issuhub.com

AJAX - The Complete Reference

(avery) #1

Index 649


text fragments, 146–147

text responses, 146–150

CSV (comma-separated value),

148–149

fragments, 146–147

markup fragments, 146–147

text fragments, 146–147

YAML, 149–150

and XML, 152–163

and XPath, 160–163

and XSLT, 163–167

YAML, 149–150

Response headers, 589

custom, 604–605

HTTP, 602–605

Response syntax, 205

ResponseBody, 108

ResponseOutput, 226

ResponseStream, 108

ResponseText, 62, 92, 105, 146

ResponseXML, 62, 92–97, 146

benefits of, 96–97

challenges with, 95–97

and DOM tree, 94

and MIME, 95, 607

and MIME types, 95

validity of, 95–96

REST (Representational State Transfer), 302

Retries, 233–235

Retry-After header, 603

Return statement, 579

RFC 1945, 587

RFC 2616, 587

RIAs (Rich Internet Applications), 13

Rich Internet Applications (RIAs), 13

Right shift, 570

Rollovers, animated, 16

RSS readers, 58–59

Ruby on Rails, 211, 477

Running, locally:

Ajax, 11–12

problems with, 607

Russell, Alex, 515

SS

Safari:

and MIME, 154

and XHR, 73

Same-origin check, 298, 299

Same-origin policy (SOP), 12, 298–301

and cross domain access, 500

exceptions to, 300–301

security issues with, 298–301

Schema (XSD), 155, 159

Scope:

of functions, 580

in JavaScript, 567–568

variable, 567–568

Screen scraping, 392, 505–508

Script responses, 150–152

JavaScript, 150–151

JSON, 151–152

and XML, 152–163

Script tags, 40

and comments, 584

and external files, 11, 555

in Firefox browser, 554

with inlined code, 555

and .js files, 555

one-way communication with, 22–23

src property in, 22

two-way communication with, 39–40

and Web Services, 492–496

Script tag workaround, 484

Script.aculo.us, 211, 223

Scripting:

external, 301

Microsoft MSDN on, 551

with Prototype, 223

remote, 13

XSS (See Cross-site scripting)

Search, automatic, 384–386

Secure Socket Layer (SSL), 120, 308–310

Security issues, 283–334

in Ajax, 293–294, 301–312

authentication, 301–312

and Secure Socket Layer (SSL),

308–310

authentication, 301–312

form-cookie authentication, 310–312

HTTP authentication, 302–310

cross site request forgery (CSRF), 322–328

defeating, 327–328

on JSON, 324–326

on JSONP, 324, 326–327

cross-site scripting (XSS), 312–320

HTTP-only cookies, 315–316

XHR hijacking with, 316–320

with data formats, 120

with Firefox, 11

form-cookie authentication, 310–312

history, exposure of, 320–322

HTTP authentication, 302–310

HTTP-only cookies, 315–316

iFrames, 333

information leakage, 285–287
Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2024. All rights reserved.