GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
Amon2::Plugin::Web::JSON(3) User Contributed Perl Documentation Amon2::Plugin::Web::JSON(3)

Amon2::Plugin::Web::JSON - JSON plugin

    use Amon2::Lite;

    __PACKAGE__->load_plugins(qw/Web::JSON/);

    get '/' => sub {
        my $c = shift;
        return $c->render_json(+{foo => 'bar'});
    };

    __PACKAGE__->to_app();

This is a JSON plugin.

"$c->render_json(\%dat);"
Generate JSON data from "\%dat" and returns instance of Plack::Response.

status_code_field
It specify the field name of JSON to be embedded in the 'X-API-Status' header. Default is "undef". If you set the "undef" to disable this 'X-API-Status' header.

    __PACKAGE__->load_plugins(
        'Web::JSON' => { status_code_field => 'status' }
    );
    ...
    $c->render_json({ status => 200, message => 'ok' })
    # send response header 'X-API-Status: 200'
    

In general JSON API error code embed in a JSON by JSON API Response body. But can not be logging the error code of JSON for the access log of a general Web Servers. You can possible by using the 'X-API-Status' header.

How can I use JSONP?
You can use JSONP by using Plack::Middleware::JSONP.

Browse the JSON files directly.
This module escapes '<', '>', and '+' characters by "\uXXXX" form. Browser don't detects the JSON as HTML.

And also this module outputs "X-Content-Type-Options: nosniff" header for IEs.

It's good enough, I hope.

JSON Hijacking
Latest browsers doesn't have a JSON hijacking issue(I hope). __defineSetter__ or UTF-7 attack was resolved by browsers.

But Firefox<=3.0.x and Android phones have issue on Array constructor, see <http://d.hatena.ne.jp/ockeghem/20110907/p1>.

Firefox<=3.0.x was outdated. Web application developers doesn't need to add work-around for it, see <http://en.wikipedia.org/wiki/Firefox#Version_release_table>.

Amon2::Plugin::Web::JSON have a JSON hijacking detection feature. Amon2::Plugin::Web::JSON returns "403 Forbidden" response if following pattern request.

The request have 'Cookie' header.
The request doesn't have 'X-Requested-With' header.
The request contains /android/i string in 'User-Agent' header.
Request method is 'GET'

See also the hasegawayosuke's article(Japanese) <http://www.atmarkit.co.jp/fcoding/articles/webapp/05/webapp05a.html>.

HOW DO YOU CHANGE THE HTTP STATUS CODE FOR JSON?
render_json method returns instance of Plack::Response. You can modify the response object.

Here is a example code:

    get '/' => sub {
        my $c = shift;
        if (-f '/tmp/maintenance') {
            my $res = $c->render_json({err => 'Under maintenance'});
            $res->status(503);
            return $res;
        }
        return $c->render_json({err => undef});
    };
    

hasegawayosuke
2022-04-08 perl v5.32.1

Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.