Unexpected character #to_json

[ggoral]

irb(main):002:0> '&'.to_json
=> ""\u0026""

[rafaelfranca]

What is your expected behavior?

I saw you are using irb, is this a Rails bug?

[rafaelfranca]

Which Rails version are using?

How can I reproduce it?

[chancancode]

This is the correct behaviour – escape_html_entities_in_json is turned on by default as a security measure. If this is causing problem, you can turn it off by setting config.active_support.escape_html_entities_in_json to false.

However, this is unlikely to cause problems, because according to the JSON spec this is perfectly valid and should be treated as identical as '&' by all conforming browsers. Where are you running into issues with this?

[ggoral]

Hi Guys,

Sorry, was looking for a solution to this problem. This problem occurred when ActiveSupport 4.0.2 upgrade.

Repository is: https://github.com/ggoral/resource-booking-system.git
In bash run:

$bundle exec rake console
irb(main):001:0> '&'.to_json
=> ""\u0026""

following the error reaches overwriting # to_json
https://github.com/rails/rails/blob/master/activesupport/lib/active_support/core_ext/object/json.rb#L29-L43

@rafaelfranca is not an application rails, app depends on ActiveRecord, which in turn depends on ActiveSupport, which overrides the #to_json method.

@chancancode "ActiveSupport.escape_html_entities_in_json = false" works! 👍

Thanks everyone!

[chancancode]

@ggoral Make sure you know what you're doing if you turned that off :) I think you shouldn't have to do that in pretty much any scenarios, because again, when it comes to JSON, '&' and '\u0026' should be treated as identical according to the spec.

[ggoral]

@chancancode Thank you for your clarification.