Deserializer too strict with string escapes???

[GoogleCodeExporter]

The deserializer seems to be too strict (maybe not even compliant?) in
handling escapes in strings.

In particular, JSON feeds such as Twitter escape slashes in strings, and
gson complains of a syntax error on encountering them.

Although in theory only double-quotes, reverse solidusses (sp?), and
control characters need be escaped, the "official" JSON syntax at
http://www.json.org/ explicitly lists the slash as being acceptable when
escaped.

Ya, maybe JSON generators should not be escaping slashes. But in line with
a paraphrase of the Postel Principle ("Generate strictly, accept
leniently"). maybe gson should accept any character when escaped?

Just a thought, I could be wrong. Comments welcome and expected.

Jim Renkel

Original issue reported on code.google.com by james.re...@gmail.com on 22 Oct 2008 at 4:02

[GoogleCodeExporter]

Appendix E of "JavaScript: The Good Parts" said that:

"JSON allows the / character to be escaped so that JSON can be embedded in HTML
<script> tags. HTML does not allow the sequence </ except to start the 
</script> tag.
JSON allows <\/, which produces the same result but does not confuse HTML."

The solidum characters are escaped in other popular scripting languages (e.g., 
PHP).
So I think gson should consider it seriously.

Original comment by william....@gmail.com on 29 Oct 2008 at 10:17

[GoogleCodeExporter]

I agree this is a good idea. I have fixed this in r279 and also added a test. 
We will 
include it in our next release.

Original comment by inder123 on 29 Oct 2008 at 11:32

• Changed state: Fixed