I have this C# object:
var obj = new {
username = "andrey",
callback = "function(self) { return function() {self.doSomething()} (this) }"
}
I need to JSON serialize it to pass to the browser in ajax call. I use JavascriptSerializer, but it serializes to the following JSON:
{"username":"andrey", "callback": "function(self) { return function() {self.doSomething()} (this) }"}
but what I need is:
{"username":"andrey", "callback": function(self) { return function() {self.doSomething()} (this) }}
- no quotes around function definition.
Right now, when the JSON object gets to the browser and is created, the 'callback' parameter is not a function but a string. Any idea how to fix it, preferably on the server side?
This behavior is deliberate. JSON should not include anything that is not data -- in your case an executable function. The browser will be opening up to huge security risks if data can come back from a server in JSON format that, when executed, will run arbitrary functions (that can steal info, redirect the user to a malicious site etc.)
Early implementations of JSON rely on the fact that data returned back can be simply executed via eval() to get back an object. However, people almost immediately realized that this opens up huge security risks and have been trying to handle it since. That's why, before the standardized JSON object, people stopped putting raw JSON data into eval() and used JSON parsing libraries instead.
The JSON object will always serialize an object into data only. This is by design. THe standardized JSON format has no way to represent an executable function.
Now, you can easily convert that callback on a browser into a function by passing it through to eval(). However, don't do it. You're just opening yourself up for hacking.
On the server side, modern browsers are designed to prevent this exact thing from happening -- i.e. data being sent from a browser that contains an executable function.
I was trying to accomplish something similar.
In my case I was using MVC Razor syntax trying to generate a json object with a function passed in using the @<text> syntax.
I was able to get the desired output using the Json.net library (using JsonConvert and JRaw).
Example:
// set the property value using JRaw
var obj = new {
username = "andrey",
callback = new JRaw("function(self) { return function() {self.doSomething()} (this) }")
}
// and then serialize using the JsonConvert class
var jsonObj = JsonConvert.SerializeObject(obj);
That should get you the json object with the function (instead of the function in a string).
Post:
How to serialize a function to json (using razor @<text>)
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 别忘想泡老子 的文章《JSON serializing an object with function parameter》','https://www.manongdao.com/article-611315.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}