in UTF-8, giving you a binary string.
331
332							=item 5. A string containing "high" (> 255) character values is I
333							a UTF-8 string.
334
335							=item 6. Unicode noncharacters only warn, as in core.
336
337							The 66 Unicode noncharacters U+FDD0..U+FDEF, and U+FFFE, U+FFFF just
338							warn, see L. But
339							illegal surrogate pairs fail to parse.
340
341							=item 7. Raw non-Unicode characters above U+10FFFF are disallowed.
342
343							Raw non-Unicode characters outside the valid unicode range fail to
344							parse, because "A string is a sequence of zero or more Unicode
345							characters" RFC 7159 section 1 and "JSON text SHALL be encoded in
346							Unicode RFC 7159 section 8.1. We use now the UTF8_DISALLOW_SUPER
347							flag when parsing unicode.
348
349							=back
350
351							I hope this helps :)
352
353
354							=head1 OBJECT-ORIENTED INTERFACE
355
356							The object oriented interface lets you configure your own encoding or
357							decoding style, within the limits of supported formats.
358
359							=over 4
360
361							=item $json = new Cpanel::JSON::XS
362
363							Creates a new JSON object that can be used to de/encode JSON
364							strings. All boolean flags described below are by default I.
365
366							The mutators for flags all return the JSON object again and thus calls can
367							be chained:
368
369							my $json = Cpanel::JSON::XS->new->utf8->space_after->encode ({a => [1,2]})
370							=> {"a": [1, 2]}
371
372							=item $json = $json->ascii ([$enable])
373
374							=item $enabled = $json->get_ascii
375
376							If C<$enable> is true (or missing), then the C method will not
377							generate characters outside the code range C<0..127> (which is ASCII). Any
378							Unicode characters outside that range will be escaped using either a
379							single C<\uXXXX> (BMP characters) or a double C<\uHHHH\uLLLLL> escape sequence,
380							as per RFC4627. The resulting encoded JSON text can be treated as a native
381							Unicode string, an ascii-encoded, latin1-encoded or UTF-8 encoded string,
382							or any other superset of ASCII.
383
384							If C<$enable> is false, then the C method will not escape Unicode
385							characters unless required by the JSON syntax or other flags. This results
386							in a faster and more compact format.
387
388							See also the section I later in this
389							document.
390
391							The main use for this flag is to produce JSON texts that can be
392							transmitted over a 7-bit channel, as the encoded JSON texts will not
393							contain any 8 bit characters.
394
395							Cpanel::JSON::XS->new->ascii (1)->encode ([chr 0x10401])
396							=> ["\ud801\udc01"]
397
398							=item $json = $json->latin1 ([$enable])
399
400							=item $enabled = $json->get_latin1
401
402							If C<$enable> is true (or missing), then the C method will encode
403							the resulting JSON text as latin1 (or ISO-8859-1), escaping any characters
404							outside the code range C<0..255>. The resulting string can be treated as a
405							latin1-encoded JSON text or a native Unicode string. The C method
406							will not be affected in any way by this flag, as C by default
407							expects Unicode, which is a strict superset of latin1.
408
409							If C<$enable> is false, then the C method will not escape Unicode
410							characters unless required by the JSON syntax or other flags.
411
412							See also the section I later in this
413							document.
414
415							The main use for this flag is efficiently encoding binary data as JSON
416							text, as most octets will not be escaped, resulting in a smaller encoded
417							size. The disadvantage is that the resulting JSON text is encoded
418							in latin1 (and must correctly be treated as such when storing and
419							transferring), a rare encoding for JSON. It is therefore most useful when
420							you want to store data structures known to contain binary data efficiently
421							in files or databases, not when talking to other JSON encoders/decoders.
422
423							Cpanel::JSON::XS->new->latin1->encode (["\x{89}\x{abc}"]
424							=> ["\x{89}\\u0abc"] # (perl syntax, U+abc escaped, U+89 not)
425
426
427							=item $json = $json->binary ([$enable])
428
429							=item $enabled = $json = $json->get_binary
430
431							If the C<$enable> argument is true (or missing), then the C
432							method will not try to detect an UTF-8 encoding in any JSON string, it
433							will strictly interpret it as byte sequence. The result might contain
434							new C<\xNN> sequences, which is B. The C
435							method forbids C<\uNNNN> sequences and accepts C<\xNN> and octal
436							C<\NNN> sequences.
437
438							There is also a special logic for perl 5.6 and utf8. 5.6 encodes any
439							string to utf-8 automatically when seeing a codepoint >= C<0x80> and
440							< C<0x100>. With the binary flag enabled decode the perl utf8 encoded
441							string to the original byte encoding and encode this with C<\xNN>
442							escapes. This will result to the same encodings as with newer
443							perls. But note that binary multi-byte codepoints with 5.6 will
444							result in C errors,
445							unlike with newer perls.
446
447							If C<$enable> is false, then the C method will smartly try to
448							detect Unicode characters unless required by the JSON syntax or other
449							flags and hex and octal sequences are forbidden.
450
451							See also the section I later in this
452							document.
453
454							The main use for this flag is to avoid the smart unicode detection and
455							possible double encoding. The disadvantage is that the resulting JSON
456							text is encoded in new C<\xNN> and in latin1 characters and must
457							correctly be treated as such when storing and transferring, a rare
458							encoding for JSON. It will produce non-readable JSON strings in the
459							browser. It is therefore most useful when you want to store data
460							structures known to contain binary data efficiently in files or
461							databases, not when talking to other JSON encoders/decoders. The
462							binary decoding method can also be used when an encoder produced a
463							non-JSON conformant hex or octal encoding C<\xNN> or C<\NNN>.
464
465							Cpanel::JSON::XS->new->binary->encode (["\x{89}\x{abc}"])
466							5.6: Error: malformed or illegal unicode character in binary string
467							>=5.8: ['\x89\xe0\xaa\xbc']
468
469							Cpanel::JSON::XS->new->binary->encode (["\x{89}\x{bc}"])
470							=> ["\x89\xbc"]
471
472							Cpanel::JSON::XS->new->binary->decode (["\x89\ua001"])
473							Error: malformed or illegal unicode character in binary string
474
475							Cpanel::JSON::XS->new->decode (["\x89"])
476							Error: illegal hex character in non-binary string
477
478
479							=item $json = $json->utf8 ([$enable])
480
481							=item $enabled = $json->get_utf8
482
483							If C<$enable> is true (or missing), then the C method will encode
484							the JSON result into UTF-8, as required by many protocols, while the
485							C method expects to be handled an UTF-8-encoded string. Please
486							note that UTF-8-encoded strings do not contain any characters outside the
487							range C<0..255>, they are thus useful for bytewise/binary I/O. In future
488							versions, enabling this option might enable autodetection of the UTF-16
489							and UTF-32 encoding families, as described in RFC4627.
490
491							If C<$enable> is false, then the C method will return the JSON
492							string as a (non-encoded) Unicode string, while C expects thus a
493							Unicode string. Any decoding or encoding (e.g. to UTF-8 or UTF-16) needs
494							to be done yourself, e.g. using the Encode module.
495
496							See also the section I later in this
497							document.
498
499							Example, output UTF-16BE-encoded JSON:
500
501							use Encode;
502							$jsontext = encode "UTF-16BE", Cpanel::JSON::XS->new->encode ($object);
503
504							Example, decode UTF-32LE-encoded JSON:
505
506							use Encode;
507							$object = Cpanel::JSON::XS->new->decode (decode "UTF-32LE", $jsontext);
508
509							=item $json = $json->pretty ([$enable])
510
511							This enables (or disables) all of the C, C and
512							C (and in the future possibly more) flags in one call to
513							generate the most readable (or most compact) form possible.
514
515							Example, pretty-print some simple structure:
516
517							my $json = Cpanel::JSON::XS->new->pretty(1)->encode ({a => [1,2]})
518							=>
519							{
520							"a" : [
521							1,
522							2
523							]
524							}
525
526
527							=item $json = $json->indent ([$enable])
528
529							=item $enabled = $json->get_indent
530
531							If C<$enable> is true (or missing), then the C method will use
532							a multiline format as output, putting every array member or
533							object/hash key-value pair into its own line, indenting them properly.
534
535							If C<$enable> is false, no newlines or indenting will be produced, and the
536							resulting JSON text is guaranteed not to contain any C.
537
538							This setting has no effect when decoding JSON texts.
539
540							=item $json = $json->indent_length([$number_of_spaces])
541
542							=item $length = $json->get_indent_length()
543
544							Set the indent length (default C<3>).
545							This option is only useful when you also enable indent or pretty.
546							The acceptable range is from 0 (no indentation) to 15
547
548							=item $json = $json->space_before ([$enable])
549
550							=item $enabled = $json->get_space_before
551
552							If C<$enable> is true (or missing), then the C method will add an extra
553							optional space before the C<:> separating keys from values in JSON objects.
554
555							If C<$enable> is false, then the C method will not add any extra
556							space at those places.
557
558							This setting has no effect when decoding JSON texts. You will also
559							most likely combine this setting with C.
560
561							Example, space_before enabled, space_after and indent disabled:
562
563							{"key" :"value"}
564
565							=item $json = $json->space_after ([$enable])
566
567							=item $enabled = $json->get_space_after
568
569							If C<$enable> is true (or missing), then the C method will add
570							an extra optional space after the C<:> separating keys from values in
571							JSON objects and extra whitespace after the C<,> separating key-value
572							pairs and array members.
573
574							If C<$enable> is false, then the C method will not add any extra
575							space at those places.
576
577							This setting has no effect when decoding JSON texts.
578
579							Example, space_before and indent disabled, space_after enabled:
580
581							{"key": "value"}
582
583							=item $json = $json->relaxed ([$enable])
584
585							=item $enabled = $json->get_relaxed
586
587							If C<$enable> is true (or missing), then C will accept some
588							extensions to normal JSON syntax (see below). C will not be
589							affected in anyway. I
590							JSON texts as if they were valid!>. I suggest only to use this option to
591							parse application-specific files written by humans (configuration files,
592							resource files etc.)
593
594							If C<$enable> is false (the default), then C will only accept
595							valid JSON texts.
596
597							Currently accepted extensions are:
598
599							=over 4
600
601							=item * list items can have an end-comma
602
603							JSON I array elements and key-value pairs with commas. This
604							can be annoying if you write JSON texts manually and want to be able to
605							quickly append elements, so this extension accepts comma at the end of
606							such items not just between them:
607
608							[
609							1,
610							2, <- this comma not normally allowed
611							]
612							{
613							"k1": "v1",
614							"k2": "v2", <- this comma not normally allowed
615							}
616
617							=item * shell-style '#'-comments
618
619							Whenever JSON allows whitespace, shell-style comments are additionally
620							allowed. They are terminated by the first carriage-return or line-feed
621							character, after which more white-space and comments are allowed.
622
623							[
624							1, # this comment not allowed in JSON
625							# neither this one...
626							]
627
628							=item * literal ASCII TAB characters in strings
629
630							Literal ASCII TAB characters are now allowed in strings (and treated as
631							C<\t>) in relaxed mode. Despite JSON mandates, that TAB character is
632							substituted for "\t" sequence.
633
634							[
635							"Hello\tWorld",
636							"HelloWorld", # literal would not normally be allowed
637							]
638
639							=item * allow_singlequote
640
641							Single quotes are accepted instead of double quotes. See the
642							L option.
643
644							{ "foo":'bar' }
645							{ 'foo':"bar" }
646							{ 'foo':'bar' }
647
648							=item * allow_barekey
649
650							Accept unquoted object keys instead of with mandatory double quotes. See the
651							L option.
652
653							{ foo:"bar" }
654
655							=item * allow_dupkeys
656
657							Allow decoding of duplicate keys in hashes. By default duplicate keys are forbidden.
658							See L:
659							RFC 7159 section 4: "The names within an object should be unique."
660							See the L option.
661
662							=back
663
664
665							=item $json = $json->canonical ([$enable])
666
667							=item $enabled = $json->get_canonical
668
669							If C<$enable> is true (or missing), then the C method will
670							output JSON objects by sorting their keys. This is adding a
671							comparatively high overhead.
672
673							If C<$enable> is false, then the C method will output key-value
674							pairs in the order Perl stores them (which will likely change between runs
675							of the same script, and can change even within the same run from 5.18
676							onwards).
677
678							This option is useful if you want the same data structure to be encoded as
679							the same JSON text (given the same overall settings). If it is disabled,
680							the same hash might be encoded differently even if contains the same data,
681							as key-value pairs have no inherent ordering in Perl.
682
683							This setting has no effect when decoding JSON texts.
684
685							This setting has currently no effect on tied hashes.
686
687
688							=item $json = $json->sort_by (undef, 0, 1 or a block)
689
690							This currently only (un)sets the C option, and ignores
691							custom sort blocks.
692
693							This setting has no effect when decoding JSON texts.
694
695							This setting has currently no effect on tied hashes.
696
697
698							=item $json = $json->escape_slash ([$enable])
699
700							=item $enabled = $json->get_escape_slash
701
702							According to the JSON Grammar, the I character (U+002F)
703							C<"/"> need to be escaped. But by default strings are encoded without
704							escaping slashes in all perl JSON encoders.
705
706							If C<$enable> is true (or missing), then C will escape slashes,
707							C<"\/">.
708
709							This setting has no effect when decoding JSON texts.
710
711
712							=item $json = $json->unblessed_bool ([$enable])
713
714							=item $enabled = $json->get_unblessed_bool
715
716							$json = $json->unblessed_bool([$enable])
717
718							If C<$enable> is true (or missing), then C will return
719							Perl non-object boolean variables (1 and 0) for JSON booleans
720							(C and C). If C<$enable> is false, then C
721							will return C objects for JSON booleans.
722
723
724							=item $json = $json->allow_singlequote ([$enable])
725
726							=item $enabled = $json->get_allow_singlequote
727
728							$json = $json->allow_singlequote([$enable])
729
730							If C<$enable> is true (or missing), then C will accept
731							JSON strings quoted by single quotations that are invalid JSON
732							format.
733
734							$json->allow_singlequote->decode({"foo":'bar'});
735							$json->allow_singlequote->decode({'foo':"bar"});
736							$json->allow_singlequote->decode({'foo':'bar'});
737
738							This is also enabled with C.
739							As same as the C option, this option may be used to parse
740							application-specific files written by humans.
741
742
743							=item $json = $json->allow_barekey ([$enable])
744
745							=item $enabled = $json->get_allow_barekey
746
747							$json = $json->allow_barekey([$enable])
748
749							If C<$enable> is true (or missing), then C will accept
750							bare keys of JSON object that are invalid JSON format.
751
752							Same as with the C option, this option may be used to parse
753							application-specific files written by humans.
754
755							$json->allow_barekey->decode('{foo:"bar"}');
756
757							=item $json = $json->allow_bignum ([$enable])
758
759							=item $enabled = $json->get_allow_bignum
760
761							$json = $json->allow_bignum([$enable])
762
763							If C<$enable> is true (or missing), then C will convert
764							the big integer Perl cannot handle as integer into a L
765							object and convert a floating number (any) into a L.
766
767							On the contrary, C converts C objects and
768							C objects into JSON numbers with C
769							enable.
770
771							$json->allow_nonref->allow_blessed->allow_bignum;
772							$bigfloat = $json->decode('2.000000000000000000000000001');
773							print $json->encode($bigfloat);
774							# => 2.000000000000000000000000001
775
776							See L about the normal conversion of JSON number.
777
778
779							=item $json = $json->allow_bigint ([$enable])
780
781							This option is obsolete and replaced by allow_bignum.
782
783
784							=item $json = $json->allow_nonref ([$enable])
785
786							=item $enabled = $json->get_allow_nonref
787
788							If C<$enable> is true (or missing), then the C method can
789							convert a non-reference into its corresponding string, number or null
790							JSON value, which is an extension to RFC4627. Likewise, C will
791							accept those JSON values instead of croaking.
792
793							If C<$enable> is false, then the C method will croak if it isn't
794							passed an arrayref or hashref, as JSON texts must either be an object
795							or array. Likewise, C will croak if given something that is not a
796							JSON object or array.
797
798							Example, encode a Perl scalar as JSON value with enabled C,
799							resulting in an invalid JSON text:
800
801							Cpanel::JSON::XS->new->allow_nonref->encode ("Hello, World!")
802							=> "Hello, World!"
803
804							=item $json = $json->allow_unknown ([$enable])
805
806							=item $enabled = $json->get_allow_unknown
807
808							If C<$enable> is true (or missing), then C will I throw an
809							exception when it encounters values it cannot represent in JSON (for
810							example, filehandles) but instead will encode a JSON C value. Note
811							that blessed objects are not included here and are handled separately by
812							c.
813
814							If C<$enable> is false (the default), then C will throw an
815							exception when it encounters anything it cannot encode as JSON.
816
817							This option does not affect C in any way, and it is recommended to
818							leave it off unless you know your communications partner.
819
820							=item $json = $json->allow_stringify ([$enable])
821
822							=item $enabled = $json->get_allow_stringify
823
824							If C<$enable> is true (or missing), then C will stringify the
825							non-object perl value or reference. Note that blessed objects are not
826							included here and are handled separately by C and
827							C. String references are stringified to the string
828							value, other references as in perl.
829
830							This option does not affect C in any way.
831
832							This option is special to this module, it is not supported by other
833							encoders. So it is not recommended to use it.
834
835							=item $json = $json->require_types ([$enable])
836
837							=item $enable = $json->get_require_types
838
839							$json = $json->require_types([$enable])
840
841							If C<$enable> is true (or missing), then C will require
842							second argument with supplied JSON types. See L.
843							When second argument is not provided (or is undef), then C
844							croaks. It also croaks when the type for provided structure in
845							C is incomplete.
846
847							=item $json = $json->allow_dupkeys ([$enable])
848
849							=item $enabled = $json->get_allow_dupkeys
850
851							If C<$enable> is true (or missing), then the C method will not
852							die when it encounters duplicate keys in a hash.
853							C is also enabled in the C mode.
854
855							The JSON spec allows duplicate name in objects but recommends to
856							disable it, however with Perl hashes they are impossible, parsing
857							JSON in Perl silently ignores duplicate names, using the last value
858							found.
859
860							See L:
861							RFC 7159 section 4: "The names within an object should be unique."
862
863							=item $json = $json->allow_blessed ([$enable])
864
865							=item $enabled = $json->get_allow_blessed
866
867							If C<$enable> is true (or missing), then the C method will not
868							barf when it encounters a blessed reference. Instead, the value of the
869							B option will decide whether C (C
870							disabled or no C method found) or a representation of the
871							object (C enabled and C method found) is being
872							encoded. Has no effect on C.
873
874							If C<$enable> is false (the default), then C will throw an
875							exception when it encounters a blessed object.
876
877							This setting has no effect on C.
878
879							=item $json = $json->convert_blessed ([$enable])
880
881							=item $enabled = $json->get_convert_blessed
882
883							If C<$enable> is true (or missing), then C, upon encountering a
884							blessed object, will check for the availability of the C method
885							on the object's class. If found, it will be called in scalar context
886							and the resulting scalar will be encoded instead of the object. If no
887							C method is found, a stringification overload method is tried next.
888							If both are not found, the value of C will decide what
889							to do.
890
891							The C method may safely call die if it wants. If C
892							returns other blessed objects, those will be handled in the same
893							way. C must take care of not causing an endless recursion
894							cycle (== crash) in this case. The same care must be taken with
895							calling encode in stringify overloads (even if this works by luck in
896							older perls) or other callbacks. The name of C was chosen
897							because other methods called by the Perl core (== not by the user of
898							the object) are usually in upper case letters and to avoid collisions
899							with any C function or method.
900
901							If C<$enable> is false (the default), then C will not consider
902							this type of conversion.
903
904							This setting has no effect on C.
905
906							=item $json = $json->allow_tags ([$enable])
907
908							=item $enabled = $json->get_allow_tags
909
910							See L
911
912							If C<$enable> is true (or missing), then C, upon encountering a
913							blessed object, will check for the availability of the C method on
914							the object's class. If found, it will be used to serialize the object into
915							a nonstandard tagged JSON value (that JSON decoders cannot decode).
916
917							It also causes C to parse such tagged JSON values and deserialize
918							them via a call to the C method.
919
920							If C<$enable> is false (the default), then C will not consider
921							this type of conversion, and tagged JSON values will cause a parse error
922							in C, as if tags were not part of the grammar.
923
924							=item $json = $json->filter_json_object ([$coderef->($hashref)])
925
926							When C<$coderef> is specified, it will be called from C each
927							time it decodes a JSON object. The only argument is a reference to the
928							newly-created hash. If the code references returns a single scalar (which
929							need not be a reference), this value (i.e. a copy of that scalar to avoid
930							aliasing) is inserted into the deserialized data structure. If it returns
931							an empty list (NOTE: I C, which is a valid scalar), the
932							original deserialized hash will be inserted. This setting can slow down
933							decoding considerably.
934
935							When C<$coderef> is omitted or undefined, any existing callback will
936							be removed and C will not change the deserialized hash in any
937							way.
938
939							Example, convert all JSON objects into the integer 5:
940
941							my $js = Cpanel::JSON::XS->new->filter_json_object (sub { 5 });
942							# returns [5]
943							$js->decode ('[{}]')
944							# throw an exception because allow_nonref is not enabled
945							# so a lone 5 is not allowed.
946							$js->decode ('{"a":1, "b":2}');
947
948							=item $json = $json->filter_json_single_key_object ($key [=> $coderef->($value)])
949
950							Works remotely similar to C, but is only called for
951							JSON objects having a single key named C<$key>.
952
953							This C<$coderef> is called before the one specified via
954							C, if any. It gets passed the single value in the JSON
955							object. If it returns a single value, it will be inserted into the data
956							structure. If it returns nothing (not even C but the empty list),
957							the callback from C will be called next, as if no
958							single-key callback were specified.
959
960							If C<$coderef> is omitted or undefined, the corresponding callback will be
961							disabled. There can only ever be one callback for a given key.
962
963							As this callback gets called less often then the C
964							one, decoding speed will not usually suffer as much. Therefore, single-key
965							objects make excellent targets to serialize Perl objects into, especially
966							as single-key JSON objects are as close to the type-tagged value concept
967							as JSON gets (it's basically an ID/VALUE tuple). Of course, JSON does not
968							support this in any way, so you need to make sure your data never looks
969							like a serialized Perl hash.
970
971							Typical names for the single object key are C<__class_whatever__>, or
972							C<$__dollars_are_rarely_used__$> or C<}ugly_brace_placement>, or even
973							things like C<__class_md5sum(classname)__>, to reduce the risk of clashing
974							with real hashes.
975
976							Example, decode JSON objects of the form C<< { "__widget__" => } >>
977							into the corresponding C<< $WIDGET{} >> object:
978
979							# return whatever is in $WIDGET{5}:
980							Cpanel::JSON::XS
981							->new
982							->filter_json_single_key_object (__widget__ => sub {
983							$WIDGET{ $_[0] }
984							})
985							->decode ('{"__widget__": 5')
986
987							# this can be used with a TO_JSON method in some "widget" class
988							# for serialization to json:
989							sub WidgetBase::TO_JSON {
990							my ($self) = @_;
991
992							unless ($self->{id}) {
993							$self->{id} = ..get..some..id..;
994							$WIDGET{$self->{id}} = $self;
995							}
996
997							{ __widget__ => $self->{id} }
998							}
999
1000							=item $json = $json->shrink ([$enable])
1001
1002							=item $enabled = $json->get_shrink
1003
1004							Perl usually over-allocates memory a bit when allocating space for
1005							strings. This flag optionally resizes strings generated by either
1006							C or C to their minimum size possible. This can save
1007							memory when your JSON texts are either very very long or you have many
1008							short strings. It will also try to downgrade any strings to octet-form
1009							if possible: perl stores strings internally either in an encoding called
1010							UTF-X or in octet-form. The latter cannot store everything but uses less
1011							space in general (and some buggy Perl or C code might even rely on that
1012							internal representation being used).
1013
1014							The actual definition of what shrink does might change in future versions,
1015							but it will always try to save space at the expense of time.
1016
1017							If C<$enable> is true (or missing), the string returned by C will
1018							be shrunk-to-fit, while all strings generated by C will also be
1019							shrunk-to-fit.
1020
1021							If C<$enable> is false, then the normal perl allocation algorithms are used.
1022							If you work with your data, then this is likely to be faster.
1023
1024							In the future, this setting might control other things, such as converting
1025							strings that look like integers or floats into integers or floats
1026							internally (there is no difference on the Perl level), saving space.
1027
1028							=item $json = $json->max_depth ([$maximum_nesting_depth])
1029
1030							=item $max_depth = $json->get_max_depth
1031
1032							Sets the maximum nesting level (default C<512>) accepted while encoding
1033							or decoding. If a higher nesting level is detected in JSON text or a Perl
1034							data structure, then the encoder and decoder will stop and croak at that
1035							point.
1036
1037							Nesting level is defined by number of hash- or arrayrefs that the encoder
1038							needs to traverse to reach a given point or the number of C<{> or C<[>
1039							characters without their matching closing parenthesis crossed to reach a
1040							given character in a string.
1041
1042							Setting the maximum depth to one disallows any nesting, so that ensures
1043							that the object is only a single hash/object or array.
1044
1045							If no argument is given, the highest possible setting will be used, which
1046							is rarely useful.
1047
1048							Note that nesting is implemented by recursion in C. The default value has
1049							been chosen to be as large as typical operating systems allow without
1050							crashing.
1051
1052							See SECURITY CONSIDERATIONS, below, for more info on why this is useful.
1053
1054							=item $json = $json->max_size ([$maximum_string_size])
1055
1056							=item $max_size = $json->get_max_size
1057
1058							Set the maximum length a JSON text may have (in bytes) where decoding is
1059							being attempted. The default is C<0>, meaning no limit. When C
1060							is called on a string that is longer then this many bytes, it will not
1061							attempt to decode the string but throw an exception. This setting has no
1062							effect on C (yet).
1063
1064							If no argument is given, the limit check will be deactivated (same as when
1065							C<0> is specified).
1066
1067							See L, below, for more info on why this is useful.
1068
1069							=item $json->stringify_infnan ([$infnan_mode = 1])
1070
1071							=item $infnan_mode = $json->get_stringify_infnan
1072
1073							Get or set how Cpanel::JSON::XS encodes C, C<-inf> or C for numeric
1074							values. Also qnan, snan or negative nan on some platforms.
1075
1076							C: infnan_mode = 0. Similar to most JSON modules in other languages.
1077							Always null.
1078
1079							stringified: infnan_mode = 1. As in Mojo::JSON. Platform specific strings.
1080							Stringified via sprintf(%g), with double quotes.
1081
1082							inf/nan: infnan_mode = 2. As in JSON::XS, and older releases.
1083							Passes through platform dependent values, invalid JSON. Stringified via
1084							sprintf(%g), but without double quotes.
1085
1086							"inf/-inf/nan": infnan_mode = 3. Platform independent inf/nan/-inf
1087							strings. No QNAN/SNAN/negative NAN support, unified to "nan". Much
1088							easier to detect, but may conflict with valid strings.
1089
1090							=item $json_text = $json->encode ($perl_scalar, $json_type)
1091
1092							Converts the given Perl data structure (a simple scalar or a reference
1093							to a hash or array) to its JSON representation. Simple scalars will be
1094							converted into JSON string or number sequences, while references to
1095							arrays become JSON arrays and references to hashes become JSON
1096							objects. Undefined Perl values (e.g. C) become JSON C
1097							values. Neither C nor C values will be generated.
1098
1099							For the type argument see L.
1100
1101							=item $perl_scalar = $json->decode ($json_text, my $json_type)
1102
1103							The opposite of C: expects a JSON text and tries to parse it,
1104							returning the resulting simple scalar or reference. Croaks on error.
1105
1106							JSON numbers and strings become simple Perl scalars. JSON arrays become
1107							Perl arrayrefs and JSON objects become Perl hashrefs. C becomes
1108							C<1>, C becomes C<0> and C becomes C.
1109
1110							For the type argument see L.
1111
1112							=item ($perl_scalar, $characters) = $json->decode_prefix ($json_text)
1113
1114							This works like the C method, but instead of raising an exception
1115							when there is trailing garbage after the first JSON object, it will
1116							silently stop parsing there and return the number of characters consumed
1117							so far.
1118
1119							This is useful if your JSON texts are not delimited by an outer protocol
1120							and you need to know where the JSON text ends.
1121
1122							Cpanel::JSON::XS->new->decode_prefix ("[1] the tail")
1123							=> ([1], 3)
1124
1125							=item $json->to_json ($perl_hash_or_arrayref)
1126
1127							Deprecated method for perl 5.8 and newer. Use L instead.
1128
1129							=item $json->from_json ($utf8_encoded_json_text)
1130
1131							Deprecated method for perl 5.8 and newer. Use L instead.
1132
1133							=back
1134
1135
1136							=head1 INCREMENTAL PARSING
1137
1138							In some cases, there is the need for incremental parsing of JSON
1139							texts. While this module always has to keep both JSON text and resulting
1140							Perl data structure in memory at one time, it does allow you to parse a
1141							JSON stream incrementally. It does so by accumulating text until it has
1142							a full JSON object, which it then can decode. This process is similar to
1143							using C to see if a full JSON object is available, but
1144							is much more efficient (and can be implemented with a minimum of method
1145							calls).
1146
1147							Cpanel::JSON::XS will only attempt to parse the JSON text once it is
1148							sure it has enough text to get a decisive result, using a very simple
1149							but truly incremental parser. This means that it sometimes won't stop
1150							as early as the full parser, for example, it doesn't detect mismatched
1151							parentheses. The only thing it guarantees is that it starts decoding
1152							as soon as a syntactically valid JSON text has been seen. This means
1153							you need to set resource limits (e.g. C) to ensure the
1154							parser will stop parsing in the presence if syntax errors.
1155
1156							The following methods implement this incremental parser.
1157
1158							=over 4
1159
1160							=item [void, scalar or list context] = $json->incr_parse ([$string])
1161
1162							This is the central parsing function. It can both append new text and
1163							extract objects from the stream accumulated so far (both of these
1164							functions are optional).
1165
1166							If C<$string> is given, then this string is appended to the already
1167							existing JSON fragment stored in the C<$json> object.
1168
1169							After that, if the function is called in void context, it will simply
1170							return without doing anything further. This can be used to add more text
1171							in as many chunks as you want.
1172
1173							If the method is called in scalar context, then it will try to extract
1174							exactly I JSON object. If that is successful, it will return this
1175							object, otherwise it will return C. If there is a parse error,
1176							this method will croak just as C would do (one can then use
1177							C to skip the erroneous part). This is the most common way of
1178							using the method.
1179
1180							And finally, in list context, it will try to extract as many objects
1181							from the stream as it can find and return them, or the empty list
1182							otherwise. For this to work, there must be no separators between the JSON
1183							objects or arrays, instead they must be concatenated back-to-back. If
1184							an error occurs, an exception will be raised as in the scalar context
1185							case. Note that in this case, any previously-parsed JSON texts will be
1186							lost.
1187
1188							Example: Parse some JSON arrays/objects in a given string and return
1189							them.
1190
1191							my @objs = Cpanel::JSON::XS->new->incr_parse ("[5][7][1,2]");
1192
1193							=item $lvalue_string = $json->incr_text (>5.8 only)
1194
1195							This method returns the currently stored JSON fragment as an lvalue, that
1196							is, you can manipulate it. This I works when a preceding call to
1197							C in I successfully returned an object, and
1198							2. only with Perl >= 5.8
1199
1200							Under all other circumstances you must not call this function (I mean
1201							it. although in simple tests it might actually work, it I fail
1202							under real world conditions). As a special exception, you can also
1203							call this method before having parsed anything.
1204
1205							This function is useful in two cases: a) finding the trailing text after a
1206							JSON object or b) parsing multiple JSON objects separated by non-JSON text
1207							(such as commas).
1208
1209							=item $json->incr_skip
1210
1211							This will reset the state of the incremental parser and will remove
1212							the parsed text from the input buffer so far. This is useful after
1213							C died, in which case the input buffer and incremental parser
1214							state is left unchanged, to skip the text parsed so far and to reset the
1215							parse state.
1216
1217							The difference to C is that only text until the parse error
1218							occurred is removed.
1219
1220							=item $json->incr_reset
1221
1222							This completely resets the incremental parser, that is, after this call,
1223							it will be as if the parser had never parsed anything.
1224
1225							This is useful if you want to repeatedly parse JSON objects and want to
1226							ignore any trailing data, which means you have to reset the parser after
1227							each successful decode.
1228
1229							=back
1230
1231							=head2 LIMITATIONS
1232
1233							All options that affect decoding are supported, except
1234							C. The reason for this is that it cannot be made to work
1235							sensibly: JSON objects and arrays are self-delimited, i.e. you can
1236							concatenate them back to back and still decode them perfectly. This
1237							does not hold true for JSON numbers, however.
1238
1239							For example, is the string C<1> a single JSON number, or is it simply
1240							the start of C<12>? Or is C<12> a single JSON number, or the
1241							concatenation of C<1> and C<2>? In neither case you can tell, and this
1242							is why Cpanel::JSON::XS takes the conservative route and disallows
1243							this case.
1244
1245							=head2 EXAMPLES
1246
1247							Some examples will make all this clearer. First, a simple example that
1248							works similarly to C: We want to decode the JSON object at
1249							the start of a string and identify the portion after the JSON object:
1250
1251							my $text = "[1,2,3] hello";
1252
1253							my $json = new Cpanel::JSON::XS;
1254
1255							my $obj = $json->incr_parse ($text)
1256							or die "expected JSON object or array at beginning of string";
1257
1258							my $tail = $json->incr_text;
1259							# $tail now contains " hello"
1260
1261							Easy, isn't it?
1262
1263							Now for a more complicated example: Imagine a hypothetical protocol where
1264							you read some requests from a TCP stream, and each request is a JSON
1265							array, without any separation between them (in fact, it is often useful to
1266							use newlines as "separators", as these get interpreted as whitespace at
1267							the start of the JSON text, which makes it possible to test said protocol
1268							with C...).
1269
1270							Here is how you'd do it (it is trivial to write this in an event-based
1271							manner):
1272
1273							my $json = new Cpanel::JSON::XS;
1274
1275							# read some data from the socket
1276							while (sysread $socket, my $buf, 4096) {
1277
1278							# split and decode as many requests as possible
1279							for my $request ($json->incr_parse ($buf)) {
1280							# act on the $request
1281							}
1282							}
1283
1284							Another complicated example: Assume you have a string with JSON objects
1285							or arrays, all separated by (optional) comma characters (e.g. C<[1],[2],
1286							[3]>). To parse them, we have to skip the commas between the JSON texts,
1287							and here is where the lvalue-ness of C comes in useful:
1288
1289							my $text = "[1],[2], [3]";
1290							my $json = new Cpanel::JSON::XS;
1291
1292							# void context, so no parsing done
1293							$json->incr_parse ($text);
1294
1295							# now extract as many objects as possible. note the
1296							# use of scalar context so incr_text can be called.
1297							while (my $obj = $json->incr_parse) {
1298							# do something with $obj
1299
1300							# now skip the optional comma
1301							$json->incr_text =~ s/^ \s* , //x;
1302							}
1303
1304							Now lets go for a very complex example: Assume that you have a gigantic
1305							JSON array-of-objects, many gigabytes in size, and you want to parse it,
1306							but you cannot load it into memory fully (this has actually happened in
1307							the real world :).
1308
1309							Well, you lost, you have to implement your own JSON parser. But
1310							Cpanel::JSON::XS can still help you: You implement a (very simple)
1311							array parser and let JSON decode the array elements, which are all
1312							full JSON objects on their own (this wouldn't work if the array
1313							elements could be JSON numbers, for example):
1314
1315							my $json = new Cpanel::JSON::XS;
1316
1317							# open the monster
1318							open my $fh, "
1319							or die "bigfile: $!";
1320
1321							# first parse the initial "["
1322							for (;;) {
1323							sysread $fh, my $buf, 65536
1324							or die "read error: $!";
1325							$json->incr_parse ($buf); # void context, so no parsing
1326
1327							# Exit the loop once we found and removed(!) the initial "[".
1328							# In essence, we are (ab-)using the $json object as a simple scalar
1329							# we append data to.
1330							last if $json->incr_text =~ s/^ \s* \[ //x;
1331							}
1332
1333							# now we have the skipped the initial "[", so continue
1334							# parsing all the elements.
1335							for (;;) {
1336							# in this loop we read data until we got a single JSON object
1337							for (;;) {
1338							if (my $obj = $json->incr_parse) {
1339							# do something with $obj
1340							last;
1341							}
1342
1343							# add more data
1344							sysread $fh, my $buf, 65536
1345							or die "read error: $!";
1346							$json->incr_parse ($buf); # void context, so no parsing
1347							}
1348
1349							# in this loop we read data until we either found and parsed the
1350							# separating "," between elements, or the final "]"
1351							for (;;) {
1352							# first skip whitespace
1353							$json->incr_text =~ s/^\s*//;
1354
1355							# if we find "]", we are done
1356							if ($json->incr_text =~ s/^\]//) {
1357							print "finished.\n";
1358							exit;
1359							}
1360
1361							# if we find ",", we can continue with the next element
1362							if ($json->incr_text =~ s/^,//) {
1363							last;
1364							}
1365
1366							# if we find anything else, we have a parse error!
1367							if (length $json->incr_text) {
1368							die "parse error near ", $json->incr_text;
1369							}
1370
1371							# else add more data
1372							sysread $fh, my $buf, 65536
1373							or die "read error: $!";
1374							$json->incr_parse ($buf); # void context, so no parsing
1375							}
1376
1377							This is a complex example, but most of the complexity comes from the fact
1378							that we are trying to be correct (bear with me if I am wrong, I never ran
1379							the above example :).
1380
1381							=head1 BOM
1382
1383							Detect all unicode B on decode.
1384							Which are UTF-8, UTF-16LE, UTF-16BE, UTF-32LE and UTF-32BE.
1385
1386							The BOM encoding is set only for one specific decode call, it does not
1387							change the state of the JSON object.
1388
1389							B: With perls older than 5.20 you need load the Encode module
1390							before loading a multibyte BOM, i.e. >= UTF-16. Otherwise an error is
1391							thrown. This is an implementation limitation and might get fixed later.
1392
1393							See L
1394							I<"JSON text SHALL be encoded in UTF-8, UTF-16, or UTF-32.">
1395
1396							I<"Implementations MUST NOT add a byte order mark to the beginning of a
1397							JSON text", "implementations (...) MAY ignore the presence of a byte
1398							order mark rather than treating it as an error".>
1399
1400							See also L.
1401
1402							Beware that Cpanel::JSON::XS is currently the only JSON module which
1403							does accept and decode a BOM.
1404
1405							The latest JSON spec
1406							L
1407							forbid the usage of UTF-16 or UTF-32, the character encoding is UTF-8.
1408							Thus in subsequent updates BOM's of UTF-16 or UTF-32 will throw an error.
1409
1410							=head1 MAPPING
1411
1412							This section describes how Cpanel::JSON::XS maps Perl values to JSON
1413							values and vice versa. These mappings are designed to "do the right
1414							thing" in most circumstances automatically, preserving round-tripping
1415							characteristics (what you put in comes out as something equivalent).
1416
1417							For the more enlightened: note that in the following descriptions,
1418							lowercase I refers to the Perl interpreter, while uppercase I
1419							refers to the abstract Perl language itself.
1420
1421
1422							=head2 JSON -> PERL
1423
1424							=over 4
1425
1426							=item object
1427
1428							A JSON object becomes a reference to a hash in Perl. No ordering of object
1429							keys is preserved (JSON does not preserve object key ordering itself).
1430
1431							=item array
1432
1433							A JSON array becomes a reference to an array in Perl.
1434
1435							=item string
1436
1437							A JSON string becomes a string scalar in Perl - Unicode codepoints in JSON
1438							are represented by the same codepoints in the Perl string, so no manual
1439							decoding is necessary.
1440
1441							=item number
1442
1443							A JSON number becomes either an integer, numeric (floating point) or
1444							string scalar in perl, depending on its range and any fractional parts. On
1445							the Perl level, there is no difference between those as Perl handles all
1446							the conversion details, but an integer may take slightly less memory and
1447							might represent more values exactly than floating point numbers.
1448
1449							If the number consists of digits only, Cpanel::JSON::XS will try to
1450							represent it as an integer value. If that fails, it will try to
1451							represent it as a numeric (floating point) value if that is possible
1452							without loss of precision. Otherwise it will preserve the number as a
1453							string value (in which case you lose roundtripping ability, as the
1454							JSON number will be re-encoded to a JSON string).
1455
1456							Numbers containing a fractional or exponential part will always be
1457							represented as numeric (floating point) values, possibly at a loss of
1458							precision (in which case you might lose perfect roundtripping ability, but
1459							the JSON number will still be re-encoded as a JSON number).
1460
1461							Note that precision is not accuracy - binary floating point values
1462							cannot represent most decimal fractions exactly, and when converting
1463							from and to floating point, C only guarantees precision
1464							up to but not including the least significant bit.
1465
1466							=item true, false
1467
1468							When C is set to true, then JSON C becomes C<1> and
1469							JSON C becomes C<0>.
1470
1471							Otherwise these JSON atoms become C and
1472							C, respectively. They are C
1473							objects and are overloaded to act almost exactly like the numbers C<1>
1474							and C<0>. You can check whether a scalar is a JSON boolean by using
1475							the C function.
1476
1477							The other round, from perl to JSON, C which is represented as
1478							C becomes C, and C which is represented as
1479							C becomes C.
1480
1481							Via L you can now even force negation in C,
1482							without overloading of C:
1483
1484							my $false = Cpanel::JSON::XS::false;
1485							print($json->encode([!$false], [JSON_TYPE_BOOL]));
1486							=> [true]
1487
1488							=item null
1489
1490							A JSON null atom becomes C in Perl.
1491
1492							=item shell-style comments (C<< # I >>)
1493
1494							As a nonstandard extension to the JSON syntax that is enabled by the
1495							C setting, shell-style comments are allowed. They can start
1496							anywhere outside strings and go till the end of the line.
1497
1498							=item tagged values (C<< (I)I >>).
1499
1500							Another nonstandard extension to the JSON syntax, enabled with the
1501							C setting, are tagged values. In this implementation, the
1502							I must be a perl package/class name encoded as a JSON string, and the
1503							I must be a JSON array encoding optional constructor arguments.
1504
1505							See L
1506
1507							=back
1508
1509
1510							=head2 PERL -> JSON
1511
1512							The mapping from Perl to JSON is slightly more difficult, as Perl is a
1513							truly typeless language, so we can only guess which JSON type is meant by
1514							a Perl value.
1515
1516							=over 4
1517
1518							=item hash references
1519
1520							Perl hash references become JSON objects. As there is no inherent ordering
1521							in hash keys (or JSON objects), they will usually be encoded in a
1522							pseudo-random order that can change between runs of the same program but
1523							stays generally the same within a single run of a program. Cpanel::JSON::XS can
1524							optionally sort the hash keys (determined by the I flag), so
1525							the same datastructure will serialize to the same JSON text (given same
1526							settings and version of Cpanel::JSON::XS), but this incurs a runtime overhead
1527							and is only rarely useful, e.g. when you want to compare some JSON text
1528							against another for equality.
1529
1530							=item array references
1531
1532							Perl array references become JSON arrays.
1533
1534							=item other references
1535
1536							Other unblessed references are generally not allowed and will cause an
1537							exception to be thrown, except for references to the integers C<0> and
1538							C<1>, which get turned into C and C atoms in JSON.
1539
1540							With the option C, you can ignore the exception and return
1541							the stringification of the perl value.
1542
1543							With the option C, you can ignore the exception and
1544							return C instead.
1545
1546							encode_json [\"x"] # => cannot encode reference to scalar 'SCALAR(0x..)'
1547							# unless the scalar is 0 or 1
1548							encode_json [\0, \1] # yields [false,true]
1549
1550							allow_stringify->encode_json [\"x"] # yields "x" unlike JSON::PP
1551							allow_unknown->encode_json [\"x"] # yields null as in JSON::PP
1552
1553							=item Cpanel::JSON::XS::true, Cpanel::JSON::XS::false
1554
1555							These special values become JSON true and JSON false values,
1556							respectively. You can also use C<\1> and C<\0> or C and C
1557							directly if you want.
1558
1559							encode_json [Cpanel::JSON::XS::false, Cpanel::JSON::XS::true] # yields [false,true]
1560							encode_json [!1, !0], [JSON_TYPE_BOOL, JSON_TYPE_BOOL] # yields [false,true]
1561
1562							eq/ne comparisons with true, false:
1563
1564							false is eq to the empty string or the string 'false' or the special
1565							empty string C or C, i.e. C, or the numbers 0 or 0.0.
1566
1567							true is eq to the string 'true' or to the special string C
1568							(i.e. C) or to the numbers 1 or 1.0.
1569
1570							=item blessed objects
1571
1572							Blessed objects are not directly representable in JSON, but
1573							C allows various optional ways of handling
1574							objects. See L
1575
1576							See the C and C methods on various
1577							options on how to deal with this: basically, you can choose between
1578							throwing an exception, encoding the reference as if it weren't
1579							blessed, use the objects overloaded stringification method or provide
1580							your own serializer method.
1581
1582							=item simple scalars
1583
1584							Simple Perl scalars (any scalar that is not a reference) are the most
1585							difficult objects to encode: Cpanel::JSON::XS will encode undefined
1586							scalars or inf/nan as JSON C values and other scalars to either
1587							number or string in non-deterministic way which may be affected or
1588							changed by Perl version or any other loaded Perl module.
1589
1590							If you want to have stable and deterministic types in JSON encoder then
1591							use L.
1592
1593							Non-deterministic behavior is following: scalars that have last been
1594							used in a string context before encoding as JSON strings, and anything
1595							else as number value:
1596
1597							# dump as number
1598							encode_json [2] # yields [2]
1599							encode_json [-3.0e17] # yields [-3e+17]
1600							my $value = 5; encode_json [$value] # yields [5]
1601
1602							# used as string, but the two representations are for the same number
1603							print $value;
1604							encode_json [$value] # yields [5]
1605
1606							# used as different string (non-matching dual-var)
1607							my $str = '0 but true';
1608							my $num = 1 + $str;
1609							encode_json [$num, $str] # yields [1,"0 but true"]
1610
1611							# undef becomes null
1612							encode_json [undef] # yields [null]
1613
1614							# inf or nan becomes null, unless you answered
1615							# "Do you want to handle inf/nan as strings" with yes
1616							encode_json [999] # yields [null]
1617
1618							You can force the type to be a JSON string by stringifying it:
1619
1620							my $x = 3.1; # some variable containing a number
1621							"$x"; # stringified
1622							$x .= ""; # another, more awkward way to stringify
1623							print $x; # perl does it for you, too, quite often
1624
1625							You can force the type to be a JSON number by numifying it:
1626
1627							my $x = "3"; # some variable containing a string
1628							$x += 0; # numify it, ensuring it will be dumped as a number
1629							$x *= 1; # same thing, the choice is yours.
1630
1631							Note that numerical precision has the same meaning as under Perl (so
1632							binary to decimal conversion follows the same rules as in Perl, which
1633							can differ to other languages). Also, your perl interpreter might expose
1634							extensions to the floating point numbers of your platform, such as
1635							infinities or NaN's - these cannot be represented in JSON, and thus
1636							null is returned instead. Optionally you can configure it to stringify
1637							inf and nan values.
1638
1639							=back
1640
1641							=head2 OBJECT SERIALIZATION
1642
1643							As JSON cannot directly represent Perl objects, you have to choose between
1644							a pure JSON representation (without the ability to deserialize the object
1645							automatically again), and a nonstandard extension to the JSON syntax,
1646							tagged values.
1647
1648							=head3 SERIALIZATION
1649
1650							What happens when C encounters a Perl object depends
1651							on the C, C and C
1652							settings, which are used in this order:
1653
1654							=over 4
1655
1656							=item 1. C is enabled and the object has a C method.
1657
1658							In this case, C uses the L object
1659							serialization protocol to create a tagged JSON value, using a nonstandard
1660							extension to the JSON syntax.
1661
1662							This works by invoking the C method on the object, with the first
1663							argument being the object to serialize, and the second argument being the
1664							constant string C to distinguish it from other serializers.
1665
1666							The C method can return any number of values (i.e. zero or
1667							more). These values and the paclkage/classname of the object will then be
1668							encoded as a tagged JSON value in the following format:
1669
1670							("classname")[FREEZE return values...]
1671
1672							e.g.:
1673
1674							("URI")["http://www.google.com/"]
1675							("MyDate")[2013,10,29]
1676							("ImageData::JPEG")["Z3...VlCg=="]
1677
1678							For example, the hypothetical C C method might use the
1679							objects C and C members to encode the object:
1680
1681							sub My::Object::FREEZE {
1682							my ($self, $serializer) = @_;
1683
1684							($self->{type}, $self->{id})
1685							}
1686
1687							=item 2. C is enabled and the object has a C method.
1688
1689							In this case, the C method of the object is invoked in scalar
1690							context. It must return a single scalar that can be directly encoded into
1691							JSON. This scalar replaces the object in the JSON text.
1692
1693							For example, the following C method will convert all L
1694							objects to JSON strings when serialized. The fact that these values
1695							originally were L objects is lost.
1696
1697							sub URI::TO_JSON {
1698							my ($uri) = @_;
1699							$uri->as_string
1700							}
1701
1702							=item 3. C is enabled and the object has a stringification overload.
1703
1704							In this case, the overloaded C<""> method of the object is invoked in scalar
1705							context. It must return a single scalar that can be directly encoded into
1706							JSON. This scalar replaces the object in the JSON text.
1707
1708							For example, the following C<""> method will convert all L
1709							objects to JSON strings when serialized. The fact that these values
1710							originally were L objects is lost.
1711
1712							package URI;
1713							use overload '""' => sub { shift->as_string };
1714
1715							=item 4. C is enabled.
1716
1717							The object will be serialized as a JSON null value.
1718
1719							=item 5. none of the above
1720
1721							If none of the settings are enabled or the respective methods are missing,
1722							C throws an exception.
1723
1724							=back
1725
1726							=head3 DESERIALIZATION
1727
1728							For deserialization there are only two cases to consider: either
1729							nonstandard tagging was used, in which case C decides,
1730							or objects cannot be automatically be deserialized, in which
1731							case you can use postprocessing or the C or
1732							C callbacks to get some real objects our of
1733							your JSON.
1734
1735							This section only considers the tagged value case: I a tagged JSON object
1736							is encountered during decoding and C is disabled, a parse
1737							error will result (as if tagged values were not part of the grammar).
1738
1739							If C is enabled, C will look up the C method
1740							of the package/classname used during serialization (it will not attempt
1741							to load the package as a Perl module). If there is no such method, the
1742							decoding will fail with an error.
1743
1744							Otherwise, the C method is invoked with the classname as first
1745							argument, the constant string C as second argument, and all the
1746							values from the JSON array (the values originally returned by the
1747							C method) as remaining arguments.
1748
1749							The method must then return the object. While technically you can return
1750							any Perl scalar, you might have to enable the C setting to
1751							make that work in all cases, so better return an actual blessed reference.
1752
1753							As an example, let's implement a C function that regenerates the
1754							C from the C example earlier:
1755
1756							sub My::Object::THAW {
1757							my ($class, $serializer, $type, $id) = @_;
1758
1759							$class->new (type => $type, id => $id)
1760							}
1761
1762							See the L section below. Allowing external
1763							json objects being deserialized to perl objects is usually a very bad
1764							idea.
1765
1766
1767							=head1 ENCODING/CODESET FLAG NOTES
1768
1769							The interested reader might have seen a number of flags that signify
1770							encodings or codesets - C, C, C and
1771							C. There seems to be some confusion on what these do, so here
1772							is a short comparison:
1773
1774							C controls whether the JSON text created by C (and expected
1775							by C) is UTF-8 encoded or not, while C and C only
1776							control whether C escapes character values outside their respective
1777							codeset range. Neither of these flags conflict with each other, although
1778							some combinations make less sense than others.
1779
1780							Care has been taken to make all flags symmetrical with respect to
1781							C and C, that is, texts encoded with any combination of
1782							these flag values will be correctly decoded when the same flags are used
1783							- in general, if you use different flag settings while encoding vs. when
1784							decoding you likely have a bug somewhere.
1785
1786							Below comes a verbose discussion of these flags. Note that a "codeset" is
1787							simply an abstract set of character-codepoint pairs, while an encoding
1788							takes those codepoint numbers and I them, in our case into
1789							octets. Unicode is (among other things) a codeset, UTF-8 is an encoding,
1790							and ISO-8859-1 (= latin 1) and ASCII are both codesets I encodings at
1791							the same time, which can be confusing.
1792
1793							=over 4
1794
1795							=item C flag disabled
1796
1797							When C is disabled (the default), then C/C generate
1798							and expect Unicode strings, that is, characters with high ordinal Unicode
1799							values (> 255) will be encoded as such characters, and likewise such
1800							characters are decoded as-is, no changes to them will be done, except
1801							"(re-)interpreting" them as Unicode codepoints or Unicode characters,
1802							respectively (to Perl, these are the same thing in strings unless you do
1803							funny/weird/dumb stuff).
1804
1805							This is useful when you want to do the encoding yourself (e.g. when you
1806							want to have UTF-16 encoded JSON texts) or when some other layer does
1807							the encoding for you (for example, when printing to a terminal using a
1808							filehandle that transparently encodes to UTF-8 you certainly do NOT want
1809							to UTF-8 encode your data first and have Perl encode it another time).
1810
1811							=item C flag enabled
1812
1813							If the C-flag is enabled, C/C will encode all
1814							characters using the corresponding UTF-8 multi-byte sequence, and will
1815							expect your input strings to be encoded as UTF-8, that is, no "character"
1816							of the input string must have any value > 255, as UTF-8 does not allow
1817							that.
1818
1819							The C flag therefore switches between two modes: disabled means you
1820							will get a Unicode string in Perl, enabled means you get an UTF-8 encoded
1821							octet/binary string in Perl.
1822
1823							=item C, C or C flags enabled
1824
1825							With C (or C) enabled, C will escape
1826							characters with ordinal values > 255 (> 127 with C) and encode
1827							the remaining characters as specified by the C flag.
1828							With C enabled, ordinal values > 255 are illegal.
1829
1830							If C is disabled, then the result is also correctly encoded in those
1831							character sets (as both are proper subsets of Unicode, meaning that a
1832							Unicode string with all character values < 256 is the same thing as a
1833							ISO-8859-1 string, and a Unicode string with all character values < 128 is
1834							the same thing as an ASCII string in Perl).
1835
1836							If C is enabled, you still get a correct UTF-8-encoded string,
1837							regardless of these flags, just some more characters will be escaped using
1838							C<\uXXXX> then before.
1839
1840							Note that ISO-8859-1-I strings are not compatible with UTF-8
1841							encoding, while ASCII-encoded strings are. That is because the ISO-8859-1
1842							encoding is NOT a subset of UTF-8 (despite the ISO-8859-1 I being
1843							a subset of Unicode), while ASCII is.
1844
1845							Surprisingly, C will ignore these flags and so treat all input
1846							values as governed by the C flag. If it is disabled, this allows you
1847							to decode ISO-8859-1- and ASCII-encoded strings, as both strict subsets of
1848							Unicode. If it is enabled, you can correctly decode UTF-8 encoded strings.
1849
1850							So neither C, C nor C are incompatible with the
1851							C flag - they only govern when the JSON output engine escapes a
1852							character or not.
1853
1854							The main use for C or C is to relatively efficiently
1855							store binary data as JSON, at the expense of breaking compatibility
1856							with most JSON decoders.
1857
1858							The main use for C is to force the output to not contain characters
1859							with values > 127, which means you can interpret the resulting string
1860							as UTF-8, ISO-8859-1, ASCII, KOI8-R or most about any character set and
1861							8-bit-encoding, and still get the same data structure back. This is useful
1862							when your channel for JSON transfer is not 8-bit clean or the encoding
1863							might be mangled in between (e.g. in mail), and works because ASCII is a
1864							proper subset of most 8-bit and multibyte encodings in use in the world.
1865
1866							=back
1867
1868
1869							=head2 JSON and ECMAscript
1870
1871							JSON syntax is based on how literals are represented in javascript (the
1872							not-standardized predecessor of ECMAscript) which is presumably why it is
1873							called "JavaScript Object Notation".
1874
1875							However, JSON is not a subset (and also not a superset of course) of
1876							ECMAscript (the standard) or javascript (whatever browsers actually
1877							implement).
1878
1879							If you want to use javascript's C function to "parse" JSON, you
1880							might run into parse errors for valid JSON texts, or the resulting data
1881							structure might not be queryable:
1882
1883							One of the problems is that U+2028 and U+2029 are valid characters inside
1884							JSON strings, but are not allowed in ECMAscript string literals, so the
1885							following Perl fragment will not output something that can be guaranteed
1886							to be parsable by javascript's C:
1887
1888							use Cpanel::JSON::XS;
1889
1890							print encode_json [chr 0x2028];
1891
1892							The right fix for this is to use a proper JSON parser in your javascript
1893							programs, and not rely on C (see for example Douglas Crockford's
1894							F parser).
1895
1896							If this is not an option, you can, as a stop-gap measure, simply encode to
1897							ASCII-only JSON:
1898
1899							use Cpanel::JSON::XS;
1900
1901							print Cpanel::JSON::XS->new->ascii->encode ([chr 0x2028]);
1902
1903							Note that this will enlarge the resulting JSON text quite a bit if you
1904							have many non-ASCII characters. You might be tempted to run some regexes
1905							to only escape U+2028 and U+2029, e.g.:
1906
1907							# DO NOT USE THIS!
1908							my $json = Cpanel::JSON::XS->new->utf8->encode ([chr 0x2028]);
1909							$json =~ s/\xe2\x80\xa8/\\u2028/g; # escape U+2028
1910							$json =~ s/\xe2\x80\xa9/\\u2029/g; # escape U+2029
1911							print $json;
1912
1913							Note that I: the above only works for U+2028 and
1914							U+2029 and thus only for fully ECMAscript-compliant parsers. Many existing
1915							javascript implementations, however, have issues with other characters as
1916							well - using C naively simply I cause problems.
1917
1918							Another problem is that some javascript implementations reserve
1919							some property names for their own purposes (which probably makes
1920							them non-ECMAscript-compliant). For example, Iceweasel reserves the
1921							C<__proto__> property name for its own purposes.
1922
1923							If that is a problem, you could parse try to filter the resulting JSON
1924							output for these property strings, e.g.:
1925
1926							$json =~ s/"__proto__"\s*:/"__proto__renamed":/g;
1927
1928							This works because C<__proto__> is not valid outside of strings, so every
1929							occurrence of C<"__proto__"\s*:> must be a string used as property name.
1930
1931							Unicode non-characters between U+FFFD and U+10FFFF are decoded either
1932							to the recommended U+FFFD REPLACEMENT CHARACTER (see Unicode PR #121:
1933							Recommended Practice for Replacement Characters), or in the binary or
1934							relaxed mode left as is, keeping the illegal non-characters as before.
1935
1936							Raw non-Unicode characters outside the valid unicode range fail now to
1937							parse, because "A string is a sequence of zero or more Unicode
1938							characters" RFC 7159 section 1 and "JSON text SHALL be encoded in
1939							Unicode RFC 7159 section 8.1. We use now the UTF8_DISALLOW_SUPER
1940							flag when parsing unicode.
1941
1942							If you know of other incompatibilities, please let me know.
1943
1944
1945							=head2 JSON and YAML
1946
1947							You often hear that JSON is a subset of YAML. I
1948							no way to configure JSON::XS to output a data structure as valid YAML>
1949							that works in all cases. If you really must use Cpanel::JSON::XS to
1950							generate YAML, you should use this algorithm (subject to change in
1951							future versions):
1952
1953							my $to_yaml = Cpanel::JSON::XS->new->utf8->space_after (1);
1954							my $yaml = $to_yaml->encode ($ref) . "\n";
1955
1956							This will I generate JSON texts that also parse as valid
1957							YAML.
1958
1959
1960							=head2 SPEED
1961
1962							It seems that JSON::XS is surprisingly fast, as shown in the following
1963							tables. They have been generated with the help of the C program
1964							in the JSON::XS distribution, to make it easy to compare on your own
1965							system.
1966
1967							JSON::XS is with L and L one of the fastest
1968							serializers, because JSON and JSON::XS do not support backrefs (no
1969							graph structures), only trees. Storable supports backrefs,
1970							i.e. graphs. Data::MessagePack encodes its data binary (as Storable)
1971							and supports only very simple subset of JSON.
1972
1973							First comes a comparison between various modules using
1974							a very short single-line JSON string (also available at
1975							L).
1976
1977							{"method": "handleMessage", "params": ["user1",
1978							"we were just talking"], "id": null, "array":[1,11,234,-5,1e5,1e7,
1979							1, 0]}
1980
1981							It shows the number of encodes/decodes per second (JSON::XS uses
1982							the functional interface, while Cpanel::JSON::XS/2 uses the OO interface
1983							with pretty-printing and hash key sorting enabled, Cpanel::JSON::XS/3 enables
1984							shrink. JSON::DWIW/DS uses the deserialize function, while JSON::DWIW::FJ
1985							uses the from_json method). Higher is better:
1986
1987							module \| encode \| decode \|
1988							--------------\|------------\|------------\|
1989							JSON::DWIW/DS \| 86302.551 \| 102300.098 \|
1990							JSON::DWIW/FJ \| 86302.551 \| 75983.768 \|
1991							JSON::PP \| 15827.562 \| 6638.658 \|
1992							JSON::Syck \| 63358.066 \| 47662.545 \|
1993							JSON::XS \| 511500.488 \| 511500.488 \|
1994							JSON::XS/2 \| 291271.111 \| 388361.481 \|
1995							JSON::XS/3 \| 361577.931 \| 361577.931 \|
1996							Storable \| 66788.280 \| 265462.278 \|
1997							--------------+------------+------------+
1998
1999							That is, JSON::XS is almost six times faster than JSON::DWIW on encoding,
2000							about five times faster on decoding, and over thirty to seventy times
2001							faster than JSON's pure perl implementation. It also compares favourably
2002							to Storable for small amounts of data.
2003
2004							Using a longer test string (roughly 18KB, generated from Yahoo! Locals
2005							search API (L).
2006
2007							module \| encode \| decode \|
2008							--------------\|------------\|------------\|
2009							JSON::DWIW/DS \| 1647.927 \| 2673.916 \|
2010							JSON::DWIW/FJ \| 1630.249 \| 2596.128 \|
2011							JSON::PP \| 400.640 \| 62.311 \|
2012							JSON::Syck \| 1481.040 \| 1524.869 \|
2013							JSON::XS \| 20661.596 \| 9541.183 \|
2014							JSON::XS/2 \| 10683.403 \| 9416.938 \|
2015							JSON::XS/3 \| 20661.596 \| 9400.054 \|
2016							Storable \| 19765.806 \| 10000.725 \|
2017							--------------+------------+------------+
2018
2019							Again, JSON::XS leads by far (except for Storable which non-surprisingly
2020							decodes a bit faster).
2021
2022							On large strings containing lots of high Unicode characters, some modules
2023							(such as JSON::PC) seem to decode faster than JSON::XS, but the result
2024							will be broken due to missing (or wrong) Unicode handling. Others refuse
2025							to decode or encode properly, so it was impossible to prepare a fair
2026							comparison table for that case.
2027
2028							For updated graphs see L
2029
2030
2031							=head1 INTEROP with JSON and JSON::XS and other JSON modules
2032
2033							As long as you only serialize data that can be directly expressed in
2034							JSON, C is incapable of generating invalid JSON
2035							output (modulo bugs, but C has found more bugs in the
2036							official JSON testsuite (1) than the official JSON testsuite has found
2037							in C (0)).
2038							C is currently the only known JSON decoder which passes all
2039							L tests, while being the fastest also.
2040
2041							When you have trouble decoding JSON generated by this module using other
2042							decoders, then it is very likely that you have an encoding mismatch or the
2043							other decoder is broken.
2044
2045							When decoding, C is strict by default and will likely catch
2046							all errors. There are currently two settings that change this:
2047							C makes C accept (but not generate) some
2048							non-standard extensions, and C or C will
2049							allow you to encode and decode Perl objects, at the cost of being
2050							totally insecure and not outputting valid JSON anymore.
2051
2052							JSON-XS-3.01 broke interoperability with JSON-2.90 with booleans. See L.
2053
2054							Cpanel::JSON::XS needs to know the JSON and JSON::XS versions to be able work
2055							with those objects, especially when encoding a booleans like C<{"is_true":true}>.
2056							So you need to load these modules before.
2057
2058							true/false overloading and boolean representations are supported.
2059
2060							JSON::XS and JSON::PP representations are accepted and older JSON::XS
2061							accepts Cpanel::JSON::XS booleans. All JSON modules JSON, JSON, PP,
2062							JSON::XS, Cpanel::JSON::XS produce JSON::PP::Boolean objects, just
2063							Mojo and JSON::YAJL not. Mojo produces Mojo::JSON::_Bool and
2064							JSON::YAJL::Parser just an unblessed IV.
2065
2066							Cpanel::JSON::XS accepts JSON::PP::Boolean and Mojo::JSON::_Bool
2067							objects as booleans.
2068
2069							I cannot think of any reason to still use JSON::XS anymore.
2070
2071
2072							=head2 TAGGED VALUE SYNTAX AND STANDARD JSON EN/DECODERS
2073
2074							When you use C to use the extended (and also nonstandard
2075							and invalid) JSON syntax for serialized objects, and you still want to
2076							decode the generated serialize objects, you can run a regex to replace
2077							the tagged syntax by standard JSON arrays (it only works for "normal"
2078							package names without comma, newlines or single colons). First, the
2079							readable Perl version:
2080
2081							# if your FREEZE methods return no values, you need this replace first:
2082							$json =~ s/$ \s* (" (?: [^\\":,]+\|\\.\|::)* ") \s* $ \s* \[\s*\]/[$1]/gx;
2083
2084							# this works for non-empty constructor arg lists:
2085							$json =~ s/$ \s* (" (?: [^\\":,]+\|\\.\|::)* ") \s* $ \s* \[/[$1,/gx;
2086
2087							And here is a less readable version that is easy to adapt to other
2088							languages:
2089
2090							$json =~ s/$\s("([^\\":,]+\|\\.\|::)")\s$\s\[/[$1,/g;
2091
2092							Here is an ECMAScript version (same regex):
2093
2094							json = json.replace (/$\s("([^\\":,]+\|\\.\|::)")\s$\s\[/g, "[$1,");
2095
2096							Since this syntax converts to standard JSON arrays, it might be hard to
2097							distinguish serialized objects from normal arrays. You can prepend a
2098							"magic number" as first array element to reduce chances of a collision:
2099
2100							$json =~ s/$\s("([^\\":,]+\|\\.\|::)")\s$\s\[/["XU1peReLzT4ggEllLanBYq4G9VzliwKF",$1,/g;
2101
2102							And after decoding the JSON text, you could walk the data
2103							structure looking for arrays with a first element of
2104							C.
2105
2106							The same approach can be used to create the tagged format with another
2107							encoder. First, you create an array with the magic string as first member,
2108							the classname as second, and constructor arguments last, encode it as part
2109							of your JSON structure, and then:
2110
2111							$json =~ s/\[\s"XU1peReLzT4ggEllLanBYq4G9VzliwKF"\s,\s("([^\\":,]+\|\\.\|::)")\s*,/($1)[/g;
2112
2113							Again, this has some limitations - the magic string must not be encoded
2114							with character escapes, and the constructor arguments must be non-empty.
2115
2116
2117							=head1 RFC7159
2118
2119							Since this module was written, Google has written a new JSON RFC, RFC 7159
2120							(and RFC7158). Unfortunately, this RFC breaks compatibility with both the
2121							original JSON specification on www.json.org and RFC4627.
2122
2123							As far as I can see, you can get partial compatibility when parsing by
2124							using C<< ->allow_nonref >>. However, consider the security implications
2125							of doing so.
2126
2127							I haven't decided yet when to break compatibility with RFC4627 by default
2128							(and potentially leave applications insecure) and change the default to
2129							follow RFC7159, but application authors are well advised to call C<<
2130							->allow_nonref(0) >> even if this is the current default, if they cannot
2131							handle non-reference values, in preparation for the day when the default
2132							will change.
2133
2134							=head1 SECURITY CONSIDERATIONS
2135
2136							JSON::XS and Cpanel::JSON::XS are not only fast. JSON is generally the
2137							most secure serializing format, because it is the only one besides
2138							Data::MessagePack, which does not deserialize objects per default. For
2139							all languages, not just perl. The binary variant BSON (MongoDB) does
2140							more but is unsafe.
2141
2142							It is trivial for any attacker to create such serialized objects in
2143							JSON and trick perl into expanding them, thereby triggering certain
2144							methods. Watch L for an
2145							exploit demo for "CVE-2015-1592 SixApart MovableType Storable Perl
2146							Code Execution" for a deserializer which expands objects.
2147							Deserializing even coderefs (methods, functions) or external
2148							data would be considered the most dangerous.
2149
2150							Security relevant overview of serializers regarding deserializing
2151							objects by default:
2152
2153							Objects Coderefs External Data
2154
2155							Data::Dumper YES YES YES
2156							Storable YES NO (def) NO
2157							Sereal YES NO NO
2158							YAML YES NO NO
2159							B::C YES YES YES
2160							B::Bytecode YES YES YES
2161							BSON YES YES NO
2162							JSON::SL YES NO YES
2163							JSON NO (def) NO NO
2164							Data::MessagePack NO NO NO
2165							XML NO NO YES
2166
2167							Pickle YES YES YES
2168							PHP Deserialize YES NO NO
2169
2170							When you are using JSON in a protocol, talking to untrusted potentially
2171							hostile creatures requires relatively few measures.
2172
2173							First of all, your JSON decoder should be secure, that is, should not have
2174							any buffer overflows. Obviously, this module should ensure that.
2175
2176							Second, you need to avoid resource-starving attacks. That means you should
2177							limit the size of JSON texts you accept, or make sure then when your
2178							resources run out, that's just fine (e.g. by using a separate process that
2179							can crash safely). The size of a JSON text in octets or characters is
2180							usually a good indication of the size of the resources required to decode
2181							it into a Perl structure. While JSON::XS can check the size of the JSON
2182							text, it might be too late when you already have it in memory, so you
2183							might want to check the size before you accept the string.
2184
2185							Third, Cpanel::JSON::XS recurses using the C stack when decoding objects and
2186							arrays. The C stack is a limited resource: for instance, on my amd64
2187							machine with 8MB of stack size I can decode around 180k nested arrays but
2188							only 14k nested JSON objects (due to perl itself recursing deeply on croak
2189							to free the temporary). If that is exceeded, the program crashes. To be
2190							conservative, the default nesting limit is set to 512. If your process
2191							has a smaller stack, you should adjust this setting accordingly with the
2192							C method.
2193
2194							Also keep in mind that Cpanel::JSON::XS might leak contents of your Perl data
2195							structures in its error messages, so when you serialize sensitive
2196							information you might want to make sure that exceptions thrown by JSON::XS
2197							will not end up in front of untrusted eyes.
2198
2199							If you are using Cpanel::JSON::XS to return packets to consumption
2200							by JavaScript scripts in a browser you should have a look at
2201							L to
2202							see whether you are vulnerable to some common attack vectors (which really
2203							are browser design bugs, but it is still you who will have to deal with
2204							it, as major browser developers care only for features, not about getting
2205							security right). You might also want to also look at L
2206							special escape rules to prevent from XSS attacks.
2207
2208							=head1 "OLD" VS. "NEW" JSON (RFC 4627 VS. RFC 7159)
2209
2210							TL;DR: Due to security concerns, Cpanel::JSON::XS will not allow
2211							scalar data in JSON texts by default - you need to create your own
2212							Cpanel::JSON::XS object and enable C:
2213
2214
2215							my $json = JSON::XS->new->allow_nonref;
2216
2217							$text = $json->encode ($data);
2218							$data = $json->decode ($text);
2219
2220							The long version: JSON being an important and supposedly stable format,
2221							the IETF standardized it as RFC 4627 in 2006. Unfortunately the inventor
2222							of JSON Douglas Crockford unilaterally changed the definition of JSON in
2223							javascript. Rather than create a fork, the IETF decided to standardize the
2224							new syntax (apparently, so I as told, without finding it very amusing).
2225
2226							The biggest difference between the original JSON and the new JSON is that
2227							the new JSON supports scalars (anything other than arrays and objects) at
2228							the top-level of a JSON text. While this is strictly backwards compatible
2229							to older versions, it breaks a number of protocols that relied on sending
2230							JSON back-to-back, and is a minor security concern.
2231
2232							For example, imagine you have two banks communicating, and on one side,
2233							the JSON coder gets upgraded. Two messages, such as C<10> and C<1000>
2234							might then be confused to mean C<101000>, something that couldn't happen
2235							in the original JSON, because neither of these messages would be valid
2236							JSON.
2237
2238							If one side accepts these messages, then an upgrade in the coder on either
2239							side could result in this becoming exploitable.
2240
2241							This module has always allowed these messages as an optional extension, by
2242							default disabled. The security concerns are the reason why the default is
2243							still disabled, but future versions might/will likely upgrade to the newer
2244							RFC as default format, so you are advised to check your implementation
2245							and/or override the default with C<< ->allow_nonref (0) >> to ensure that
2246							future versions are safe.
2247
2248							=head1 THREADS
2249
2250							Cpanel::JSON::XS has proper ithreads support, unlike JSON::XS. If you
2251							encounter any bugs with thread support please report them.
2252
2253							=head1 BUGS
2254
2255							While the goal of the Cpanel::JSON::XS module is to be correct, that
2256							unfortunately does not mean it's bug-free, only that the author thinks
2257							its design is bug-free. If you keep reporting bugs and tests they will
2258							be fixed swiftly, though.
2259
2260							Since the JSON::XS author refuses to use a public bugtracker and
2261							prefers private emails, we use the tracker at B, so you might want
2262							to report any issues twice. Once in private to MLEHMANN to be fixed in
2263							JSON::XS and one to our the public tracker. Issues fixed by JSON::XS
2264							with a new release will also be backported to Cpanel::JSON::XS and
2265							5.6.2, as long as cPanel relies on 5.6.2 and Cpanel::JSON::XS as our
2266							serializer of choice.
2267
2268							L
2269
2270							=head1 LICENSE
2271
2272							This module is available under the same licences as perl, the Artistic
2273							license and the GPL.
2274
2275							=cut
2276
2277							sub allow_bigint {
2278	0			0	1	0	Carp::carp("allow_bigint() is obsoleted. use allow_bignum() instead.");
2279							}
2280
2281							BEGIN {
2282							package
2283							JSON::PP::Boolean;
2284
2285	57			57		57284	require overload;
2286
2287	57					47909	local $^W; # silence redefine warnings. no warnings 'redefine' does not help
2288							&overload::import( 'overload', # workaround 5.6 reserved keyword warning
2289	52			52		14502	"0+" => sub { ${$_[0]} },
	52					283
2290	1			1		143	"++" => sub { $_[0] = ${$_[0]} + 1 },
	1					9
2291	0			0		0	"--" => sub { $_[0] = ${$_[0]} - 1 },
	0					0
2292	23	100		23		5814	'""' => sub { ${$_[0]} == 1 ? '1' : '0' }, # GH 29
	23					217
2293							'eq' => sub {
2294	19	50		19		3465	my ($obj, $op) = $_[2] ? ($_[1], $_[0]) : ($_[0], $_[1]);
2295							#warn "eq obj:$obj op:$op len:", length($op) > 0, " swap:$_[2]";
2296	19	100				94	if (ref $op) { # if 2nd also blessed might recurse endlessly
		100
2297	2	100				5	return $obj ? 1 == $op : 0 == $op;
2298							}
2299							# if string, only accept numbers or true\|false or "" (e.g. !!0 / SV_NO)
2300							elsif ($op !~ /^[0-9]+$/) {
2301	9	100	100			20	return "$obj" eq '1' ? 'true' eq $op : 'false' eq $op \|\| "" eq $op;
2302							}
2303							else {
2304	8	100				20	return $obj ? 1 == $op : 0 == $op;
2305							}
2306							},
2307							'ne' => sub {
2308	2	50		2		9	my ($obj, $op) = $_[2] ? ($_[1], $_[0]) : ($_[0], $_[1]);
2309							#warn "ne obj:$obj op:$op";
2310	2					4	return !($obj eq $op);
2311							},
2312	57					667	fallback => 1);
2313							}
2314
2315							our ($true, $false);
2316							BEGIN {
2317	57	50	33	57		12992	if ($INC{'JSON/XS.pm'}
			0
2318							and $INC{'Types/Serialiser.pm'}
2319							and $JSON::XS::VERSION ge "3.00") {
2320	0					0	$true = $Types::Serialiser::true; # readonly if loaded by JSON::XS
2321	0					0	$false = $Types::Serialiser::false;
2322							} else {
2323	57					109	$true = do { bless \(my $dummy = 1), "JSON::PP::Boolean" };
	57					178
2324	57					125	$false = do { bless \(my $dummy = 0), "JSON::PP::Boolean" };
	57					4023
2325							}
2326							}
2327
2328							BEGIN {
2329	57			57		166	my $const_true = $true;
2330	57					108	my $const_false = $false;
2331	57					575	*true = sub () { $const_true };
	0					0
2332	57					6568	*false = sub () { $const_false };
	0					0
2333							}
2334
2335							sub is_bool($) {
2336	12	100		12	1	133	shift if @_ == 2; # as method call
2337							(ref($_[0]) and UNIVERSAL::isa( $_[0], JSON::PP::Boolean::))
2338	12	100	33			96	or (exists $INC{'Types/Serialiser.pm'} and Types::Serialiser::is_bool($_[0]))
			100
2339							}
2340
2341							XSLoader::load 'Cpanel::JSON::XS', $XS_VERSION;
2342
2343							1;
2344
2345							=head1 SEE ALSO
2346
2347							The F command line utility for quick experiments.
2348
2349							L, L, L, L, L,
2350							L, L, L, L, L,
2351							L,
2352							L
2353
2354							L
2355
2356							L
2357
2358
2359							=head1 AUTHOR
2360
2361							Reini Urban
2362
2363							Marc Lehmann , http://home.schmorp.de/
2364
2365							=head1 MAINTAINER
2366
2367							Reini Urban
2368
2369							=cut
2370