Skip to main content

scan

Function scan 

Source
pub fn scan(value: Value, options: &Options) -> Result<Option<Value>, Error>
Expand description

Walk a parsed value and apply the prototype-poisoning checks.

value is consumed and the cleaned value is returned on success. Under Action::Remove the forbidden keys are dropped from the returned value. Scalars and null are returned unchanged. Objects and arrays are walked.

Returns Ok(Some(value)) when the value is clean or only had keys removed. Returns Ok(None) when safe is on and a violation is found. Returns Error::ForbiddenProperty when a violation is found, the matching Action is Action::Error, and safe is off.

Use this when you already hold a Value and want the same checks without re-parsing. It does no JSON parsing.

§Errors

Returns Error::ForbiddenProperty on a violation under Action::Error with safe off.

§Examples

use secure_json_parse::{scan, Action, Options};
use serde_json::json;

let opts = Options::default().proto_action(Action::Remove);
let cleaned = scan(json!({"a": 1, "__proto__": {"x": 2}}), &opts)
    .unwrap()
    .unwrap();
assert_eq!(cleaned, json!({"a": 1}));