当前位置:theitroad>Java 我应该如何转义 JSON 中的字符串?

Java 我应该如何转义 JSON 中的字符串?

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/3020094/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-08-13 15:38:46  来源:igfitidea点击:

How should I escape strings in JSON?

javajsonescaping

提问by Behrang Saeedzadeh

When creating JSON data manually, how should I escape string fields? Should I use something like Apache Commons Lang's StringEscapeUtilities.escapeHtml, StringEscapeUtilities.escapeXml, or should I use java.net.URLEncoder?

手动创建 JSON 数据时,我应该如何转义字符串字段?我应该用什么样的Apache Commons Lang中的StringEscapeUtilities.escapeHtmlStringEscapeUtilities.escapeXml或者我应该使用java.net.URLEncoder

The problem is that when I use SEU.escapeHtml, it doesn't escape quotes and when I wrap the whole string in a pair of 's, a malformed JSON will be generated.

问题是,当我使用 时SEU.escapeHtml,它不会转义引号,并且当我将整个字符串包装在一对's 中时,将生成格式错误的 JSON。

采纳答案by Thanatos

Ideally, find a JSON library in your languagethat you can feed some appropriate data structure to, and let it worry about how to escape things. It'll keep you much saner. If for whatever reason you don't have a library in your language, you don't want to use one (I wouldn't suggest this1), or you're writing a JSON library, read on.

理想情况下,用您的语言找到一个 JSON 库,您可以为其提供一些适当的数据结构,并让它担心如何转义。它会让你更加清醒。如果出于某种原因,您的语言中没有库,您不想使用(我不建议这样做),或者您正在编写 JSON 库,请继续阅读。

Escape it according to the RFC. JSON is pretty liberal: The only characters you mustescape are \, ", and control codes (anything less than U+0020).

根据 RFC 转义它。JSON是相当宽松:你唯一的字符必须逃脱是\"和控制代码(东西不是U + 0020以下)。

This structure of escaping is specific to JSON. You'll need a JSON specific function. All of the escapes can be written as \uXXXXwhere XXXXis the UTF-16 code unit1 for that character. There are a few shortcuts, such as \\, which work as well. (And they result in a smaller and clearer output.)

这种转义结构特定于 JSON。您将需要一个 JSON 特定函数。所有转义符都可以写成该字符的 UTF-16 代码单元 1\uXXXX在哪里XXXX。有一些快捷方式,例如\\,也可以使用。(它们会产生更小更清晰的输出。)

For full details, see the RFC.

有关完整详细信息,请参阅RFC

1JSON's escaping is built on JS, so it uses \uXXXX, where XXXXis a UTF-16 code unit. For code points outside the BMP, this means encoding surrogate pairs, which can get a bit hairy. (Or, you can just output the character directly, since JSON's encoded for is Unicode text, and allows these particular characters.)

1JSON 的转义是建立在 JS 之上的,所以它使用\uXXXX, whereXXXX是一个 UTF-16 代码单元。对于 BMP 之外的代码点,这意味着编码代理对,这可能有点麻烦。(或者,您可以直接输出字符,因为 JSON 的编码是 Unicode 文本,并允许这些特定字符。)

回答by Vladimir

Not sure what you mean by "creating json manually", but you can use something like gson (http://code.google.com/p/google-gson/), and that would transform your HashMap, Array, String, etc, to a JSON value. I recommend going with a framework for this.

不确定“手动创建 json”是什么意思,但您可以使用 gson(http://code.google.com/p/google-gson/)之类的东西,这会转换您的 HashMap、Array、String 等, 到一个 JSON 值。我建议为此使用一个框架。

回答by dpetruha

Try this org.codehaus.jettison.json.JSONObject.quote("your string").

试试这个org.codehaus.jettison.json.JSONObject.quote("your string")

Download it here: http://mvnrepository.com/artifact/org.codehaus.jettison/jettison

在这里下载:http: //mvnrepository.com/artifact/org.codehaus.jettison/jettison

回答by Tjunkie

I have not spent the time to make 100% certain, but it worked for my inputs enough to be accepted by online JSON validators:

我还没有花时间做出 100% 的确定,但它对我的输入有效,足以被在线 JSON 验证器接受:

org.apache.velocity.tools.generic.EscapeTool.EscapeTool().java("input")

although it does not look any better than org.codehaus.jettison.json.JSONObject.quote("your string")

虽然它看起来并不比 org.codehaus.jettison.json.JSONObject.quote("your string")

I simply use velocity tools in my project already - my "manual JSON" building was within a velocity template

我只是在我的项目中使用了速度工具 - 我的“手动 JSON”构建在速度模板中

回答by Dan-Dev

org.json.simple.JSONObject.escape() escapes quotes,\, /, \r, \n, \b, \f, \t and other control characters. It can be used to escape JavaScript codes.

org.json.simple.JSONObject.escape() 转义引号、\、/、\r、\n、\b、\f、\t 和其他控制字符。它可用于转义 JavaScript 代码。

import org.json.simple.JSONObject;
String test =  JSONObject.escape("your string");

回答by MonoThreaded

Extract From Jettison:

摘自抛弃

 public static String quote(String string) {
         if (string == null || string.length() == 0) {
             return "\"\"";
         }

         char         c = 0;
         int          i;
         int          len = string.length();
         StringBuilder sb = new StringBuilder(len + 4);
         String       t;

         sb.append('"');
         for (i = 0; i < len; i += 1) {
             c = string.charAt(i);
             switch (c) {
             case '\':
             case '"':
                 sb.append('\');
                 sb.append(c);
                 break;
             case '/':
 //                if (b == '<') {
                     sb.append('\');
 //                }
                 sb.append(c);
                 break;
             case '\b':
                 sb.append("\b");
                 break;
             case '\t':
                 sb.append("\t");
                 break;
             case '\n':
                 sb.append("\n");
                 break;
             case '\f':
                 sb.append("\f");
                 break;
             case '\r':
                sb.append("\r");
                break;
             default:
                 if (c < ' ') {
                     t = "000" + Integer.toHexString(c);
                     sb.append("\u" + t.substring(t.length() - 4));
                 } else {
                     sb.append(c);
                 }
             }
         }
         sb.append('"');
         return sb.toString();
     }

回答by Hanubindh Krishna

StringEscapeUtils.escapeJavaScript/ StringEscapeUtils.escapeEcmaScriptshould do the trick too.

StringEscapeUtils.escapeJavaScript/ 也StringEscapeUtils.escapeEcmaScript应该这样做。

回答by NS du Toit

Apache commons lang now supports this. Just make sure you have a recent enough version of Apache commons lang on your classpath. You'll need version 3.2+

Apache commons lang 现在支持这个。只需确保您的类路径上有足够新的 Apache commons lang 版本。你需要 3.2+ 版本

Release Notes for version 3.2

版本 3.2 的发行说明

LANG-797: Added escape/unescapeJson to StringEscapeUtils.

LANG-797:向 StringEscapeUtils 添加了 escape/unescapeJson。

回答by vijucat

For those who came here looking for a command-line solution, like me, cURL's --data-urlencode works fine:

对于那些来这里寻找命令行解决方案的人,像我一样,cURL 的 --data-urlencode 工作正常:

curl -G -v -s --data-urlencode 'query={"type" : "/music/artist"}' 'https://www.googleapis.com/freebase/v1/mqlread'

sends

发送

GET /freebase/v1/mqlread?query=%7B%22type%22%20%3A%20%22%2Fmusic%2Fartist%22%7D HTTP/1.1

, for example. Larger JSON data can be put in a file and you'd use the @ syntax to specify a file to slurp in the to-be-escaped data from. For example, if

, 例如。较大的 JSON 数据可以放在一个文件中,您可以使用 @ 语法来指定一个文件,以便从中获取要转义的数据。例如,如果

$ cat 1.json?
{
? "type": "/music/artist",
? "name": "The Police",
? "album": []
}

you'd use

你会用

curl -G -v -s --data-urlencode [email protected] 'https://www.googleapis.com/freebase/v1/mqlread'

And now, this is also a tutorial on how to query Freebase from the command line :-)

现在,这也是一个关于如何从命令行查询 Freebase 的教程:-)

回答by theJ

Use EscapeUtils class in commons lang API.

在 commons lang API 中使用 EscapeUtils 类。

EscapeUtils.escapeJavaScript("Your JSON string");

相关推荐

Java 将字符串转换为 AES 的 128 位密钥

Java 将字符串转换为 AES 的 128 位密钥

如何从命令行停止 Java 程序的执行?

如何从命令行停止 Java 程序的执行?

Java 连接sql server时端口号不正确

Java 连接sql server时端口号不正确

Java 消息服务 (JMS) 有什么用?

Java 消息服务 (JMS) 有什么用?

相关推荐
最近更新
标签