.json

JavaScript Object Notation

JSON stores structured data as UTF-8 text using six value types: strings, numbers, booleans, null, objects, and arrays. Standardized as ECMA-404 and RFC 8259, JSON is the dominant data interchange format for web APIs, configuration files, and NoSQL databases.

Learn more ↓

File structure

Header schema

Records structured data

Data Interchangeapplication/jsonUTF-8RFC 8259ECMA-4042001

By FileDex

Not convertible

Data interchange format. Conversion between data formats requires schema mapping.

Common questions

Why does JSON not support comments?

Douglas Crockford deliberately excluded comments from the JSON spec to prevent their use as parsing directives, which had caused interoperability problems in XML. Use JSONC (JSON with Comments) in VS Code or strip comments with a preprocessor before parsing.

Why does my JSON file cause a parse error with a trailing comma?

Trailing commas after the last element in an object or array are invalid JSON per ECMA-404 and RFC 8259, even though JavaScript allows them. Remove the trailing comma or use a linter like jsonlint to locate the exact position.

How do I handle large integer IDs in JSON without losing precision?

JavaScript uses IEEE 754 double-precision floats for all numbers, losing precision for integers beyond 2^53-1 (9007199254740991). Transmit large IDs as strings in JSON. Parse them with BigInt in JavaScript or equivalent arbitrary-precision types in other languages.

Should I add a UTF-8 BOM to JSON files?

No. RFC 8259 section 8.1 explicitly states that JSON text MUST NOT include a BOM. Some parsers reject JSON files with a BOM, and others treat the BOM bytes as part of the first key, causing silent corruption.

What makes .JSON special

What is a JSON file?

JSON (JavaScript Object Notation) is a lightweight, text-based data interchange format. Douglas Crockford standardized it in the early 2000s, deriving it from JavaScript object literal syntax. It uses human-readable key-value pairs and arrays, making it the dominant format for web APIs, configuration files, and data exchange between applications across virtually every programming language.

Continue reading — full technical deep dive

JSON replaced XML as the standard API format because it is less verbose, easier to parse, and maps directly to native data structures in most languages. Every major REST API and many GraphQL implementations return JSON.

How to open JSON files

Any text editor — Notepad, TextEdit, VS Code
VS Code (Windows, macOS, Linux) — Formatting, validation, IntelliSense for JSON Schema
Any web browser — Built-in JSON viewer (Firefox has the best native formatter)
jq (CLI) — Powerful command-line JSON processor and query tool
JSON Viewer (browser extension) — Pretty-prints raw JSON responses

Technical specifications

Property	Value
Encoding	UTF-8 (required by RFC 8259)
Data Types	String, Number, Boolean, Null, Object, Array
Comments	Not supported (use JSONC for comments)
Standard	ECMA-404, RFC 8259
Schema	JSON Schema (jsonschema.org) for validation
MIME type	`application/json`

Common use cases

Web APIs: REST and GraphQL response bodies
Configuration files: package.json, tsconfig.json, vercel.json, .eslintrc.json
Data storage: NoSQL databases (MongoDB, CouchDB, Firestore) store documents as JSON
Data exchange: Cross-platform data interchange between services
Localization: Translation strings in i18n frameworks

JSON structure example

{
  "name": "FileDex",
  "version": "1.0.0",
  "features": ["search", "convert", "multilingual"],
  "config": {
    "maxFileSize": 104857600,
    "supportedLocales": ["en", "ar"]
  },
  "active": true,
  "rating": null
}

JSON supports exactly six value types: strings (always double-quoted), numbers, booleans (true/false), null, objects ({}), and arrays ([]). Single quotes are invalid JSON.

JSON vs alternatives

Format	Pros	Cons
JSON	Universal, simple, fast parsers	No comments, verbose for binary
JSONC	JSON + comments (VS Code uses this)	Non-standard
YAML	Comments, less verbose	Whitespace-sensitive, parsing edge cases
TOML	Comments, typed, readable	Less universal library support
MessagePack	Binary JSON (smaller, faster)	Not human-readable

Parsing and validation

In JavaScript: JSON.parse(string) and JSON.stringify(object) are built-in. Most other languages have equivalent standard-library functions. Invalid JSON causes parse errors — common mistakes include trailing commas, single-quoted strings, and unquoted keys. Use a JSON linter or validator (jsonlint.com) to diagnose syntax errors. JSON Schema lets you validate structure and data types programmatically.

Security considerations

Never use eval() to parse JSON — it executes arbitrary JavaScript. Always use JSON.parse(). When serving user-generated data as JSON in an API, ensure the response includes the Content-Type: application/json header to prevent MIME-sniffing attacks. Avoid embedding sensitive data in JSON responses that are cached by CDNs or browsers.

.JSON compared to alternatives

.JSON compared to alternative formats
Formats	Criteria	Winner
.JSON vs .YAML	Human readability YAML uses indentation instead of braces and eliminates mandatory quoting for most strings. It also supports comments. JSON requires double-quoted keys, braces, brackets, and has no comment syntax.	YAML wins
.JSON vs .YAML	Parsing safety JSON has exactly one valid parse for any input. YAML has type coercion edge cases (e.g., 'NO' becomes boolean false, '1.0' becomes float) and whitespace sensitivity that causes subtle bugs.	JSON wins
.JSON vs .XML	Verbosity JSON represents the same data in roughly 30-50% fewer bytes than XML due to the absence of closing tags, attribute syntax, and namespace declarations.	JSON wins
.JSON vs .CSV	Nested data JSON natively represents nested objects, arrays, and mixed types. CSV is strictly two-dimensional with no standard way to encode nested structures.	JSON wins
.JSON vs .MESSAGEPACK	File size and parse speed MessagePack is a binary JSON-compatible format that is 30-50% smaller and parses faster due to length-prefixed fields. JSON is human-readable text requiring full tokenization.	MESSAGEPACK wins

Technical reference

Specs CLI Conversions Security Ecosystem

MIME Type: application/json
Developer: Douglas Crockford / Ecma International
Year Introduced: 2001
Open Standard: Yes — View specification

Binary Structure

JSON is a text format with no binary structure. Files are encoded in UTF-8 (RFC 8259 mandates UTF-8 for interchange; UTF-16 and UTF-32 were permitted by older RFC 7159 but are no longer recommended). A JSON document consists of a single root value: either an object ({}) or an array ([]), though RFC 8259 technically allows any value type at the root. Objects contain comma-separated key-value pairs where keys are always double-quoted strings. Arrays contain comma-separated values. Values can be strings (double-quoted, with backslash escaping for special characters), numbers (integer or floating point, no leading zeros, no hex/octal notation), booleans (true or false, lowercase only), or null (lowercase only). Whitespace between tokens (space, tab, LF, CR) is insignificant and ignored by parsers. JSON does not support comments, trailing commas, single-quoted strings, or undefined as a value. A BOM (Byte Order Mark) should NOT be added to JSON files per RFC 8259 section 8.1. Maximum nesting depth and number precision are implementation-dependent — JavaScript loses precision for integers beyond 2^53-1 (Number.MAX_SAFE_INTEGER), which is why many APIs transmit large IDs as strings.

2001Douglas Crockford specifies JSON as a lightweight alternative to XML for data interchange2006RFC 4627 published — first IETF specification for JSON (informational)2013ECMA-404 published — JSON Data Interchange Standard, defines syntax formally2014RFC 7159 supersedes RFC 4627 — allows any value at root (not just object/array)2017RFC 8259 supersedes RFC 7159 — mandates UTF-8 encoding, prohibits BOM, becomes Internet Standard (STD 90)2020JSON Schema draft 2020-12 released — validation, annotation, and hyper-schema for structured JSON documents

Pretty-print and validate JSON other

jq '.' input.json

jq with the identity filter '.' reads, parses, and pretty-prints JSON with syntax highlighting. Exits non-zero on invalid JSON, doubling as a validator.

Validate JSON with Python standard library other

python3 -m json.tool input.json

Python's built-in json.tool module parses and pretty-prints JSON. Exits with an error message and non-zero status on invalid input. No third-party packages needed.

Extract nested field with jq other

jq '.data.users[] | {name: .name, email: .email}' input.json

Pipes each element of the .data.users array through a projection, outputting only name and email fields. jq expressions compose like Unix pipelines.

Convert JSON array of objects to CSV via jq other

jq -r '(.[0] | keys_unsorted) as $k | ($k | @csv), (.[] | [.[$k[]]] | @csv)' input.json

Extracts column headers from the first object's keys, then maps each object to a CSV row. The -r flag outputs raw strings without JSON quoting.

Minify JSON (remove whitespace) other

jq -c '.' input.json > output.json

The -c (compact) flag outputs JSON on a single line with no extra whitespace. Reduces file size for deployment without changing data.

JSON → CSV render lossy Flattening JSON arrays of objects into CSV rows enables import into spreadsheets, SQL databases, and BI tools that expect tabular input. Each object key becomes a column header.

JSON → YAML render lossless YAML adds comments, multi-line strings, and anchors/aliases that JSON lacks. Configuration files often start as JSON and migrate to YAML for readability in DevOps contexts (Kubernetes manifests, CI/CD pipelines, Ansible playbooks).

JSON → XML render lossless Legacy enterprise systems, SOAP APIs, and some government data portals still require XML. Converting JSON to XML maps objects to elements and arrays to repeated child elements.

LOW

Attack Vectors

eval()-based parsing — passing untrusted JSON to eval() in JavaScript executes arbitrary code; always use JSON.parse()
JSON injection — user input concatenated into JSON strings without escaping allows injection of additional key-value pairs or value manipulation
Denial of service via deeply nested structures — 10,000+ nesting levels can cause stack overflow in recursive parsers
Sensitive data exposure — JSON API responses cached by CDNs or browsers may leak authentication tokens or PII if Cache-Control headers are not set

Mitigation: FileDex processes JSON files entirely in the browser using native JSON.parse() — no eval(), no server upload. Parsing occurs within the browser's memory sandbox with built-in stack depth limits.

jq tool

Command-line JSON processor — filter, transform, and query JSON with pipe syntax

JSON Schema spec

Vocabulary for validating JSON document structure, types, and constraints

Ajv library

Fastest JSON Schema validator for JavaScript/TypeScript — compiles schemas to code

JSONLint service

Online JSON validator and formatter — paste or upload JSON for instant syntax check

Zod library

TypeScript-first schema validation library — infers static types from schemas

orjson library

Fast JSON serialization library for Python — 3-10x faster than stdlib json