Age | Commit message (Collapse) | Author |
|
https://github.com/flori/json/commit/11b31210ac
|
|
https://github.com/flori/json/commit/936f280f9f
|
|
Fix: https://github.com/flori/json/issues/553
We can never add keyword arguments to `dump` otherwise
existing code using unenclosed hash will break.
https://github.com/flori/json/commit/8e0076a3f2
|
|
> https://github.com/flori/json/pull/525
> Rename escape_slash in script_safe and also escape E+2028 and E+2029
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
> https://github.com/flori/json/pull/454
> Remove unnecessary initialization of create_id in JSON.parse()
Co-authored-by: Watson <watson1978@gmail.com>
|
|
It is rather common to directly interpolate JSON string inside
<script> tags in HTML as to provide configuration or parameters to a
script.
However this may lead to XSS vulnerabilities, to prevent that 3
characters need to be escaped:
- `/` (forward slash)
- `U+2028` (LINE SEPARATOR)
- `U+2029` (PARAGRAPH SEPARATOR)
The forward slash need to be escaped to prevent closing the script
tag early, and the other two are valid JSON but invalid Javascript
and can be used to break JS parsing.
Given that the intent of escaping forward slash is the same than escaping
U+2028 and U+2029, I chos to rename and repurpose the existing `escape_slash`
option.
|
|
https://github.com/flori/json/commit/3804f38bf4
|
|
https://github.com/flori/json/commit/6cbadf6b6e
|
|
|
|
https://github.com/flori/json/commit/573ef94bc5
|
|
```
[ 3463/25719] JSONGeneratorTest#test_string_ext_included_calls_super/home/chkbuild/chkbuild/tmp/build/20230905T063003Z/ruby/test/json/json_generator_test.rb:411: warning: method redefined; discarding old included
/home/chkbuild/chkbuild/tmp/build/20230905T063003Z/ruby/test/json/json_generator_test.rb:399: warning: previous definition of included was here
```
http://rubyci.s3.amazonaws.com/debian10/ruby-master/log/20230905T063003Z.log.html.gz
|
|
assert_in_out_err adds --disable=gems so we don't need to add
--disable-gems in the args list.
Notes:
Merged: https://github.com/ruby/ruby/pull/8303
|
|
to prevent them from conflicting with yarp/test_helper
|
|
https://github.com/flori/json/commit/7138bf32c7
|
|
The C extension defines an `included` hook for the
`JSON::Ext::Generator::GeneratorMethods::String` module but neglects to
call `super` in the hook. This can break the functionality of various
other code that rely on the fact that `included` on `Module` will always
be called.
https://github.com/flori/json/commit/cd8bbe56a3
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/3975
|
|
|
|
implementations
|
|
|
|
an early return still caused ensure to execute,
setting JSON constant to `nil` for later tests!
Notes:
Merged: https://github.com/ruby/ruby/pull/3581
|
|
Squashed commit of the following:
commit 26d181059989279a79c433cedcd893b4f52e42ee
Author: Francois Chagnon <francois.chagnon@jadedpixel.com>
Date: Tue Sep 15 21:17:34 2015 +0000
add config options for escape_slash
commit fa282334051b16df91ca097dd7304b46f3bc7719
Author: Francois Chagnon <francois.chagnon@jadedpixel.com>
Date: Mon Feb 9 21:09:33 2015 +0000
add forward slash to escape character
Notes:
Merged: https://github.com/ruby/ruby/pull/3581
|
|
|
|
`JSONGeneratorTest#test_remove_const_seg` is meaningful only for
the extension library version, but nonsense for pure ruby version.
|
|
The global can go bad if the compactor runs, so we need to look up the
constant instead of caching it in a global.
|
|
flori/json@c34d01ff6a18dac04a90b2e0f820cdb1d5c7e1b2 does not
consider US-ASCII compatible but non-UTF-8 encodings, and causes
an error in RDoc tests.
https://github.com/flori/json/commit/4f471bf590
|
|
* https://github.com/flori/json/releases/tag/v2.0.4
* https://github.com/flori/json/blob/09fabeb03e73ed88dc8ce8f19d76ac59e51dae20/CHANGES.md#2017-03-23-204
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58323 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* test/json/json_generator_test.rb (test_broken_bignum): get rid
of use of Bignum, obsolete name.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56126 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
upstream.
* test/json: merge original test files from json upstream.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55667 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|