Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle JSON files whose toplevel is an object with an items key #146

Closed
ustun opened this issue Mar 27, 2013 · 2 comments
Closed

Handle JSON files whose toplevel is an object with an items key #146

ustun opened this issue Mar 27, 2013 · 2 comments

Comments

@ustun
Copy link

ustun commented Mar 27, 2013

Currently, the jsons loaded are expected to be an array of datums. Some proponents think that this is dangerous and the top level things in a json should only be an object.

We could support both by checking whether the data is an object or array, and whether it has an 'items' key if it is an object, and iterating over data['items'] instead of data.

Actually this seems to be an ancient issue, but some frameworks like Flask by default refuse to return a json response with an array only.

See http://incompleteness.me/blog/2007/03/05/json-is-not-as-safe-as-people-think-it-is/ and http://flask.pocoo.org/docs/security/#json-security
pallets/flask#510
@jharding
Copy link
Contributor

You can already achieve something like this by using filter:

$('.typeahead').typeahead({
  prefetch: {
    url: 'http://madeup.com/notanarray',
    filter: function(resp) { return resp.items; }
  }
});

@ustun
Copy link
Author

ustun commented Mar 27, 2013

Oh, sorry, hadn't noticed that. Closing it then.

@ustun ustun closed this as completed Mar 27, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ustun @jharding