This seems wrong to me; JSON should have nothing to do with HTML escaping, nor with any other form of escaping or encoding that isn't JSON.
Also, have you benchmarked this? What are you worried about - unnecessary allocations, or your code performing noticeably worse than your expectations or some similar code in another language?
It seems like you want to make JSON decoding and HTML escaping faster. If you control the data being received, I would instead suggest looking at alternatives like protobuf, which are designed for performance. Trying to squeeze performance out of the standard library's JSON and HTML packages can only go so far.
It´s to avoid code repeating in order to make code more readable and performance, in order to perform what you are saying I would have to repeat the same code over and over again for each struct just for escaping html. In JSON package the is a https://golang.org/pkg/encoding/json/#HTMLEscape htmlscape option but for encoding, not for decoding
Your markdown urls are backwards - they are not clickable.
I didn't know about this HTML quirk. I thought what you were asking for was an option like Encoder.SetEscapeHTML, such as Decoder.SetUnescapeHTML. But, as one would expect, that works out of the box: https://play.golang.org/p/RPLjORgScjv
I still think this has nothing to do with JSON. Escaping HTML when encoding is useful - to make the encoded JSON bytes less prone to buggy decoders. But escaping HTML when decoding seems completely unrelated to that. Why exactly do you need it?
To avoid xss by first decoding to html scaped, so any input like <>
will be <> I know I can do it after, when using the data, but I think it would be much more efficient if all data gets verify first and then saved in databased, instead of always escaping when sending data
It would be a performance improvement when sending data because if I escape when data is coming and then save in database, I wouldn´t need to escape it when sending the data, so it would be faster, of course this is not like the end of the world, but suposse there is a large ammount request asking for the data, I would save resources and response timing if I don´t escape when sending the data
changed the title
proposal: add a new method to json package to decode json html escaped directly to structMar 15, 2018
Let's move this to the mailing list for now (https://golang.org/wiki/Questions) until a concrete problem is identified. Also, the JSON package is currently frozen for a few cycles at which time a bunch of issues will be addressed in aggregate, so there's no rush on this bug.