Closed halostatue closed 2 years ago
With 7e25ebb8ecf11bf959f805a767661f1c24c2a8fa this can be handled at application level by decoding with the option objects: :ordered_objects
and explicitly picking which element to use or to outright error in case of duplicates.
I was reading an interesting article on JSON interoperability vulnerabilities from Bishop Fox Labs and Jason was one of the tested libraries.
It might be useful to allow the decoder to choose between
first-key
orlast-key
on duplicate keys during parsing; I’m not sure how this would be configured in something like Phoenix, Ecto, or Absinthe, but given some of the issues mentioned in the article, this may be worth pursuing.