Why is the slash an escapable character in JSON?

json escaping specifications slash
Boldewyn picture Boldewyn · Nov 24, 2010 · Viewed 17.3k times · Source

Possible Duplicate:
JSON: why are forward slashes escaped?

json.org states, that forward slashes (aka solidus, /) can be escaped:

"\/"

However, unescaped slashes are valid, too:

"/"

What's the rational behind this? Does it come from the Javascript roots? (I.e., "</script>" is a problem in browser-based Javascript, see Douglas Crockford's comment) Or has it any other reason?

Answer

aercolino picture aercolino · Dec 29, 2010

I've just published a review of this issue on my blog. I think you are right, that's the only reason. Also note that the slash is the only standard character allowed to be escaped.

Usually JSON encoders do it wrong and escape any slash they find along the way, while only the slash in </script> should be escaped, and maybe all the ones matched by the JavaScript RegExp /<\/\w+/, for the same reason.

EDIT: fixed blog link.

Related questions

How should I escape strings in JSON?

When creating JSON data manually, how should I escape string fields? Should I use something like Apache Commons Lang's StringEscapeUtilities.escapeHtml, StringEscapeUtilities.escapeXml, or should I use java.net.URLEncoder? The problem is that when I use SEU.escapeHtml, it …

Read More
Saving utf-8 texts in json.dumps as UTF8, not as \u escape sequence

sample code: >>> import json >>> json_string = json.dumps("ברי צקלה") >>> print json_string "\u05d1\u05e8\u05d9 \u05e6\u05e7\u05dc\u05d4" The problem: it's not human readable. …

Read More
How to escape a JSON string to have it in a URL?

Using Javascript, I want to generate a link to a page. The parameters to the page are in a Javascript array that I serialize in JSON. So I would like to generate a URL like that : http://example.com/?data="…

Read More