Method Detail

• escapeJsonForEval

  public static java.lang.String escapeJsonForEval(java.lang.String toEscape)

  Escapes characters within a JSON string than cannot be passed directly to eval(). Control characters, quotes and backslashes are not affected.

• escapeValue

  public static java.lang.String escapeValue(java.lang.String toEscape)

  Returns a quoted, escaped JSON String.

• safeEval

  public static <T extends JavaScriptObject> T safeEval(java.lang.String json)

  Evaluates a JSON expression safely. The payload must evaluate to an Object or an Array (not a primitive or a String).

  Type Parameters:

  T - The type of JavaScriptObject that should be returned

  Parameters:

  json - The source JSON text

  Returns:

  The evaluated object

  Throws:

  java.lang.IllegalArgumentException - if the input is not valid JSON

• safeToEval

  public static boolean safeToEval(java.lang.String text)

  Returns true if the given JSON string may be safely evaluated by eval() without undersired side effects or security risks. Note that a true result from this method does not guarantee that the input string is valid JSON. This method does not consider the contents of quoted strings; it may still be necessary to perform escaping prior to evaluation for correct results.

  The technique used is taken from RFC 4627.

• unsafeEval

  public static <T extends JavaScriptObject> T unsafeEval(java.lang.String json)

  Evaluates a JSON expression using eval(). This method does not validate the JSON text and should only be used on JSON from trusted sources. The payload must evaluate to an Object or an Array (not a primitive or a String).

  Type Parameters:

  T - The type of JavaScriptObject that should be returned

  Parameters:

  json - The source JSON text

  Returns:

  The evaluated object

• throwIllegalArgumentException

  static void throwIllegalArgumentException(java.lang.String message,
                                   java.lang.String data)