php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #78786 json_encode should have an option to disallow objects
Submitted: 2019-11-06 09:25 UTC Modified: 2019-11-06 13:14 UTC
Votes:3
Avg. Score:4.7 ± 0.5
Reproduced:2 of 3 (66.7%)
Same Version:2 (100.0%)
Same OS:2 (100.0%)
From: andre at webkr dot de Assigned:
Status: Open Package: JSON related
PHP Version: 7.3.11 OS:
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2019-11-06 09:25 UTC] andre at webkr dot de
Description:
------------
json_encode() encodes an object by treating its public properties like an array.

This is not always the desired behavior and it's difficult to detect beforehand without walking the whole input array.

Therefore it would be good if json_encode() had an option to make it refuse to encode any object (throw an exception), unless the object implements JsonSerializable.


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2019-11-06 13:14 UTC] cmb@php.net
-Package: Unknown/Other Function +Package: JSON related
 [2019-11-13 19:23 UTC] henry dot paradiz at gmail dot com
Agreed.
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Fri Dec 06 20:01:24 2019 UTC