com.google.gwt.core.client

Class JsonUtils

java.lang.Object

com.google.gwt.core.client.JsonUtils

public class JsonUtils
extends java.lang.Object

Provides JSON-related utility methods.

Method Summary

Modifier and Type	Method and Description
static java.lang.String	escapeJsonForEval(java.lang.String toEscape) Escapes characters within a JSON string than cannot be passed directly to eval().
static java.lang.String	escapeValue(java.lang.String toEscape) Returns a quoted, escaped JSON String.
static <T extends JavaScriptObject> T	safeEval(java.lang.String json) Evaluates a JSON expression safely.
static boolean	safeToEval(java.lang.String text) Returns true if the given JSON string may be safely evaluated by eval() without undesired side effects or security risks.
static java.lang.String	stringify(JavaScriptObject obj) Converts a value to JSON.
static java.lang.String	stringify(JavaScriptObject obj, java.lang.String space) Converts a value to JSON.
(package private) static void	throwIllegalArgumentException(java.lang.String message, java.lang.String data)
static <T extends JavaScriptObject> T	unsafeEval(java.lang.String json) Evaluates a JSON expression using eval().

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

stringify

public static java.lang.String stringify(JavaScriptObject obj)

Converts a value to JSON.

stringify

public static java.lang.String stringify(JavaScriptObject obj,
                                         java.lang.String space)

Converts a value to JSON.

Parameters:

space - controls the spacing in the final string. Successive levels in the stringification will each be indented by this string (or the first ten characters of it).

escapeJsonForEval

public static java.lang.String escapeJsonForEval(java.lang.String toEscape)

Escapes characters within a JSON string than cannot be passed directly to eval(). Control characters, quotes and backslashes are not affected.

escapeValue

public static java.lang.String escapeValue(java.lang.String toEscape)

Returns a quoted, escaped JSON String.

safeEval

public static <T extends JavaScriptObject> T safeEval(java.lang.String json)

Evaluates a JSON expression safely. The payload must evaluate to an Object or an Array (not a primitive or a String).

Type Parameters:

T - The type of JavaScriptObject that should be returned

Parameters:

json - The source JSON text

Returns:

The evaluated object

Throws:

java.lang.IllegalArgumentException - if the input is not valid JSON

safeToEval

public static boolean safeToEval(java.lang.String text)

Returns true if the given JSON string may be safely evaluated by eval() without undesired side effects or security risks. Note that a true result from this method does not guarantee that the input string is valid JSON. This method does not consider the contents of quoted strings; it may still be necessary to perform escaping prior to evaluation for correct results.

The technique used is taken from RFC 4627.

Note that this function may fail in sufficiently large text in some browsers (e.g. Chrome). It is always better to use safeEval(java.lang.String) instead which is safer, faster and also works with large texts but less lenient than this one for invalid JSON.

unsafeEval

public static <T extends JavaScriptObject> T unsafeEval(java.lang.String json)

Evaluates a JSON expression using eval(). This method does not validate the JSON text and should only be used on JSON from trusted sources. The payload must evaluate to an Object or an Array (not a primitive or a String).

Type Parameters:

T - The type of JavaScriptObject that should be returned

Parameters:

json - The source JSON text

Returns:

The evaluated object

throwIllegalArgumentException

static void throwIllegalArgumentException(java.lang.String message,
                                          java.lang.String data)