From a6525588b7c21fd8539e9a43ec9c5c245ed1cc91 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Fri, 6 Mar 2020 14:17:43 -0500 Subject: Allow Unicode escapes in any server encoding, not only UTF-8. SQL includes provisions for numeric Unicode escapes in string literals and identifiers. Previously we only accepted those if they represented ASCII characters or the server encoding was UTF-8, making the conversion to internal form trivial. This patch adjusts things so that we'll call the appropriate encoding conversion function in less-trivial cases, allowing the escape sequence to be accepted so long as it corresponds to some character available in the server encoding. This also applies to processing of Unicode escapes in JSONB. However, the old restriction still applies to client-side JSON processing, since that hasn't got access to the server's encoding conversion infrastructure. This patch includes some lexer infrastructure that simplifies throwing errors with error cursors pointing into the middle of a string (or other complex token). For the moment I only used it for errors relating to Unicode escapes, but we might later expand the usage to some other cases. Patch by me, reviewed by John Naylor. Discussion: https://postgr.es/m/2393.1578958316@sss.pgh.pa.us --- doc/src/sgml/json.sgml | 19 +++++---- doc/src/sgml/syntax.sgml | 100 ++++++++++++++++++++++------------------------- 2 files changed, 55 insertions(+), 64 deletions(-) (limited to 'doc/src') diff --git a/doc/src/sgml/json.sgml b/doc/src/sgml/json.sgml index 1b6aaf0a558..a9c68c78ea5 100644 --- a/doc/src/sgml/json.sgml +++ b/doc/src/sgml/json.sgml @@ -61,8 +61,8 @@ - PostgreSQL allows only one character set - encoding per database. It is therefore not possible for the JSON + RFC 7159 specifies that JSON strings should be encoded in UTF8. + It is therefore not possible for the JSON types to conform rigidly to the JSON specification unless the database encoding is UTF8. Attempts to directly include characters that cannot be represented in the database encoding will fail; conversely, @@ -77,13 +77,13 @@ regardless of the database encoding, and are checked only for syntactic correctness (that is, that four hex digits follow \u). However, the input function for jsonb is stricter: it disallows - Unicode escapes for non-ASCII characters (those above U+007F) - unless the database encoding is UTF8. The jsonb type also + Unicode escapes for characters that cannot be represented in the database + encoding. The jsonb type also rejects \u0000 (because that cannot be represented in PostgreSQL's text type), and it insists that any use of Unicode surrogate pairs to designate characters outside the Unicode Basic Multilingual Plane be correct. Valid Unicode escapes - are converted to the equivalent ASCII or UTF8 character for storage; + are converted to the equivalent single character for storage; this includes folding surrogate pairs into a single character. @@ -96,9 +96,8 @@ not jsonb. The fact that the json input function does not make these checks may be considered a historical artifact, although it does allow for simple storage (without processing) of JSON Unicode - escapes in a non-UTF8 database encoding. In general, it is best to - avoid mixing Unicode escapes in JSON with a non-UTF8 database encoding, - if possible. + escapes in a database encoding that does not support the represented + characters. @@ -144,8 +143,8 @@ string text - \u0000 is disallowed, as are non-ASCII Unicode - escapes if database encoding is not UTF8 + \u0000 is disallowed, as are Unicode escapes + representing characters not available in the database encoding number diff --git a/doc/src/sgml/syntax.sgml b/doc/src/sgml/syntax.sgml index c908e0bc399..e1348777982 100644 --- a/doc/src/sgml/syntax.sgml +++ b/doc/src/sgml/syntax.sgml @@ -189,6 +189,23 @@ UPDATE "my_table" SET "a" = 5; ampersands. The length limitation still applies. + + Quoting an identifier also makes it case-sensitive, whereas + unquoted names are always folded to lower case. For example, the + identifiers FOO, foo, and + "foo" are considered the same by + PostgreSQL, but + "Foo" and "FOO" are + different from these three and each other. (The folding of + unquoted names to lower case in PostgreSQL is + incompatible with the SQL standard, which says that unquoted names + should be folded to upper case. Thus, foo + should be equivalent to "FOO" not + "foo" according to the standard. If you want + to write portable applications you are advised to always quote a + particular name or never quote it.) + + Unicode escape in identifiers @@ -230,7 +247,8 @@ U&"d!0061t!+000061" UESCAPE '!' The escape character can be any single character other than a hexadecimal digit, the plus sign, a single quote, a double quote, or a whitespace character. Note that the escape character is - written in single quotes, not double quotes. + written in single quotes, not double quotes, + after UESCAPE. @@ -239,32 +257,18 @@ U&"d!0061t!+000061" UESCAPE '!' - The Unicode escape syntax works only when the server encoding is - UTF8. When other server encodings are used, only code - points in the ASCII range (up to \007F) can be - specified. Both the 4-digit and the 6-digit form can be used to + Either the 4-digit or the 6-digit escape form can be used to specify UTF-16 surrogate pairs to compose characters with code points larger than U+FFFF, although the availability of the 6-digit form technically makes this unnecessary. (Surrogate - pairs are not stored directly, but combined into a single - code point that is then encoded in UTF-8.) + pairs are not stored directly, but are combined into a single + code point.) - Quoting an identifier also makes it case-sensitive, whereas - unquoted names are always folded to lower case. For example, the - identifiers FOO, foo, and - "foo" are considered the same by - PostgreSQL, but - "Foo" and "FOO" are - different from these three and each other. (The folding of - unquoted names to lower case in PostgreSQL is - incompatible with the SQL standard, which says that unquoted names - should be folded to upper case. Thus, foo - should be equivalent to "FOO" not - "foo" according to the standard. If you want - to write portable applications you are advised to always quote a - particular name or never quote it.) + If the server encoding is not UTF-8, the Unicode code point identified + by one of these escape sequences is converted to the actual server + encoding; an error is reported if that's not possible. @@ -427,25 +431,11 @@ SELECT 'foo' 'bar'; It is your responsibility that the byte sequences you create, especially when using the octal or hexadecimal escapes, compose - valid characters in the server character set encoding. When the - server encoding is UTF-8, then the Unicode escapes or the + valid characters in the server character set encoding. + A useful alternative is to use Unicode escapes or the alternative Unicode escape syntax, explained - in , should be used - instead. (The alternative would be doing the UTF-8 encoding by - hand and writing out the bytes, which would be very cumbersome.) - - - - The Unicode escape syntax works fully only when the server - encoding is UTF8. When other server encodings are - used, only code points in the ASCII range (up - to \u007F) can be specified. Both the 4-digit and - the 8-digit form can be used to specify UTF-16 surrogate pairs to - compose characters with code points larger than U+FFFF, although - the availability of the 8-digit form technically makes this - unnecessary. (When surrogate pairs are used when the server - encoding is UTF8, they are first combined into a - single code point that is then encoded in UTF-8.) + in ; then the server + will check that the character conversion is possible. @@ -524,16 +514,23 @@ U&'d!0061t!+000061' UESCAPE '!' - The Unicode escape syntax works only when the server encoding is - UTF8. When other server encodings are used, only - code points in the ASCII range (up to \007F) - can be specified. Both the 4-digit and the 6-digit form can be - used to specify UTF-16 surrogate pairs to compose characters with - code points larger than U+FFFF, although the availability of the - 6-digit form technically makes this unnecessary. (When surrogate - pairs are used when the server encoding is UTF8, they - are first combined into a single code point that is then encoded - in UTF-8.) + To include the escape character in the string literally, write + it twice. + + + + Either the 4-digit or the 6-digit escape form can be used to + specify UTF-16 surrogate pairs to compose characters with code + points larger than U+FFFF, although the availability of the + 6-digit form technically makes this unnecessary. (Surrogate + pairs are not stored directly, but are combined into a single + code point.) + + + + If the server encoding is not UTF-8, the Unicode code point identified + by one of these escape sequences is converted to the actual server + encoding; an error is reported if that's not possible. @@ -546,11 +543,6 @@ U&'d!0061t!+000061' UESCAPE '!' parameter is set to off, this syntax will be rejected with an error message. - - - To include the escape character in the string literally, write it - twice. - -- cgit v1.2.3