343 Matching Annotations
  1. Nov 2023
  2. Oct 2023
  3. Sep 2023
  4. Aug 2023
    1. application/xml: data-size: XML very verbose, but usually not an issue when using compression and thinking that the write access case (e.g. through POST or PUT) is much more rare as read-access (in many cases it is <3% of all traffic). Rarely there where cases where I had to optimize the write performance existence of non-ascii chars: you can use utf-8 as encoding in XML existence of binary data: would need to use base64 encoding filename data: you can encapsulate this inside field in XML application/json data-size: more compact less that XML, still text, but you can compress non-ascii chars: json is utf-8 binary data: base64 (also see json-binary-question) filename data: encapsulate as own field-section inside json
  5. Jul 2023
    1. If the JSON o

      نکته خیلی مهمی که میگه اینه که حتما باید Value ها حاوی کلید باشند مگرنه به مشکل میخوره

    2. request.get_json()

      چه تابع جالبی که میاد اطلاعات JSON را به Python تبدیل می کند

    3. s:

      قوانین تبدیل JSON به Python dict: اولا اگر در Json حالت Key و Value داشته باشد، در پایتون به صورت Dictionary است. دوما آرایه در Json به List در پایتون تبدیل می شود. سوما Value هایی که داخل " " باشد به Sting در پایتون تبدیل می شود. چهارما باحاله نگاه کن :) پنجما اعدادی که " " نداشته باشد به اعداد تبدیل می شود.

    4. In P

      هر وقت اسم JSON پیش می اید نام POSTMAN می درخشد

    5. Usin

      حالا رفت سراغ Json چون خیلی بهتر از Query String و Form Data براد اطلاعات را میفرسته. برای اطلاعات پیچیده تر بهتر است.

  6. May 2023
  7. Apr 2023
  8. Mar 2023
    1. Exactly my thoughts on the matter! I'm coming from XML SOAP background and concept of schema just got into my blood and JSON documents rather don't announce their schema. To me it's whether server "understands" the request or not. If server doesn't know what "sales_tax" is then it's simply 400: "I have no idea what you sent me but definitely not what I want.".
    1. Pitfall #1: Server-Side Rendering Attacker-Controlled Initial State

      ```html

      <script>window.__STATE__ = ${JSON.stringify({ data })}</script>

      ```

    1. One option is to use the serialize-javascript NPM module to escape the rendered JSON.

      html { username: "pwned", bio: "</script><script>alert('XSS Vulnerability!')</script>" }

    2. This is risky because JSON.stringify() will blindly turn any data you give it into a string (so long as it is valid JSON) which will be rendered in the page. If { data } has fields that un-trusted users can edit like usernames or bios, they can inject something like this:

      json { username: "pwned", bio: "</script><script>alert('XSS Vulnerability!')</script>" }

    3. Sometimes when we render initial state, we dangerously generate a document variable from a JSON string. Vulnerable code looks like this:

      ```html

      <script>window.__STATE__ = ${JSON.stringify({ data })}</script>

      ```

  9. Feb 2023
    1. <table><tbody><tr class="evn"><td> XPath </td><td> JSONPath </td><td> Description </td></tr> <tr class="odd"><td> / </td><td> $ </td><td class="lft">the root object/element </td></tr> <tr class="evn"><td> . </td><td> @ </td><td class="lft">the current object/element </td></tr> <tr class="odd"><td> / </td><td> . or [] </td><td class="lft">child operator </td></tr> <tr class="evn"><td> .. </td><td> n/a </td><td class="lft">parent operator </td></tr> <tr class="odd"><td> // </td><td> .. </td><td class="lft">recursive descent. JSONPath borrows this syntax from E4X. </td></tr> <tr class="evn"><td> * </td><td> * </td><td class="lft">wildcard. All objects/elements regardless their names. </td></tr> <tr class="odd"><td> @ </td><td> n/a </td><td class="lft">attribute access. JSON structures don't have attributes. </td></tr> <tr class="evn"><td> [] </td><td> [] </td><td class="lft">subscript operator. XPath uses it to iterate over element collections and for predicates. In Javascript and JSON it is the native array operator. </td></tr> <tr class="odd"><td> | </td><td> [,] </td><td class="lft">Union operator in XPath results in a combination of node sets. JSONPath allows alternate names or array indices as a set. </td></tr> <tr class="evn"><td> n/a </td><td> [start:end:step] </td><td class="lft">array slice operator borrowed from ES4. </td></tr> <tr class="odd"><td> [] </td><td> ?() </td><td class="lft">applies a filter (script) expression. </td></tr> <tr class="evn"><td> n/a </td><td> () </td><td class="lft">script expression, using the underlying script engine. </td></tr> <tr class="odd"><td> () </td><td> n/a </td><td class="lft">grouping in Xpath </td></tr></tbody></table>
  10. Jan 2023
    1. console $ curl -LH "Accept: application/vnd.schemaorg.ld+json" https://doi.org/10.5438/4K3M-NYVG { "@context": "http://schema.org", "@type": "ScholarlyArticle", "@id": "https://doi.org/10.5438/4k3m-nyvg", "url": "https://blog.datacite.org/eating-your-own-dog-food/", "additionalType": "BlogPosting", "name": "Eating your own Dog Food", "author": { "name": "Martin Fenner", "givenName": "Martin", "familyName": "Fenner", "@id": "https://orcid.org/0000-0003-1419-2405" }, "description": "Eating your own dog food is a slang term to describe that an organization should itself use the products and services it provides. For DataCite this means that we should use DOIs with appropriate metadata and strategies for long-term preservation for...", "license": "https://creativecommons.org/licenses/by/4.0/legalcode", "version": "1.0", "keywords": "datacite, doi, metadata, FOS: Computer and information sciences", "inLanguage": "en", "dateCreated": "2016-12-20", "datePublished": "2016-12-20", "dateModified": "2016-12-20", "isPartOf": { "@id": "https://doi.org/10.5438/0000-00ss", "@type": "CreativeWork" }, "citation": [ { "@id": "https://doi.org/10.5438/0012", "@type": "CreativeWork" }, { "@id": "https://doi.org/10.5438/55e5-t5c0", "@type": "CreativeWork" } ], "schemaVersion": "http://datacite.org/schema/kernel-4", "periodical": { "@type": "Series", "identifier": "10.5438/0000-00SS", "identifierType": "DOI" }, "publisher": { "@type": "Organization", "name": "DataCite" }, "provider": { "@type": "Organization", "name": "datacite" } }

    1. The usefulness of JSON is that while both systems still need to agree on a custom protocol, it gives you an implementation for half of that custom protocol - ubiquitous libraries to parse and generate the format, so the application needs only to handle the semantics of a particular field.

      To be clear: when PeterisP says parse the format, they really mean lex the format (and do some minimal checks concerning e.g. balanced parentheses). To "handle the semantics of a particular field" is a parsing concern.

  11. Dec 2022
    1. If you want to see what an activity stream looks like, and your browser renders JSON nicely, just grab a random outbox and have a look.)

      https://botsin.space/users/grigornaregatsi/outbox?page=true

    1. Of course, CSV is less flexible than JSON. It's suitable when you have a list of items with mostly the same properties, and no nested structures.
    2. At 100,000 entries, this list would be 2.4 MB (that's ~63% less than the JSON)
    3. CSV is a format that's more lightweight than JSON and super well suited to streaming.
    4. Those methods will wait until the entire response has been downloaded, and then parse it. That's because JSON is not a streaming format

      To consume JSON in a streaming way, use jq

    5. JSON is ubiquitous, more lightweight than XML but still flexible enough to represent any data structure you typically need
    1. To summarize the three options we’ve seen, as well as a streaming ijson-based solution:

      Comparison of 4 Python's JSON libraries

    1. https://micro.blog/posts/search?q=indieweb

      an alternate form for micro.blog search functionality

  12. Nov 2022
    1. The @id keyword allows you to give a node a URI. This URI identifies the node. See Node Identifiers in the JSON-LD spec. (The equivalent in Microdata is the itemid attribute, and the equivalent in RDFa Lite is the resource attribute.)
  13. Oct 2022
  14. Sep 2022
    1. pointer: type: string description: A string containing a JSON pointer to the specific field within a received JSON body that caused the problem, e.g. '/data/attributes/title' to refer to the `title` property within the `attributes` object that is a child of the top level `data` object. example: /data/attributes/title
    1. A workaround you can use is to move additionalProperties to the extending schema and redeclare the properties from the extended schema.
    2. Because additionalProperties only recognizes properties declared in the same subschema, it considers anything other than “street_address”, “city”, and “state” to be additional. Combining the schemas with allOf doesn’t change that.
    3. It’s important to note that additionalProperties only recognizes properties declared in the same subschema as itself. So, additionalProperties can restrict you from “extending” a schema using Schema Composition keywords such as allOf. In the following example, we can see how the additionalProperties can cause attempts to extend the address schema example to fail.