650 Ajax: The Complete Reference
Security issues (Continued)
with Internet Explorer, 11
JavaScript, 294–301
encoding, 296–298
encrypting, 298
external scripts, 301
obfuscation, 295–296
protection, 294–295
same-origin policy, 298–301
on JSON, 324–326
on JSONP, 324, 326–327
password security, 307
payload protection, 328–331
with request headers, 83
with running locally, 11
Secure Socket Layer (SSL), 308–310
Web attacks
locations for, 283–284
review of, 287–293
XHR hijacking, 316–320
Self-assignment bitwise operators, 570–571
Send method, 7, 63, 75
Sending/receiving data:
in AjaxTCR library, 186–188
with iFrames, 43–45
SendRequest, 5, 22, 197–200
Serialization:
form, 126–128
object, 128–129
Serialize, 217
SerializeForm, 186, 189
SerializeObject, 128, 186, 189
Server availability, 256–257
Server error handling, 235–238
Server event listeners, 526–527
Server header, 603
Server proxy, 485–490
Server push, 103
Service Oriented Architecture (SOA), 12
Session hijacking, 292
Set-Cookie header, 604
SetForm, 206, 208
SetInterval, 106
SetProgID, 211
SetRequestHeader, 63, 82–83
browser support for, 85
values for, 83–84
SetTimeout, 106
Shift method, 248
Simple Object Access Protocol (SOAP), 502–505
Single page application (SPA), 451
Site architecture, 407 (See also specific topics, e.g.:
Templates)Sjat (Synchronous JavaScript and Text), 76
Slider widgets, 15
Slow load (endless iFrame), 516, 517, 527
Smarty, 432–434
SOA (Service Oriented Architecture), 12
SOAP (Simple Object Access Protocol),
502–505
Software industry, 13
SOP (See Same-origin policy)
Sort method, 580
SPA (single page application), 451
Span tag, 167
Special characters, 566
SQL injection attacks, 289
Src, 18, 19
and iFrames, 22
in script tags, 22
of xml, 168
SSL (See Secure Socket Layer)
Standard encoding (x-www-form-urlencoded
format), 119
data formats for, 121–129
and encodeURIComponent, 563
and escape, 563
extension of, 122–125
for form serialization, 126–128
for object serialization, 128–129
and POST method, 130
Statements, 575
Static scoping, 580
Status indicators, 32
Status property, 62, 91–92
Status-code, 597
StatusIndicator, 32, 344
StatusText, 90–92
StopIteration exception, 579
Storage:
native browser storage (DOM storage), 534
persistent, 529–535
Strings:
client-side templates in, 441
in JSON, 133
limits for, 20
nonempty, 557
templates in, 441
String data type, 556
String method, 558
String object, 562
Stringifer, 135
StripTags, 222
Style sheets:
one-way communication with, 23
two-way communication with, 40–42