public class

JsonUtils

extends Object
java.lang.Object
   ↳ com.google.gwt.core.client.JsonUtils

Class Overview

Provides JSON-related utility methods.

Summary

Public Methods
static String escapeJsonForEval(String toEscape)
Escapes characters within a JSON string than cannot be passed directly to eval().
static String escapeValue(String toEscape)
Returns a quoted, escaped JSON String.
static <T extends JavaScriptObject> T safeEval(String json)
Evaluates a JSON expression safely.
static boolean safeToEval(String text)
Returns true if the given JSON string may be safely evaluated by eval() without undersired side effects or security risks.
static <T extends JavaScriptObject> T unsafeEval(String json)
Evaluates a JSON expression using eval().
[Expand]
Inherited Methods
From class java.lang.Object

Public Methods

public static String escapeJsonForEval (String toEscape)

Escapes characters within a JSON string than cannot be passed directly to eval(). Control characters, quotes and backslashes are not affected.

public static String escapeValue (String toEscape)

Returns a quoted, escaped JSON String.

public static T safeEval (String json)

Evaluates a JSON expression safely. The payload must evaluate to an Object or an Array (not a primitive or a String).

Parameters
json The source JSON text
Returns
  • The evaluated object
Throws
IllegalArgumentException if the input is not valid JSON

public static boolean safeToEval (String text)

Returns true if the given JSON string may be safely evaluated by eval() without undersired side effects or security risks. Note that a true result from this method does not guarantee that the input string is valid JSON. This method does not consider the contents of quoted strings; it may still be necessary to perform escaping prior to evaluation for correct results.

The technique used is taken from RFC 4627.

public static T unsafeEval (String json)

Evaluates a JSON expression using eval(). This method does not validate the JSON text and should only be used on JSON from trusted sources. The payload must evaluate to an Object or an Array (not a primitive or a String).

Parameters
json The source JSON text
Returns
  • The evaluated object