This weekend I read an interesting blog post called JSON: The JavaScript subset that isn't and decided to test ColdFusion's SerializeJSON() function to see if the "bug" existed there. It does. To reproduce, you can create a .cfm page that contains the following HTML/CF code:

<script type="text/javascript">
    var test = #SerializeJSON("test" & chr(8232))#;

To "fix" the bug, you can replace SerializeJSON() with SafeSerializeJSON() like this:

<script type="text/javascript">
    var test = #SafeSerializeJSON("test" & chr(8232))#;

The SafeSerializeJSON() function looks like this:

<cffunction name="SafeSerializeJSON" output="false" access="private" returntype="string">
    <cfargument name="obj" type="any" required="true" />
    <cfargument name="serializeQueryByColumns" type="boolean" required="false" default="false" />
    <cfset var jsonOutput = SerializeJSON(arguments.obj, arguments.serializeQueryByColumns) />
    <cfset jsonOutput = Replace(jsonOutput, chr(8232), "\u2028", "all") />
    <cfset jsonOutput = Replace(jsonOutput, chr(8233), "\u2029", "all") />
    <cfreturn jsonOutput />

I've created a gist that explores the issue in slightly more detail:

Tagged with: ColdFusionJavascript