使用没有'eval'的XMLHttpRequest [英] Using XMLHttpRequest without 'eval'
问题描述
我通常设置并使用XMLHttpRequest执行
服务器端功能并获得结果的方式是:
var url =" ?someurl PARAMS = QUOT; + params;
var conn = createRequest(); //获取XMLHttpRequest对象
conn.open(" GET",url);
conn.onreadystatechange =
function(){
if(conn.readyState == 4&& conn.status == 200){
var ret = conn.responseText;
var data = eval("(" + ret +")");
}
};
(上面是一个高度剪裁的版本,没有任何常用的支票
和余额,这只是为了说明)
我很好奇的是如何使用eval()获取数据并使用
读取数据。我所看到的所有例子都显示使用eval好像
它完全正常和正常,并且大部分内容我已经阅读了
关于eval说永远不要使用它。
你们其中一个人有没有任何链接/建议/讽刺我可以用来让我的
更好的方式?
一切顺利,
~A!
-
Anthony Levensalor
an*****@mypetprogrammer.com
只有两件事是无限的,宇宙和人类的愚蠢,
,我不确定前者。 - 阿尔伯特爱因斯坦
12月27日,8:58 * pm,我的宠物程序员< anth ... @ mypetprogrammer.com>
写道:
我通常设置并使用XMLHttpRequest执行
服务器端函数的方式结果如下:
var url =" someurl?params =" + params;
var conn = createRequest(); //获取XMLHttpRequest对象
conn.open(" GET",url);
conn.onreadystatechange =
* * function(){
* * * if(conn.readyState == 4&& conn.status == 200){
* * * * var ret = conn.responseText;
* * * * var data = eval("(" + ret +")");
* * *}
* *};
(上面是一个高度剪裁的版本,没有任何常用支票
和余额,它只是为了说明)
它也缺少发送。
>
我很好奇的是如何使用eval()获取数据并使用
读取数据。我所看到的所有例子都显示使用eval好像
它完全正常和正常,并且大部分内容我已经阅读了
关于eval说永远不要使用它。
不要相信你所阅读的大部分内容。除非使用适当的
,否则永远不要使用eval。评估JSON数据是一种合适的用法。如果数据来自其他人的服务器,那就不要这样做。
或者,您可以使用JSON解析器,但它如果数据来自您自己的服务器,那么这样做并没有多大意义。
David Mark说:
12月27日晚上8:58,我的宠物程序员< anth ... @ mypetprogrammer.com>
[snip]
>(以上是高度剪裁的版本没有任何通常的支票
和余额,它只是为了说明)
它也缺少发送。
拍摄。我把这个给了别人作为他们问题的答案而不是三天前的b $ b。 Yeesh。
[snip]
不要相信你读到的大部分内容。除非使用适当的
,否则永远不要使用eval。评估JSON数据是一种合适的用法。如果数据来自别人的服务器,那就不要这么做。
这很有道理,无论如何,当我从我自己的服务器获取数据时,我只使用这种方法,我只是听到很多评估是不好的。
感谢您的澄清
或者,您可以使用JSON解析器,但如果数据来自于它,那么这样做并没有太多意义吗?你自己的服务器。
是的,我考虑过这样做,当数据来自时,实际上获得的实际收益似乎要多得多。
一个文件目录
结束。
谢谢大卫。
~A!
< br $> b $ b -
Anthony Levensalor
***** @ mypetprogrammer .com
只有两件事是无限的,宇宙和人类的愚蠢,
,我不确定前者。 - 阿尔伯特爱因斯坦
我的宠物程序员在2007年12月27日下午8:58说了以下内容:
我通常设置并使用XMLHttpRequest执行
服务器端功能并获得结果的方式是:
var url =" someurl? PARAMS = QUOT; + params;
var conn = createRequest(); //获取XMLHttpRequest对象
conn.open(" GET",url);
conn.onreadystatechange =
function(){
if(conn.readyState == 4&& conn.status == 200){
var ret = conn.responseText;
var data = eval("(" + ret +")");
}
};
(上面是一个高度剪切的版本,没有任何常用的支票
和余额,这只是为了说明)
返回什么类型的数据?
我很好奇的是如何获取数据并获取数据使用eval()阅读
。
取决于它是什么类型的数据。如果它是HTML代码,其中包含脚本
片段,那么eval就会有一个致命的缺陷。
即使它是JSON,它仍然可以如果你离开
那个函数,有一个致命的缺陷,去一个不同的函数,然后尝试用
做一些你评估的数据,除非你用它做一些改变它处理它的方式。
我见过的所有例子都显示使用eval就像
它只是完全正常和正常,而且大部分时间我已经阅读了
关于eval说永远不会使用它。
任何说永远不会使用eval的内容就像你不需要时使用eval
一样糟糕。经验法则是不要使用eval为
以外的其他任何目的。 eval的目的是
评估代码在运行时不知道。
你们其中一个人有任何链接/建议/ vitriol我可以用更好的方式来获得我的
取决于返回的数据类型。如果它不是JSON,
搜索存档以获取loadHTMLFragment。
< URL:
http:// groups。 google.com/group/comp.lang.javascript/browse_thread/thread/415949d1bcce6e6a/96dd313cb56fb75f?lnk=gst&q=loadhtmlfragment#96dd31 3cb56fb75f>
有我发布的最新版本已经写好了。
-
兰迪
机会有利于准备好的心灵
comp .lang.javascript常见问题 - http://jibbering.com/faq/index.html
Javascript最佳实践 - http:// www。 JavascriptToolbox.com/bestpractices/
The way I usually set up and work with the XMLHttpRequest to execute
server side functions and get results is this:
var url = "someurl?params=" + params;
var conn = createRequest(); // gets an XMLHttpRequest object
conn.open("GET", url);
conn.onreadystatechange =
function () {
if (conn.readyState == 4 && conn.status == 200) {
var ret = conn.responseText;
var data = eval ( "(" + ret + ")" );
}
};
(The above is a highly snipped version without any of the usual checks
and balances, it''s for illustration only)
What I''m curious about is how to get the data back and get it read with
using eval(). All of the examples I have seen show the use of eval as if
it were just perfectly ok and normal, and most of everthing I''ve read
about eval says never, ever use it.
Do one of you guys have any links/advice/vitriol I could use to get my
head around a better way?
All the best,
~A!
--
Anthony Levensalor
an*****@mypetprogrammer.com
Only two things are infinite, the universe and human stupidity,
and I''m not sure about the former. - Albert Einstein
On Dec 27, 8:58*pm, My Pet Programmer <anth...@mypetprogrammer.com>
wrote:The way I usually set up and work with the XMLHttpRequest to execute
server side functions and get results is this:
var url = "someurl?params=" + params;
var conn = createRequest(); // gets an XMLHttpRequest object
conn.open("GET", url);
conn.onreadystatechange =
* *function () {
* * *if (conn.readyState == 4 && conn.status == 200) {
* * * *var ret = conn.responseText;
* * * *var data = eval ( "(" + ret + ")" );
* * *}
* *};
(The above is a highly snipped version without any of the usual checks
and balances, it''s for illustration only)It is missing the send too.
>
What I''m curious about is how to get the data back and get it read with
using eval(). All of the examples I have seen show the use of eval as if
it were just perfectly ok and normal, and most of everthing I''ve read
about eval says never, ever use it.Don''t believe most of what you read. Never use eval unless its use is
appropriate. Evaluating JSON data is an appropriate use. Just don''t
do it if the data comes from somebody else''s server.
Alternatively, you could use a JSON parser, but it doesn''t make much
sense to do so if the data comes from your own server.
David Mark said:On Dec 27, 8:58 pm, My Pet Programmer <anth...@mypetprogrammer.com>[snip]
>(The above is a highly snipped version without any of the usual checks
and balances, it''s for illustration only)
It is missing the send too.
Shoot. I gave that to someone as an answer to their problem not three
days ago, too. Yeesh.
[snip]Don''t believe most of what you read. Never use eval unless its use is
appropriate. Evaluating JSON data is an appropriate use. Just don''t
do it if the data comes from somebody else''s server.
That makes a lot of sense, and I only use this method when the data is
from my own servers anyway, I''m just hearing a lot of eval is bad about.
Thanks for the clarification
Alternatively, you could use a JSON parser, but it doesn''t make much
sense to do so if the data comes from your own server.Yeah, I thought about doing that, it just seemed like to much more work
for so little actual gain when the data comes from a file one directory
over.
Thanks, David.
~A!
--
Anthony Levensalor
an*****@mypetprogrammer.com
Only two things are infinite, the universe and human stupidity,
and I''m not sure about the former. - Albert Einstein
My Pet Programmer said the following on 12/27/2007 8:58 PM:The way I usually set up and work with the XMLHttpRequest to execute
server side functions and get results is this:
var url = "someurl?params=" + params;
var conn = createRequest(); // gets an XMLHttpRequest object
conn.open("GET", url);
conn.onreadystatechange =
function () {
if (conn.readyState == 4 && conn.status == 200) {
var ret = conn.responseText;
var data = eval ( "(" + ret + ")" );
}
};
(The above is a highly snipped version without any of the usual checks
and balances, it''s for illustration only)What type of data is someurl returning?
What I''m curious about is how to get the data back and get it read with
using eval().Depends on what type of data it is. If it is HTML code, with script
snippets in it, then eval has a fatal flaw in it with regards to it.
Even if it is JSON, it could still have a fatal flaw in it if you leave
that function, go to a different function, then try to do something with
the data that you eval''ed unless you do something with it to change the
way it handles it.
All of the examples I have seen show the use of eval as if
it were just perfectly ok and normal, and most of everthing I''ve read
about eval says never, ever use it.Anything that says "never, ever use eval" is just as bad as using eval
when you don''t need to. The rule of thumb is "Don''t use eval for
anything other than its intended purpose". The purpose of eval is to
evaluate code "not known at runtime".
Do one of you guys have any links/advice/vitriol I could use to get my
head around a better way?Depends on what type of data is being returned. If it is not JSON,
search the archives for loadHTMLFragment.
<URL:
http://groups.google.com/group/comp.lang.javascript/browse_thread/thread/415949d1bcce6e6a/96dd313cb56fb75f?lnk=gst&q=loadhtmlfragment#96dd31 3cb56fb75f>
Has the latest posted version that I have written of it.
--
Randy
Chance Favors The Prepared Mind
comp.lang.javascript FAQ - http://jibbering.com/faq/index.html
Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/
这篇关于使用没有'eval'的XMLHttpRequest的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
