no way to enable "escape_slash" in the JSON engine #895

modosc opened this Issue Feb 14, 2013 · 3 comments


None yet

3 participants

modosc commented Feb 14, 2013

this option should probably be enabled by default since it can cause potential security issues when serializing user supplied data. to enable it you need to do:

use JSON -support_by_pp;

and then make sure escape_slash => 1 is set in the options passed into to_json.

modosc commented Feb 14, 2013

added a pull request. i didn't make this the default behavior since i'm not sure what the general dancer philosophy is about this.

mokko commented Apr 3, 2013

is already committed: 3135001

can be closed

xsawyerx commented Apr 3, 2013

@mokko Thanks! :)

@xsawyerx xsawyerx closed this Apr 3, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment