Comment by semiquaver
4 days ago
Are they just confused about what characters require escaping in JSON strings or is PHP weirder than I remember?
{
"\/blog\/11-million-rows-in-seconds": {
"2025-01-24": 1,
"2026-01-24": 2
},
"\/blog\/php-enums": {
"2024-01-24": 1
}
}
PHP has always escaped forward slashes to help prevent malicious JSON from injecting tags into JavaScript I believe. Because it was common for PHP users to json_encode some data and then to write it out into the HTML in a script tag. A malicious actor could include a closing script tag, and then could inject their own HTML tags and scripts etc.
The weirdness is partly in JSON . In the JSON spec, the slash (named "solidus" there) is the only character that can be written plainly or prefixed with a backslash (AKA "reverse solidus").
See page 4, section 9 of the latest ECMA for JSON: https://ecma-international.org/wp-content/uploads/ECMA-404_2...
That's the default output when using json_encode with the JSON_PRETTY_PRINT flag in php.
> That's the default output when using json_encode with the JSON_PRETTY_PRINT flag in php.
JSON_PRETTY_PRINT is irrelevant. Escaping slashes is the default behavior of json_encode(). To switch it off, use JSON_UNESCAPED_SLASHES.
Ah, my bad. Thanks for the correction, TIL!
> The output should be encoded as a pretty JSON string.
So apparently that is what they consider "pretty JSON". I really don't want to see what they would consider "ugly JSON".
(I think the term they may have been looking for is "pretty-printed JSON" which implies something about the formatting rather than being a completely subjective term)
Pretty JSON not meaning formatting, but more "That was pretty JSON of you."