Posts tagged json in 2007
Filters: Year: 2007 × json × Sorted by date
[Release] CouchDB 0.7.0. This is a huge milestone for the project—it’s the first official release to include the JSON REST API instead of XML, and it’s also the first release that is “intended for widespread use”.
CouchDB first impressions. Jacob’s been poking at CouchDB. Inserting data is slow, but everything else looks pretty slick considering how recently the JSON / JavaScript views functionality was added.
hasAccount. Stuart proposes a light-weight API for letting any site know if a user has an account (and is signed in) on another service. I wouldn’t want to deploy this without being confident that my CSRF protection was in order.
How should JSON strings be represented in Erlang? Erlang’s poor support for strings makes this a surprisingly tricky question.
CouchDB: Thinking beyond the RDBMS. CouchDB is a fascinating project—an Erlang powered non-relational database with a JSON API that lets you define “views” (really computed tables) based on JavaScript functions that execute using map/reduce. Damien Katz, the main developer currently works for MySQL and used to work on Lotus Notes.
Freebase developer documentation. The JSON API and particularly the query language are fascinating.
Cabochon event server. Written in Python (on top of SQLObject and Paste), uses JSON for messages, allows event consumers to subscribe with a callback URL.
JSON and Browser Security. Douglas Crockford suggests using secret tokens to protect JSON content, and avoiding wrapper hacks to protect unauthorised JSON delivery as they may fall foul of undiscovered browser bugs in the future.
XML and JSON. James Clark on JSON’s strengths and weaknesses compared to XML.
Fortify JavaScript Hijacking FUD. Bob Ippolito points out the flaws in the recent widely disseminated JavaScript Hijacking paper. While the paper does miss some important details, it’s good that more people are now aware of the security implications involved in serving JSON up wrapped in an array.
Triplr. Ultra simple GET-based web service for converting RSS / Atom / RDF / Microformats+GRDDL to HTML / ntriples / RDF / RSS / JSON / Turtle. Small pieces, loosely joined.
JSON and JSON-RPC for Erlang. Nice example of using lists:reverse and an accumulator to efficiently build a string in reverse order.
Security; AJAX; JSON; Satisfaction. The JSON attack I linked to earlier only works against raw arrays, which technically aren’t valid JSON anyway.
JSON is not as safe as people think it is. Joe Walker reminds us that even authenticated JSON served without a callback or variable assignment is vulnerable to CSRF in Firefox, thanks to that browser letting you redefine the Array constructor.
json-taglib. Because JSON just doesn’t have enough angle brackets.
Safe JSON (via) Subtle but important point about JSON APIs: you shouldn’t use a callback or variable assignment for JSON incorporating private user data, especially if it’s at a predictable URL.
Badge Any RSS Feed With Yahoo! Pipes. Smart hack from Kent Brewster. Uses Yahoo! Pipes’ JSON output plus a few lines of JavaScript to create a badge from any RSS feed.
Apache Solr 1.1. Solr is the search Web Service built on top of Lucene. The latest release introduces JSON, Python and Ruby response formats in addition to XML.
Why doesn’t Python have more data format readers in the stdlib? I for one would love to see simplejson included in the standard library, with or without a C implementation.