需要什么更适合于Ajax比这个功能 [英] What more is needed for Ajax than this function
问题描述
我有一个小的JS函数,它的Ajax,我和另一个喜欢它,增加了在POST数据请求。使用Ajax是这样大约这么多的图书馆,那我从我的功能缺失的一个很大的话题,它是不安全的或别的什么担心?
函数loadPage(pagePath,显示元素)
{
VAR XMLHTTP;
尝试
{
// Firefox,歌剧8.0+,Safari浏览器
XMLHTTP =新XMLHtt prequest();
}
赶上(E)
{
// IE浏览器
尝试
{
XMLHTTP =新的ActiveXObject(MSXML2.XMLHTTP);
}
赶上(E)
{
尝试
{
XMLHTTP =新的ActiveXObject(Microsoft.XMLHTTP);
}
赶上(E)
{
警报(您的浏览器不支持AJAX!);
返回false;
}
}
}
xmlHttp.onreadystatechange =功能()
{
如果(xmlHttp.readyState == 4)
{
的document.getElementById(显示元素).innerHTML = xmlHttp.responseText;
}
}
xmlHttp.open(GET,pagePath,真正的);
xmlHttp.send(空);
}
我强烈建议你不要推出自己的Ajax code。相反,使用了一个框架,如原型,道场,或任何其他人。他们已经采取了处理所有你不处理(2意味着它已被发送,3意味着它在工艺等)ReadyStates照顾,他们应该逃脱效应初探你得到,所以你不插入潜在的不安全JavaScript或东西到你的页面。
另一件事,一个更强大的框架会给你是做的不仅仅是使用innerHTML来替换DOM项目的能力。你的功能在这里只能用于替换一个元素与来自Ajax调用的响应。还有很多更可以使用Ajax做什么。
I have a small JS function that does Ajax for me and another like it that adds in POST data to the request. With Ajax being such a big topic with so many libraries about it, what am I missing from my function, is it insecure or something else worrying?
function loadPage(pagePath, displayElement)
{
var xmlHttp;
try
{
// Firefox, Opera 8.0+, Safari
xmlHttp=new XMLHttpRequest();
}
catch (e)
{
// Internet Explorer
try
{
xmlHttp=new ActiveXObject("Msxml2.XMLHTTP");
}
catch (e)
{
try
{
xmlHttp=new ActiveXObject("Microsoft.XMLHTTP");
}
catch (e)
{
alert("Your browser does not support AJAX!");
return false;
}
}
}
xmlHttp.onreadystatechange=function()
{
if(xmlHttp.readyState==4)
{
document.getElementById(displayElement).innerHTML = xmlHttp.responseText;
}
}
xmlHttp.open("GET", pagePath, true);
xmlHttp.send(null);
}
I strongly recommend you not roll your own Ajax code. Instead, use a framework such as Prototype, Dojo, or any of the others. They've taken care of handling all the ReadyStates you're not handling (2 means it's been sent, 3 means it's in process, etc.), and they should escape the reponse you're getting so you don't insert potentially insecure javascript or something into your page.
Another thing a more robust framework will give you is the ability to do more than just use innerHTML to replace items in the DOM. Your function here can only be used to replace one element with the response from the ajax call. There's a lot more you can do with Ajax.
这篇关于需要什么更适合于Ajax比这个功能的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
