Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:118490 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 44959 invoked from network); 26 Aug 2022 09:15:22 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 26 Aug 2022 09:15:22 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id D48B11804D0 for ; Fri, 26 Aug 2022 02:15:20 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_ENVFROM_END_DIGIT, FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2 X-Spam-ASN: AS15169 209.85.128.0/17 X-Spam-Virus: No X-Envelope-From: Received: from mail-ed1-f46.google.com (mail-ed1-f46.google.com [209.85.208.46]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Fri, 26 Aug 2022 02:15:20 -0700 (PDT) Received: by mail-ed1-f46.google.com with SMTP id b16so1348526edd.4 for ; Fri, 26 Aug 2022 02:15:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc; bh=A+FcZWhslECUL2/S7UJ5KWq4P+iCp9hEhuSHJueLR/o=; b=qwBoK2ObEpLIJ6IsGat6b81KkekHFUZyEgmdzm8eylTfiurabhe6mgZpvxmC4I+BpR 9zKfNmXmtEqqPmjr0Sae7HrZg08P6wcRVSvJYtNeLZ6yWpwLuIF5n6TkaGKrHP/2TLUn Gcd31O62CfUBYdppPzO9WomO60F3PbX71sXsAzE7LfOtRN5bmi5vR2MY5x+HGi1ZJdUj DE0jPiVv329o+WLvx/bDxrTh3TG/W13CR6PSzilCBsN9xeW36DrJbE7KHG5RwbJc70k6 PQ9QF10BqeNeQDqNCR93gXWVPrrM+XQuKYd/ScbdSCHen9rJjdYzzQynGs2i+BSQYgXw oI1A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc; bh=A+FcZWhslECUL2/S7UJ5KWq4P+iCp9hEhuSHJueLR/o=; b=f7ezGk8Eorv/dEAEn3JXqRWEthLUwwuJ64wt6CkI/w7RMWa3ihB0gioTMtI9PDMhDC h2Bos2XqwqZ7Bg6XBAcDA2pz+skTizbFO7sEQ0EUzhwt/H7m7jMdrWImFR2s+9kDH+Xm BVaNh0QekrrFmL4Z3wdfH6s6fBlb9K/4clg6B6a0jVfOYb088I/LFhR9uXOrEcrhoIl5 1pl4zrEMxSqo2sRSrNQhduCBsQN+UKTPkI/WmDB+iPXVLPMp9rXsiViyyL7+MnXblNxo V+HK5HmE+XoF26JQj6XTE0raJ3MTkSJf+6xobhsXGvF1XyO/HfpX2tFn5/dSIIPW1p8b xXYg== X-Gm-Message-State: ACgBeo0HuBTPKCAeTQpd9Jr1izxetfscIIkppONzP0CwSSSLDPcmO9Vh N8XfliAbu9YiztgxFjCdED0KQc3sbTDpS61FktU= X-Google-Smtp-Source: AA6agR4LB0ENXjbdsVJ8KtIhxJXiV4sHpE5UyBXo1nYP6Qrvt1iEss9ZE5rP9tNMv5EppZssg7gbkSaLPMw67YqxNeI= X-Received: by 2002:a05:6402:ea1:b0:443:d90a:5d31 with SMTP id h33-20020a0564020ea100b00443d90a5d31mr6096285eda.121.1661505319272; Fri, 26 Aug 2022 02:15:19 -0700 (PDT) MIME-Version: 1.0 References: <8D53AD5B-7CFC-4820-9EE4-FEB365D327A8@woofle.net> In-Reply-To: Date: Fri, 26 Aug 2022 11:14:42 +0200 Message-ID: To: =?UTF-8?Q?Micha=C5=82_Marcin_Brzuchalski?= Cc: Dusk , David Gebler , juan carlos morales , PHP Internals List Content-Type: multipart/alternative; boundary="00000000000059061705e7215a49" Subject: Re: [PHP-DEV] RFC json_validate() - status: Under Discussion From: divinity76@gmail.com (Hans Henrik Bergan) --00000000000059061705e7215a49 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable quote > you can't efficiently validate JSON in userland Has anyone actually put that claim to the test? Has anyone actually made a userland json validator (not just wrap json_decode()/json_last_error()) for performance comparison? ( if not, https://www.json.org/JSON_checker/JSON_checker.c would probably be a good start) On Fri, 26 Aug 2022 at 11:00, Micha=C5=82 Marcin Brzuchalski < michal.brzuchalski@gmail.com> wrote: > Hi Dusk, > > pt., 26 sie 2022 o 08:17 Dusk napisa=C5=82(a): > > > On Aug 25, 2022, at 21:47, Micha=C5=82 Marcin Brzuchalski < > > michal.brzuchalski@gmail.com> wrote: > > > The same goes here and I'm not convinced we should introduce next sma= ll > > function that can be simply implemented in user land. > > > > What "simple implementation in userland" do you have in mind? Can you > > provide an example? > > > > json_decode() is not an acceptable substitute here -- as David Gebler h= as > > observed, decoding a large JSON structure can have a significant impact > on > > memory usage, even if the data is immediately discarded. Any > implementation > > based on string processing, on the other hand, is likely to be > dramatically > > slower, and may have subtle differences in behavior from PHP's JSON > parser. > > > A `json_decode()` is a substitute that IMO solves 99% of use cases. > If I'd follow your logic and accept every small addition that handles 1% = of > use cases, somebody will raise another RFC > for simplexml_validate_string or yaml_validate and the next > PhpToken::validate. > All above can be valid if we trust that people normally validate 300MB > payloads to do nothing if they DON'T fail and there is nothing strange > about that. > > Cheers, > --00000000000059061705e7215a49--