Re: jsonb, unicode escapes and escaped backslashes

On Thu, Jan 29, 2015 at 10:09 PM, Stephen Frost <sfrost(at)snowman(dot)net> wrote:
> * Robert Haas (robertmhaas(at)gmail(dot)com) wrote:
>> On Thu, Jan 29, 2015 at 5:30 PM, Andrew Dunstan <andrew(at)dunslane(dot)net> wrote:
>> > jsonb stores string values as postgres text values, with the unicode escapes
>> > resolved, just as it also resolves numbers and booleans into their native
>> > representation. If you want the input perfectly preserved, use json, not
>> > jsonb. I think that's made pretty clear in the docs.
>> >
>> > so text->jsonb->text is not and has never been expected to be a noop.
>>
>> If you can't store text in a jsonb object and get it back out again,
>> it doesn't seem like a very useful data type.
>
> Hrm. That sentence strikes me as slightly confused.
>
> You *can* store text in a jsonb object and get it back out again,
> however, that's not the same as taking a JSON structure which is
> represented as text, converting it to jsonb, and then converting it back
> into a text representation.

I understand Andrew to be saying that if you take a 6-character string
and convert it to a JSON string and then back to text, you will
*usually* get back the same 6 characters you started with ... unless
the first character was \, the second u, and the remainder hexadecimal
digits. Then you'll get back a one-character string or an error
instead. It's not hard to imagine that leading to surprising
behavior, or even security vulnerabilities in applications that aren't
expecting such a translation to happen under them.

--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company