toJson causes encoding of utf-8 characters

[avatarofhope2]

Summary of problem or feature request

When selecting data with valid utf-8 characters, the JsonResponse html encodes the data. I can disable this by using the rawColumns method, but I do want it to escape html specific things, just not normal characters that would not have an impact on xss. I think that maybe characters like ' (' or U+0027) should maybe be unmangled by default. My apologies if I've overlooked something or this has been addresses since version 8. I searched around in the issues, and while I did find some issues related to this, I didn't spot anything specific to this issue.

Code snippet of problem

return DataTables::eloquent(MyModel::select())->toJson();

data that shows the issue: "COEUR-D'ALENE" is returned as "COEUR-D'ALENE-ID"

System details

• Centos 7
• PHP 7.2
• 5.6
• 8

[yajra]

I think you need to use rawColumns?

[avatarofhope2]

I am using rawColumns, but it could be a security issue, if the column data could contain html/javascript, right? I'm trying to establish a difference between utf-8 and html when it comes to encoding data from the database.

[yajra]

Yes, rawColumns will also allow the js script. Maybe try using the column.render api.

[avatarofhope2]

I appreciate the thought, but I tend to re-use these APIs for more than just datatables front-ends, so I'd prefer to get just the exact utf-8 data as-is, except if there is html/js which could pose a security risk.

[github-actions[bot]]

This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 7 days.

[github-actions[bot]]

This issue was closed because it has been inactive for 7 days since being marked as stale.