Big news!Introducing Socket AI - ChatGPT-Powered Threat Analysis. Learn more
Socket
Log inDemoInstall

json-bourne

Package Overview
Dependencies
0
Maintainers
1
Versions
2
Issues
File Explorer

Advanced tools

json-bourne

Drop in replacement for JSON that standardizes Array.toJSON and Date.toJSON

    1.0.1latest
    GitHub

Version published
Maintainers
1
Weekly downloads
471
decreased by-31.64%

Weekly downloads

Readme

Source

json-bourne

js-standard-style

Codeship Status for qubitproducts/json-bourne

Normalizes the JavaScript JSON API against overwritten Array.prototype.toJSON and IE8's unstandardized version of Date.prototype.toJSON.

Advantages over JSON 3

  • Much smaller, only a few lines rather than 4KB
  • Uses native stringify and parse methods
  • Runs much quicker on older browsers

Known issues

  • Does not protect against all monkeypatching
  • Can be slower at stringifying on newer browsers (see Benchmarks)
  • Not compatible with IE7 or below

Installation

$ npm install --save json-bourne

Motivation

JSON Bourne is intended for use in code that you'll execute on websites you don't control. Such websites can break the native JSON.stringify implementation by changing Array.prototype.toJSON, specifically if they use prototype.js version 1.6 or under. JSON Bourne also normalizes Date.prototype.toJSON, correcting the unstandard implementation for IE8. Any changes to prototypes are restored immediately after stringifying.

Usage

JSON Bourne is a drop in replacement for JSON, replicating the standard parse and stringify methods exactly.

var JSON = require('json-bourne') console.log(JSON.parse('{"bourne": "legacy"}')) // Logs { bourne: "legacy" } console.log(JSON.stringify({"bourne": "ultimatum"})) // Logs { "bourne": "ultimatum" }

Compatibility

Tested on IE8+, Chrome, Firefox, Opera and Safari.

Benchmarks

Want to work on this for your day job?

This project was created by the Engineering team at Qubit. As we use open source libraries, we make our projects public where possible.

We’re currently looking to grow our team, so if you’re a JavaScript engineer and keen on ES2016 React+Redux applications and Node micro services, why not get in touch? Work with like minded engineers in an environment that has fantastic perks, including an annual ski trip, yoga, a competitive foosball league, and copious amounts of yogurt.

Find more details on our Engineering site. Don’t have an up to date CV? Just link us your Github profile! Better yet, send us a pull request that improves this project.

FAQs

Last updated on 03 Feb 2016

Did you know?

Socket installs a Github app to automatically flag issues on every pull request and report the health of your dependencies. Find out what is inside your node modules and prevent malicious activity before you update the dependencies.

Install Socket
Socket
support@socket.devSocket SOC 2 Logo

Product

  • Package Issues
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc