On 2018-03-19 14:34, Mike Samuel wrote:
How does the transform you propose differ from?
JSON.canonicalize = (x) => JSON.stringify(
x,
(_, x) => {
if (x && typeof x === 'object' && !Array.isArray(x)) {
const sorted = {}
for (let key of Object.getOwnPropertyNames(x).sort()) {
sorted[key] = x[key]
}
return sorted
}
return x
})
Probably not all. You are the JS guru, not me :-)
The proposal says "in lexical (alphabetical) order."
If "lexical order" differs from the lexicographic order that sort uses, then
the above could be adjusted to pass a comparator function.
I hope (and believe) that this is just a terminology problem.
Applied to your example input,
JSON.canonicalize({
"escaping": "\u20ac$\u000F\u000aA'\u0042\u0022\u005c\\\"\/",
"other": [null, true, false],
"numbers": [1E30, 4.50, 6, 2e-3, 0.000000000000000000000000001]
}) ===
String.raw`{"escaping":"€$\u000f\nA'B\"\\\\\"/","numbers":[1e+30,4.5,6,0.002,1e-27],"other":[null,true,false]}`
// proposed
{"escaping":"\u20ac$\u000f\nA'B\"\\\\\"/","numbers":[1e+30,4.5,6,0.002,1e-27],"other":[null,true,false]}
The canonicalized example from section 3.2.3 seems to conflict with the text of
3.2.2:
If you look a under the result you will find a pretty sad explanation:
"Note: \u20ac denotes the Euro character, which not
being ASCII, is currently not displayable in RFCs"
After 30 years with RFCs, we can still only use ASCII :-( :-(
Updates:
https://github.com/cyberphone/json-canonicalization/blob/master/JSON.canonicalize.md
https://cyberphone.github.io/doc/security/browser-json-canonicalization.html
Anders
"""
If the Unicode value is outside of the ASCII control character range, it MUST be serialized
"as is" unless it is equivalent to 0x005c (\) or 0x0022 (") which MUST be serialized
as \\ and \" respectively.
"""
So I think the "\u20ac" should actually be "€" and the implementation above
matches your proposal.
On Fri, Mar 16, 2018 at 3:16 AM, Anders Rundgren <anders.rundgren....@gmail.com
<mailto:anders.rundgren....@gmail.com>> wrote:
Dear List,
Here is a proposal that I would be very happy getting feedback on since it
builds on ES but is not (at all) limited to ES.
The request is for a complement to the ES "JSON" object called
canonicalize() which would have identical parameters to the existing stringify() method.
The JSON canonicalization scheme (including ES code for emulating it), is
described in:
https://cyberphone.github.io/doc/security/draft-rundgren-json-canonicalization-scheme.html
<https://cyberphone.github.io/doc/security/draft-rundgren-json-canonicalization-scheme.html>
Current workspace: https://github.com/cyberphone/json-canonicalization
<https://github.com/cyberphone/json-canonicalization>
Thanx,
Anders Rundgren
_______________________________________________
es-discuss mailing list
es-discuss@mozilla.org <mailto:es-discuss@mozilla.org>
https://mail.mozilla.org/listinfo/es-discuss
<https://mail.mozilla.org/listinfo/es-discuss>
_______________________________________________
es-discuss mailing list
es-discuss@mozilla.org
https://mail.mozilla.org/listinfo/es-discuss
