Details
-
Type:
Epic
-
Status: Open
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: None
-
Labels:None
-
Epic Name:Serialization to JSON
Description
In many places we un/serialize data for various purposes, but some of these locations may be updated to use JSON instead for simplicity, readability, and security (in cases where a potentially malicious class could be provided to serialization, see http://php.net/manual/en/function.unserialize.php).
Therefore, we should make an effort to replace serialization with JSON where it makes sense to do so. One of these locations is database logging, particularly module/gateway logs where we receive input from an API (or perhaps a malicious user).
- Update modules and gateways to use json_encode and json_decode instead of serialization for logging certain data where appropriate
- This should be done with backward-compatibility in mind
Issue Links
- relates to
-
CORE-2956
Split database logs to adhere to character limitations
-
- Closed
-
Issues in Epic
CORE-2943
Serialization to JSON
true
CORE-2943
Serialization to JSON
