Package Exports
- @httpie/json
This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@httpie/json) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.
Readme
JSON
Secure drop-in replacement for the global `JSON` object with prototype pollution protection
Follow @eldorplus and @httpiejs for updates!
Introduction
The @httpie/json package is a drop-in replacement for the global JSON object. It protects JSON parsing against protoype pollution attacks.
Installation
npm i @httpie/jsonUsage
Using @httpie/json is pretty straightforward. Use it the same way as you would use the JSON object:
const JSON = require('@httpie/json')
const user = JSON.parse('{"name":"Supercharge"}')
// { name: 'Supercharge' }
const user = JSON.parse('{"name":"Supercharge", "__proto__": { "x": 1 }, "constructor": {"prototype": {"bar": "baz"} } }')
// { name: 'Supercharge' }
const json = JSON.stringify({ name: 'Supercharge' })
// '{"name":"Supercharge"}'Contributing
Do you miss a function? We very much appreciate your contribution! Please send in a pull request ๐
- Create a fork
- Create your feature branch:
git checkout -b my-feature - Commit your changes:
git commit -am 'Add some feature' - Push to the branch:
git push origin my-new-feature - Submit a pull request ๐
License
MIT ยฉ Supercharge
httpiejs.com · GitHub @httpie · Twitter @httpiejs