Pickle or json?

python json pickle
Juanjo Conti picture Juanjo Conti · Feb 13, 2010 · Viewed 84.4k times · Source

I need to save to disk a little dict object whose keys are of the type str and values are ints and then recover it. Something like this:

{'juanjo': 2, 'pedro':99, 'other': 333}

What is the best option and why? Serialize it with pickle or with simplejson?

I am using Python 2.6.

Answer

Mike Graham picture Mike Graham · Feb 13, 2010

I prefer JSON over pickle for my serialization. Unpickling can run arbitrary code, and using pickle to transfer data between programs or store data between sessions is a security hole. JSON does not introduce a security hole and is standardized, so the data can be accessed by programs in different languages if you ever need to.

Related questions

Serializing class instance to JSON

I am trying to create a JSON string representation of a class instance and having difficulty. Let's say the class is built like this: class testclass: value1 = "a" value2 = "b" A call to the json.dumps is made like this: …

Read More
Storing Python dictionaries

I'm used to bringing data in and out of Python using CSV files, but there are obvious challenges to this. Are there simple ways to store a dictionary (or sets of dictionaries) in a JSON or pickle file? For example: …

Read More
Pickle is refusing to serialize content with celery reporting ContentDisallowed: Refusing to deserialize untrusted content of type pickle

I am trying to put some python object mostly json serializable except datetime.datetime in rabbitmq queue and so using pickle to serialize. celery_config file: CELERY_TASK_SERIALIZER = 'pickle' CELERY_RESULT_SERIALIZER = 'pickle' It is throwing an exception saying: …

Read More