Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

why is embedding JSON in XML bad? [closed]

Tags:

json

language-agnostic

format

xml

My gut tells me that putting one format in another is wrong, but I can't seem to come up with concrete reasons. 

<root>
 <stuff>
  thing
 </stuff>
 <more>
  <[!CDATA[{"a":["b","c"]}]]>
 </more>
</root>

versus just putting it in the xml

<root>
 <stuff>
  thing
 </stuff>
 <more>
  <a>
   b
  </a>
  <a>
   c
  </a>
 </more>
</root>

The two sections are logically going to be parsed by different code, but as an interchange format, is it ok to mix and match syntax?

Does your answer change if we have an existing endpoint that parses the JSON response? We would have to recode this endpoint for XML ingestion.

like image 945
Paul Tarjan Avatar asked Jul 23 '09 00:07

Paul Tarjan

People also ask

Can you use JSON in XML?

JavaScript Object Notation This is generally true, but data can be compressed and formatted in such a way that XML and JSON are similar. Thus, JSON and XML really are interchangeable, though many modern developers prefer to use JSON.

How do I open a JSON file in XML?

Select the JSON to XML action from the Tools > JSON Tools menu. Choose or enter the Input URL of the JSON document. Choose the path of the Output file that will contain the resulting XML document. Select the Open in Editor option to open the resulting XML document in the main editing pane.

Why JSON is less secure than XML?

XML is a better document exchange format. JSON is less secure because of absence of JSON parser in browser. If the data is in XML, you can write an XSLT template and run it over the XML to output the data into another format: HTML, SVG, plain text, comma-delimited, even JSON.

Is JSON XML safe?

XML structures are prone to some attacks as external entity expansion and DTD validation are enabled by default. When these are disabled, XML parsers are safer. JSON parsing is safe almost all the time except if JSONP is used, which can lead to Cross-Site Request Forgery (CSRF) attack.

1 Answers

As an interchange format using two formats puts extra burden on people who want to inter-operate with you. Now they need to have an XML parser and a JSON parser.

It also makes it harder for people to grok the format, as they have to mentally switch gears when thinking about different parts of your file.

Finally, you won't be able to easily do things that look at the entire structure at once. For example, you can't use XPath to grab JSON bits, nor can you treat the entire response as a JavaScript object. By mixing two formats you get a "worst of both worlds" problem when it comes to manipulating the data.

like image 74
Laurence Gonsalves Avatar answered Sep 20 '22 15:09

Laurence Gonsalves
Sign in to Comment

Related questions

How to get String representation of XmlType?
JAXB compiler is binding xs:boolean to Java Boolean wrapper class, instead of boolean primitive type
CollapsingToolbarLayout | Scrolling and layout issues 2
How to feed Boost.PropertyTree with a string, not a file?
default encoding for XML is UTF-8 or UTF-16?
The minSdk version should not be declared in the android manifest file
Removing DOM nodes when traversing a NodeList
Nokogiri to_xml without carriage returns
XDocument get XML element by the value of its name attribute
How to read CDATA in XML file with PowerShell?
PowerShell XML SelectNodes fails to process XPath
How do I add multiple namespaces to the root element with XmlDocument?
Making Xerces parse a string instead of a file
Using XSDs with includes
@XmlElementWrapper for unwrapped collections
Error parsing lifecycle processing instructions
Retrieving XML element name using t-SQL
Java API to parse XSD schema file [closed]
How to Send a body of data to XMLHttpRequest that looks like this?
Converting xml from UTF-16 to UTF-8 using PowerShell

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!