Re: [JSON] I say again, what *is* JSON? from Peter Frederick Patel-Schneider on 2011-03-24 (public-rdf-wg@w3.org from March 2011)

From: Peter Frederick Patel-Schneider <pfps@research.bell-labs.com>
Date: Thu, 24 Mar 2011 13:30:41 -0400
To: <public-rdf-wg@w3.org>
Message-ID: <20110324.133041.1171538987480573017.pfps@research.bell-labs.com>

From: Nathan <nathan@webr3.org>
Subject: Re: [JSON] I say again, what *is* JSON?
Date: Thu, 24 Mar 2011 11:36:50 -0500

> Gavin Carothers wrote:
>> On Thu, Mar 24, 2011 at 7:35 AM, Peter Frederick Patel-Schneider
>> <pfps@research.bell-labs.com> wrote:
>>> Hmm.
>>>
>>> Is this really the JSON spec?
>> 
>> No.
> 
> This was referring to the ECMAScript-262 specification [1].
> 
> No it's not the JSON specification, however it is closely related, "JSON 
> is a subset of the object literal notation of JavaScript" [2], and was 
> developed when ECMAScript-262 was in it's Third Edition. ECMAScript-262 
> is now in it's Fifth Edition, and includes JSON.
> 
> To all extents and purposes, the JSON people use, and the environment 
> they often use it in, is defined by the ECMAScript-262 Fifth Edition I 
> referred you to.
> 
> For practical usage, and when discussing, it's good to be familiar with 
> the ECMAScript-262 Fifth Edition and what it says about JSON, the 
> parsing and stringification of it, and how it maps to ECMAScript-262 
> "Objects".
> 
> Hope that clarifies.
> 
> [1] 
> http://www.ecma-international.org/publications/files/ECMA-ST/ECMA-262.pdf
> [2] http://www.json.org/js.html

I find much of the information in [2] suspect at best.

Consider

  Members can be retrieved using dot or subscript operators.
    myJSONObject.bindings[0].method    // "newURI"

What happens if the JSON object property name isn't a valid JavaScript
name?

Consider also 

  To convert a JSON text into an object, you can use the eval()
  function.

Anyone who actually does this is opening themselves up to a world of
security hurt.  In fact, it might even be better if RDF-in-JSON can't be
converted using eval(), as we would then be striking a major blow for
web security.  Of course the document goes on to next say, roughly,
"Don't use eval() to parse JSON".

Other information on that page leads to the possibility of using the
reviver function to do interesting mappings.  It seems to me that the WG
should extensively use this facility, for example to perform URI
transformation. 

It is amusing that there is the explicit mention of cyclic data
structures in the documentation.  Of course, the statement "JSON does
not support cyclic data structures", because as far as I can see JSON
isn't related to data structures at all.  It is also amusing that the
last example shows how to subvert the intuitive meaning of JSON.

I'm also confused as to whether "a JSON stringifier" has support the
optional arguments.  Similarly for a JSON poarser.

So, I am just getting more confused.

peter

Received on Thursday, 24 March 2011 17:31:32 UTC