Create a encodeForJSON() function

OWASP / owasp-java-encoder

The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!

https://owasp.org/www-project-java-encoder/

BSD 3-Clause "New" or "Revised" License

493 stars 111 forks source link

Create a encodeForJSON() function #36

Open jmanico opened 4 years ago

jmanico commented 4 years ago

We should create a function to safely embed JSON on a webpage simular to to what https://github.com/yahoo/serialize-javascript accomplishes.

melloware commented 4 years ago

This would be a great feature as we have needed something similar in the past.

Infernalbronco commented 3 years ago

Can I try this?

jmanico commented 3 years ago

Go for it :)

-- Jim Manico @Manicode

On Jan 16, 2021, at 3:19 AM, Akshay Mall notifications@github.com wrote:

Can I try this?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.

Infernalbronco commented 3 years ago

@jmanico Can u give any pointers from where I can start studying for this?

jmanico commented 3 years ago

Maybe this will point you in the right direction?

https://phppot.com/php/php-json-encode-and-decode/#:~:text=In%20PHP%2C%20json_encode()%20is,reflect%20effects%20on%20encoding%20behavior.

https://github.com/yahoo/serialize-javascript

jeremylong commented 3 months ago

Wouldn't Encode.forJavaScriptSource() work? You would just be responsible for quoting the output.