This project has moved. For the latest updates, please go here.


JsonConvert.DeserializeObject not parsing escape quote to RFC standards


Item text is : #L \"Apocalypse Leather Armor Boots\" \"245967\"
the output in the object renders as

L \"Apocalypse Leather Armor Boots\" \"245967\"

It doesn't conform to standards where quotes are escaped with the \ before the quote.
The output should render:

L "Apocalypse Leather Armor Boots" "245967"

which conforms to RFC standards.
Just thought I would let you know. There is a lot of data that out there that uses these methods.
Closed Mar 5, 2013 at 7:56 AM by JamesNK
I tested your example and it is not including the \ escape characters.


JamesNK wrote Feb 25, 2013 at 2:00 AM

Sorry, I don't understand your example and this is a very commonly used piece of functionality so I'm unsure how you are the first person to spot it after all these years. Could you post a code example?

** Closed by JamesNK 2/23/2013 8:52 PM

Kilmanagh wrote Feb 25, 2013 at 2:00 AM

I really like your product but you should have asked me questions instead of closing this issue because it is a serious fundamental problem.
Goto the URL:

You will get an output of:
{"recipe_id":"12","recipe_name":"Apocalypse Leather Armors","recipe_text":"#C16------------------------------\r\n#C12Ingredients #C20\r\n#C16------------------------------\r\n\r\na piece of Leather Armor\r\n( ie #L \"Enhanced Leather Armor Boots\" \"85644\" )\r\n\r\n\r\n#L \"Hacker Tool\" \"87814\"\r\n\r\n\r\n#L \"Clanalizer\" \"208313\"\r\n\r\n\r\n#C16------------------------------\r\n#C12Recipe #C16\r\n#C16------------------------------#C20\r\n\r\nHacker Tool\r\n#C15+#C20\r\na piece of Leather Armor\r\n#C15=#C20\r\n\r\na piece of Hacked Leather Armor\r\n( ie : #L \"Hacked Leather Armor Boots\" \"245979\" )\r\n#C16Skills: | BE |#C20\r\n\r\n#C14------------------------------#C20\r\n\r\nClanalizer\r\n#C15+#C20\r\na piece of Hacked Leather Armor\r\n#C15=#C20\r\n\r\na piece of Apocalypse Leather Armor\r\n( ie : #L \"Apocalypse Leather Armor Boots\" \"245966\" )\r\n#C16Skills: | ?? |#C20\r\n\r\n#C16------------------------------\r\n#C12Details#C16\r\n#C16------------------------------#C20\r\n\r\n#L \"Apocalypse Leather Armor Boots\" \"245967\"\r\n#L \"Apocalypse Leather Armor Gloves\" \"245969\"\r\n#L \"Apocalypse Leather Armor Helmet\" \"245975\"\r\n#L \"Apocalypse Leather Armor Pants\" \"245971\"\r\n#L \"Apocalypse Leather Armor Sleeves\" \"245973\"\r\n#L \"Apocalypse Leather Body Armor\" \"245965\"\r\n\r\n#C16------------------------------\r\n#C12Comments#C16\r\n#C16------------------------------#C20\r\n\r\nNice froob armor.. but ugleh!\r\n\r\n","recipe_author":null}

Notice the fields like \"Hacked Leather Armor Boots\" .
\" is an escape quote, when serialized properly the \'s are removed and the ouput will change to "Hacked Leather Armor Boots" with the slashes parsed out because its an escape.
paste the code into the Json validator at:

See that the json is validated. when using PHP, developers have to parse out the escapes before putting them into an object, or errors will be thrown.

Your product neatly pushes json to an object easily.. However, the downside to this function is that because your product automatically de-serializes into objects, it will error because there is no checks for escapes.

Some of the escapes are:
\b Backspace (ascii code 08)
\f Form feed (ascii code 0C)
\n New line
\r Carriage return
\t Tab
\v Vertical tab
\' Apostrophe or single quote
\" Double quote
\ Backslash character

which is not parsed removing the escapes to produce a valid object. The left hand column shows the escapes and the right side displays what needs to be replaced.. So \" should render as " (with no backslashes).

I am trying to help you with your product. There is no function that I am aware of where escapes can be properly removed before being pushed to the object, Please try that link and you will see that it will error when moving to an object.

To save you time, the class will look like this:
public class RootObject
public string recipe_id { get; set; }
public string recipe_name { get; set; }
public string recipe_text { get; set; }
public object recipe_author { get; set; }
Thank you...

wrote Feb 25, 2013 at 2:01 AM

Kilmanagh wrote Feb 25, 2013 at 1:32 PM

I just found an article that explains everything. Is there anyway you can incorporate this function into your library?
I am sure you can do a better job than the examples there, After getting the json data.... ie var = example... then using an optional class to parse out escape characters... then assign the new reformatted strings to render with your deserialize function? Some of the escapes probable wont be needed, like the /n /r.. but that would be up to you..

Kilmanagh wrote Feb 25, 2013 at 3:58 PM

What would you like an example of? The Json is listed above? Or do you mean the code that some people use to remove the escapes?
I discovered it because I work with a large group of open source developers that among other things, use data services such as XML, JSON. I am the only one that is using c# and because exists, I am able to switch most of my data retrievals to json instead of XML. They are using RFM standards that allow escapes into their json code. These escapes need to be parsed and rendered before attempting to move them into objects, It is becoming more and more popular with the rise of json.

wrote Mar 5, 2013 at 7:56 AM

wrote May 16, 2013 at 1:36 PM

ajolson wrote Sep 9, 2014 at 2:08 PM

I'm not sure why this issue is marked as low impact. The library is not parsing JSON properly. This is a nice tool but not handling escape chars properly is a critical issue.

Many sites that produce JSON do not follow the standard so it does not supprise me that you have not heard from other users.