English | 简体中文 | 繁體中文 | Русский язык | Français | Español | Português | Deutsch | 日本語 | 한국어 | Italiano | بالعربية
I recommend everyone to buy the paper version of the book, of course, if the conditions are limited, you can temporarily download the electronic version: https://www.oldtoolbag.com/books/504703.html
Term
Portability
Compatibility of information transmission between platforms and systems.
JSON
JavaScriptObjectNotation Object Notation.
Data interchange format
Text used for data exchange between different platforms or systems.
Literals
Values that have the same meaning as their literal meaning.
Variables
Values represented by identifiers such as X, which can be modified.
Maximum portability
Provide portability beyond the data format itself by ensuring the compatibility of the data itself with platforms and systems.
Names-Value pairs
Refers to attributes and features that have names and corresponding values (also called key-value pairs).
Syntax validation
Validation of JSON format.
Consistency validation
Focuses on unique data structure validation.
String types in JSON
A string value such as “You are a good person” is enclosed in double quotes.
Concept
JSON is a data interchange format.
JSON is independent of programming languages.
JSON is based on the literal representation of JavaScript objects (with a focus on representation).
The way JSON expresses data is friendly to general programming concepts.
JSON is based on the syntax of JavaScript object literals, but does not include the function-related parts of JavaScript object literals.
Names in JSON-In value pairs, names are always enclosed in double quotes.
Names in JSON-In value pairs, the value can be a string, number, boolean, null, an object, or an array.
Names in JSON-Value pairs lists are always enclosed in curly braces.
Multiple name-value pairs in JSON are separated by commas.
JSON files use the .json extension.
The media type of JSON is application/json.
The values of JSON's boolean type are only true and false, and all letters must be lowercase.
All letters in JSON's null value must be lowercase to represent an empty value.
Number types in JSON, a numeric value such as66which can be positive integers, negative integers, decimals, or exponential.
A key distinction between objects and arrays is that objects are names-A list or collection of value pairs, where an array is a list and collection of values.
Another key distinction between objects and arrays is that all values in an array should have the same data type.
Term
Arrays in JSON
An array is a collection or list of values, each of which can be a string, number, boolean, object, or array. Arrays must be enclosed in square brackets [], and values are separated by commas.
Object types in JSON
Object types are names separated by commas-A collection of value pairs enclosed in curly braces {}.
JSON Schema
A type of virtual contract in data exchange.
Server-side (in web development)
When web-based resources are requested, a series of operations are executed on the server. The server provides the processing and loading responses for internet browsers.
Client (in web development)
A series of operations performed when the interface requested by the browser is fully loaded, usually referring to HTML, CSS, and JavaScript.
Concept
JSON validator is responsible for verifying syntax errors, and JSON Schema is responsible for providing consistency verification.
JSONSchema is the first line of defense for data reception, and also a good tool for data senders to save time and ensure data accuracy.
JSONSchema can solve the following consistency verification issues
1.Is the data type of the value correct? You can specify that a value is a number, string, etc.
2.Does it contain the data needed? You can specify which data is needed and which is not.
3.Is the form of the value what I need? You can specify a range, minimum and maximum values.
JSON itself does not pose any threat; it is just text.
When locating JSON security issues, remember the following3This matter.
1.Do not use top-level arrays, as top-level arrays are valid JavaScript scripts that can be linked and used with <script> tags.
2.For resources that do not want to be publicly accessible, only allow the use of the HTTPPost method to request, not the Get method, as the Get method can be requested through a URL, even placed in a script tag.
3.Use JSON.parser() instead of eval(), as the eval() function will compile and execute the string passed in, which can make your code vulnerable. Only use JSON.parser() to parse JSON data.
Security vulnerabilities are often caused by developers not considering the question of 'how hackers might exploit this point'.
The relationship between JavaScript's XMLHTTPRequest and webApi is the relationship between the client and the server.
XMLHTTPRequest is not limited to XML; it can also be used to request JSON resources.
Term
Cross-Site Request Forgery (CSRF)
An attack that takes advantage of the site's trust in the user's browser.
Top-level JSON array
Exists in JSON names-A JSON array located at the top level of the document, outside of value pairs.
Injection Attack
An attack that depends on injecting data into a web application to facilitate the execution or compilation of malicious data.
JSON Cross-Site Scripting Attack
An injection attack on a site by intercepting or replacing the third-party code used on the site with malicious scripts.
webApi
A series of instructions and standards for interacting with services via HTTP.
XMLHTTPRequest
A JavaScript object that can retrieve data from a URL without refreshing the page, commonly used in AJAX programming.
Hypertext Transfer Protocol (HTTP)
The basic protocol used by the World Wide Web for exchanging data
Serialization
The operation of converting an object to text
Deserialization
The operation of converting text to an object.
Concept
Websites serve people, web APIs serve code, and they both use the HTTP protocol.
The same-origin policy makes JavaScript and JSON resources client-side-There were some difficulties in server-side communication.
Client-side cross-domain XMLHTTPRequest requires server-side support to ensure the success of JSON resource requests.
jQuery is an abstracting tool that provides JSON request and parsing functions, which can shorten development time, and it also solves cross-browser compatibility issues.
AngularJS MVC concept
JSON is the model||data model
HTML is the view and provides syntax for binding with the model
Controllers are JavaScript files defined and operated by AngularJS syntax to interact with the model and view.
AngularJS makes JavaScript objects and JSON shine in the MVC architecture.
In relational databases, there are often table columns and their relationships, which use primary keys and foreign keys.
There are many types of NoSQL databases, which have different data storage and utilization methods from traditional relational models.
Important concepts of CouchDB database
1.It is a document-oriented NoSQL database
2.It stores and manages JSON documents
3.It maintains the data structure while storing and retrieving data
4.It will use HTTP-based APIs to retrieve data as JSON document resources
5.It uses JavaScript as a query language and retrieves data across APIs through the map and reduce methods of the view.
On the server side, JSON can be deserialized into objects and used in programming logic, or objects can be serialized into JSON format.
JSON is well supported by both the server and the client, making it stand out among many data exchange formats in the web field.
Term
Same-origin policy
For security reasons, browsers will only request scripts from the same domain.
Cross-Origin Resource Sharing CORS
By setting the response header, it allows cross-domain requests to be successful.
JSON-p
Using the script tag, bypass the same-origin policy restrictions and request JSON from servers of different domains.
Abstraction
A technology for dealing with complex systems, the main idea of which is to convert a large problem into multiple small problems.
Framework
A tool that saves time, allowing us to focus more on building features.
Jquery.parserJSON()
A jQuery function that not only calls the JSON.parser() function but also is compatible with old browsers that do not support the JSON.parser() function, and evaluates the string by verifying characters to avoid potential security issues.
jquery.getJSON()
a shorthand form of the jquery.ajax() function, which includes the functionality of parsing JSON into JavaScript objects
Single Page Web Application
Different from the traditional multi-page approach, focusing on providing a more seamless application experience
Model-View-Controller (MVC)
An application architecture pattern that divides the application into3Part: Model (data), View (presentation), and Controller (update model and view)
AngularJS
a JavaScript MVC framework that uses JavaScript objects as the data model
Relational Database
a database that structures the stored data with identifiable relationships
NoSQL Database
a database that does not store data by storing the relationship between data
CouchDB
a type of document-oriented NoSQL database storage that uses JSON document format to store data
ASP.NET
a server-side web framework developed by Microsoft
PHP
a server-side scripting language used to create dynamic web pages
Ruby on Rails
a server-side web application framework written in Ruby
Node.js
based on Google V8the server-side JavaScript of the engine
java
A programming language that is object-oriented
JSON will also be used as a static configuration file
When considering what data format to use, both the form of the data and the system for exchanging data should be taken into account.!!!JSON is not always the best choice.
Statement: The content of this article is from the Internet, and the copyright belongs to the original author. The content is contributed and uploaded by Internet users spontaneously. This website does not own the copyright, has not been edited by humans, and does not assume any relevant legal liability. If you find any content suspected of copyright infringement, please send an email to: notice#oldtoolbag.com (Please replace # with @ when sending an email to report violations, and provide relevant evidence. Once verified, this site will immediately delete the infringing content.)