Use unsafe relaxed escaping in AIJsonUtilities.DefaultOptions. (#5850)

eiriktsarpalis · web-flow · commit 11ccd68ee371 · 2025-02-07T15:02:59.000Z
diff --git a/src/Libraries/Microsoft.Extensions.AI.Abstractions/Utilities/AIJsonUtilities.Defaults.cs b/src/Libraries/Microsoft.Extensions.AI.Abstractions/Utilities/AIJsonUtilities.Defaults.cs
@@ -3,7 +3,9 @@
 
 using System;
 using System.Collections.Generic;
+using System.ComponentModel;
 using System.Diagnostics.CodeAnalysis;
+using System.Text.Encodings.Web;
 using System.Text.Json;
 using System.Text.Json.Nodes;
 using System.Text.Json.Serialization;
@@ -13,7 +15,26 @@ namespace Microsoft.Extensions.AI;
 
 public static partial class AIJsonUtilities
 {
-    /// <summary>Gets the <see cref="JsonSerializerOptions"/> singleton used as the default in JSON serialization operations.</summary>
+    /// <summary>
+    /// Gets the <see cref="JsonSerializerOptions"/> singleton used as the default in JSON serialization operations.
+    /// </summary>
+    /// <remarks>
+    /// <para>For Native AOT or applications disabling <see cref="JsonSerializer.IsReflectionEnabledByDefault"/> this instance includes source generated contracts
+    /// for all common exchange types contained in the Microsoft.Extensions.AI.Abstractions library.
+    /// </para>
+    /// <para>
+    /// It additionally turns on the following settings:
+    /// <list type="number">
+    /// <item>Enables the <see cref="JsonSerializerOptions.WriteIndented"/> property.</item>
+    /// <item>Enables string based enum serialization as implemented by <see cref="JsonStringEnumConverter"/>.</item>
+    /// <item>Enables <see cref="JsonIgnoreCondition.WhenWritingNull"/> as the default ignore condition for properties.</item>
+    /// <item>
+    /// Enables <see cref="JavaScriptEncoder.UnsafeRelaxedJsonEscaping"/> when escaping JSON strings.
+    /// Consuming applications must ensure that JSON outputs are adequately escaped before embedding in other document formats, such as HTML and XML.
+    /// </item>
+    /// </list>
+    /// </para>
+    /// </remarks>
     public static JsonSerializerOptions DefaultOptions { get; } = CreateDefaultOptions();
 
     /// <summary>Creates the default <see cref="JsonSerializerOptions"/> to use for serialization-related operations.</summary>
@@ -24,25 +45,31 @@ private static JsonSerializerOptions CreateDefaultOptions()
         // If reflection-based serialization is enabled by default, use it, as it's the most permissive in terms of what it can serialize,
         // and we want to be flexible in terms of what can be put into the various collections in the object model.
         // Otherwise, use the source-generated options to enable trimming and Native AOT.
+        JsonSerializerOptions options;
 
         if (JsonSerializer.IsReflectionEnabledByDefault)
         {
             // Keep in sync with the JsonSourceGenerationOptions attribute on JsonContext below.
-            JsonSerializerOptions options = new(JsonSerializerDefaults.Web)
+            options = new(JsonSerializerDefaults.Web)
             {
                 TypeInfoResolver = new DefaultJsonTypeInfoResolver(),
                 Converters = { new JsonStringEnumConverter() },
                 DefaultIgnoreCondition = JsonIgnoreCondition.WhenWritingNull,
+                Encoder = JavaScriptEncoder.UnsafeRelaxedJsonEscaping,
                 WriteIndented = true,
             };
-
-            options.MakeReadOnly();
-            return options;
         }
         else
         {
-            return JsonContext.Default.Options;
+            options = new(JsonContext.Default.Options)
+            {
+                // Compile-time encoder setting not yet available
+                Encoder = JavaScriptEncoder.UnsafeRelaxedJsonEscaping,
+            };
         }
+
+        options.MakeReadOnly();
+        return options;
     }
 
     // Keep in sync with CreateDefaultOptions above.
@@ -82,5 +109,6 @@ private static JsonSerializerOptions CreateDefaultOptions()
     [JsonSerializable(typeof(Embedding<float>))]
     [JsonSerializable(typeof(Embedding<double>))]
     [JsonSerializable(typeof(AIContent))]
+    [EditorBrowsable(EditorBrowsableState.Never)] // Never use JsonContext directly, use DefaultOptions instead.
     private sealed partial class JsonContext : JsonSerializerContext;
 }
diff --git a/src/Libraries/Microsoft.Extensions.AI.Abstractions/Utilities/AIJsonUtilities.Schema.cs b/src/Libraries/Microsoft.Extensions.AI.Abstractions/Utilities/AIJsonUtilities.Schema.cs
@@ -212,7 +212,7 @@ private static JsonElement GetJsonSchemaCore(JsonSerializerOptions options, Sche
 
             return schemaObj is null
                 ? _trueJsonSchema
-                : JsonSerializer.SerializeToElement(schemaObj, JsonContext.Default.JsonNode);
+                : JsonSerializer.SerializeToElement(schemaObj, options.GetTypeInfo(typeof(JsonNode)));
         }
 
         if (key.Type == typeof(void))
@@ -227,7 +227,7 @@ private static JsonElement GetJsonSchemaCore(JsonSerializerOptions options, Sche
         };
 
         JsonNode node = options.GetJsonSchemaAsNode(key.Type, exporterOptions);
-        return JsonSerializer.SerializeToElement(node, JsonContext.Default.JsonNode);
+        return JsonSerializer.SerializeToElement(node, DefaultOptions.GetTypeInfo(typeof(JsonNode)));
 
         JsonNode TransformSchemaNode(JsonSchemaExporterContext schemaExporterContext, JsonNode schema)
         {
diff --git a/test/Libraries/Microsoft.Extensions.AI.Abstractions.Tests/Utilities/AIJsonUtilitiesTests.cs b/test/Libraries/Microsoft.Extensions.AI.Abstractions.Tests/Utilities/AIJsonUtilitiesTests.cs
@@ -4,6 +4,7 @@
 using System;
 using System.ComponentModel;
 using System.Linq;
+using System.Text.Encodings.Web;
 using System.Text.Json;
 using System.Text.Json.Nodes;
 using System.Text.Json.Serialization;
@@ -33,6 +34,20 @@ public static void DefaultOptions_HasExpectedConfiguration()
         // Additional settings
         Assert.Equal(JsonIgnoreCondition.WhenWritingNull, options.DefaultIgnoreCondition);
         Assert.True(options.WriteIndented);
+        Assert.Same(JavaScriptEncoder.UnsafeRelaxedJsonEscaping, options.Encoder);
+    }
+
+    [Theory]
+    [InlineData("<script>alert('XSS')</script>", "<script>alert('XSS')</script>")]
+    [InlineData("""{"forecast":"sunny", "temperature":"75"}""", """{\"forecast\":\"sunny\", \"temperature\":\"75\"}""")]
+    [InlineData("""{"message":"Πάντα ῥεῖ."}""", """{\"message\":\"Πάντα ῥεῖ.\"}""")]
+    [InlineData("""{"message":"七転び八起き"}""", """{\"message\":\"七転び八起き\"}""")]
+    [InlineData("""☺️🤖🌍𝄞""", """☺️\uD83E\uDD16\uD83C\uDF0D\uD834\uDD1E""")]
+    public static void DefaultOptions_UsesExpectedEscaping(string input, string expectedJsonString)
+    {
+        var options = AIJsonUtilities.DefaultOptions;
+        string json = JsonSerializer.Serialize(input, options);
+        Assert.Equal($@"""{expectedJsonString}""", json);
     }
 
     [Theory]

Original file line number	Diff line number	Diff line change
`@@ -212,7 +212,7 @@ private static JsonElement GetJsonSchemaCore(JsonSerializerOptions options, Sche`
`212`	`212`
`213`	`213`	`return schemaObj is null`
`214`	`214`	`? _trueJsonSchema`
`215`		`- : JsonSerializer.SerializeToElement(schemaObj, JsonContext.Default.JsonNode);`
	`215`	`+ : JsonSerializer.SerializeToElement(schemaObj, options.GetTypeInfo(typeof(JsonNode)));`
`216`	`216`	`}`
`217`	`217`
`218`	`218`	`if (key.Type == typeof(void))`
`@@ -227,7 +227,7 @@ private static JsonElement GetJsonSchemaCore(JsonSerializerOptions options, Sche`
`227`	`227`	`};`
`228`	`228`
`229`	`229`	`JsonNode node = options.GetJsonSchemaAsNode(key.Type, exporterOptions);`
`230`		`- return JsonSerializer.SerializeToElement(node, JsonContext.Default.JsonNode);`
	`230`	`+ return JsonSerializer.SerializeToElement(node, DefaultOptions.GetTypeInfo(typeof(JsonNode)));`
`231`	`231`
`232`	`232`	`JsonNode TransformSchemaNode(JsonSchemaExporterContext schemaExporterContext, JsonNode schema)`
`233`	`233`	`{`