Repository: struts-site Updated Branches: refs/heads/asf-site 0dccbe248 -> 2ec9aaf18
Updates production by Jenkins Project: http://git-wip-us.apache.org/repos/asf/struts-site/repo Commit: http://git-wip-us.apache.org/repos/asf/struts-site/commit/2ec9aaf1 Tree: http://git-wip-us.apache.org/repos/asf/struts-site/tree/2ec9aaf1 Diff: http://git-wip-us.apache.org/repos/asf/struts-site/diff/2ec9aaf1 Branch: refs/heads/asf-site Commit: 2ec9aaf1882e0c757434e0e22d5c3fbf3876a5a5 Parents: 0dccbe2 Author: jenkins <bui...@apache.org> Authored: Tue Sep 12 10:30:09 2017 +0000 Committer: jenkins <bui...@apache.org> Committed: Tue Sep 12 10:30:09 2017 +0000 ---------------------------------------------------------------------- content/plugins/json/index.html | 92 ++++++++++++++++++++---------------- 1 file changed, 50 insertions(+), 42 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/struts-site/blob/2ec9aaf1/content/plugins/json/index.html ---------------------------------------------------------------------- diff --git a/content/plugins/json/index.html b/content/plugins/json/index.html index 84274cb..ea58355 100644 --- a/content/plugins/json/index.html +++ b/content/plugins/json/index.html @@ -135,6 +135,7 @@ <li><a href="#including-properties" id="markdown-toc-including-properties">Including properties</a></li> <li><a href="#root-object" id="markdown-toc-root-object">Root Object</a></li> <li><a href="#wrapping" id="markdown-toc-wrapping">Wrapping</a></li> + <li><a href="#wrap-with-comments" id="markdown-toc-wrap-with-comments">Wrap with Comments</a></li> <li><a href="#prefix" id="markdown-toc-prefix">Prefix</a></li> <li><a href="#base-classes" id="markdown-toc-base-classes">Base Classes</a></li> <li><a href="#enumerations" id="markdown-toc-enumerations">Enumerations</a></li> @@ -341,56 +342,63 @@ the beginning and <code class="highlighter-rouge">wrapPostfix</code> to add cont and <code class="highlighter-rouge">prefix</code> which are deprecated from 0.34 on. Examples:</p> <ul> - <li>Wrap with comments: -```xml</li> + <li>Wrap with comments:</li> </ul> -<result type="json"> - <param name="wrapPrefix" />/* - <param name="wrapSuffix" />*/ -</result> -<div class="highlighter-rouge"><pre class="highlight"><code> -- Add a prefix: -```xml -<result type="json"> - <param name="wrapPrefix">{}&&</param> -</result> + +<div class="highlighter-rouge"><pre class="highlight"><code><span class="nt"><result</span> <span class="na">type=</span><span class="s">"json"</span><span class="nt">></span> + <span class="nt"><param</span> <span class="na">name=</span><span class="s">"wrapPrefix"</span><span class="nt">></span>/*<span class="nt"></param></span> + <span class="nt"><param</span> <span class="na">name=</span><span class="s">"wrapSuffix"</span><span class="nt">></span>*/<span class="nt"></param></span> +<span class="nt"></result></span> +</code></pre> +</div> + +<ul> + <li>Add a prefix:</li> +</ul> + +<div class="highlighter-rouge"><pre class="highlight"><code><span class="nt"><result</span> <span class="na">type=</span><span class="s">"json"</span><span class="nt">></span> + <span class="nt"><param</span> <span class="na">name=</span><span class="s">"wrapPrefix"</span><span class="nt">></span>{}<span class="err">&&</span><span class="nt"></param></span> +<span class="nt"></result></span> </code></pre> </div> <ul> - <li>Wrap for file upload: -```xml</li> + <li>Wrap for file upload:</li> </ul> -<result type="json"> - <param name="wrapPrefix" /><![CDATA[<html><body><textarea>]]> - <param name="wrapSuffix" /><![CDATA[</textarea></body></html>]]> -</result> -<div class="highlighter-rouge"><pre class="highlight"><code> -### Wrap with Comments - -`wrapWithComments` is deprecated from 0.34, use `wrapPrefix` and `wrapSuffix` instead. - -> `wrapWithComments` can turn safe JSON text into dangerous text. For example, -> `"\*/ alert('XSS'); /\*"` -> Thanks to Douglas Crockford for the tip! Consider using **prefix** instead. - -If the serialized JSON is `{name: 'El Zorro'}`. Then the output will be: `{}&& ({name: 'El Zorro'})`. - -If the `wrapWithComments` (false by default) attribute is set to true, the generated JSON is wrapped with comments like: - -```json -/* { - "doubleVal": 10.10, - "nestedBean": { - "name": "Mr Bean" - }, - "list": ["A", 10, 20.20, { - "firstName": "El Zorro" - }], - "array": [10, 20] -} */ + +<div class="highlighter-rouge"><pre class="highlight"><code><span class="nt"><result</span> <span class="na">type=</span><span class="s">"json"</span><span class="nt">></span> + <span class="nt"><param</span> <span class="na">name=</span><span class="s">"wrapPrefix"</span><span class="nt">></span><span class="cp"><![CDATA[<html><body><textarea>]]></span><span class="nt"></param></span> + <span class="nt"><param</span> <span class="na">name=</span><span class="s">"wrapSuffix"</span><span class="nt">></span><span class="cp"><![CDATA[</textarea></body></html>]]></span><span class="nt"></param></span> +<span class="nt"></result></span> </code></pre> </div> + +<h3 id="wrap-with-comments">Wrap with Comments</h3> + +<p><code class="highlighter-rouge">wrapWithComments</code> is deprecated from 0.34, use <code class="highlighter-rouge">wrapPrefix</code> and <code class="highlighter-rouge">wrapSuffix</code> instead.</p> + +<blockquote> + <p><code class="highlighter-rouge">wrapWithComments</code> can turn safe JSON text into dangerous text. For example, +<code class="highlighter-rouge">"\*/ alert('XSS'); /\*"</code> +Thanks to Douglas Crockford for the tip! Consider using <strong>prefix</strong> instead.</p> +</blockquote> + +<p>If the serialized JSON is <code class="highlighter-rouge"><span class="p">{</span><span class="err">name:</span><span class="w"> </span><span class="err">'El</span><span class="w"> </span><span class="err">Zorro'</span><span class="p">}</span></code>. Then the output will be: <code class="highlighter-rouge"><span class="p">{}</span><span class="err">&&</span><span class="w"> </span><span class="err">(</span><span class="p">{</span><span class="err">name:</span><span class="w"> </span><span class="err">'El</span><span class="w"> </span><span class="err">Zorro'</span><span class="p">}</span><span class="err">)</span></code>.</p> + +<p>If the <code class="highlighter-rouge">wrapWithComments</code> (false by default) attribute is set to true, the generated JSON is wrapped with comments like:</p> + +<div class="highlighter-rouge"><pre class="highlight"><code><span class="err">/*</span><span class="w"> </span><span class="p">{</span><span class="w"> + </span><span class="nt">"doubleVal"</span><span class="p">:</span><span class="w"> </span><span class="mf">10.10</span><span class="p">,</span><span class="w"> + </span><span class="nt">"nestedBean"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> + </span><span class="nt">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Mr Bean"</span><span class="w"> + </span><span class="p">},</span><span class="w"> + </span><span class="nt">"list"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"A"</span><span class="p">,</span><span class="w"> </span><span class="mi">10</span><span class="p">,</span><span class="w"> </span><span class="mf">20.20</span><span class="p">,</span><span class="w"> </span><span class="p">{</span><span class="w"> + </span><span class="nt">"firstName"</span><span class="p">:</span><span class="w"> </span><span class="s2">"El Zorro"</span><span class="w"> + </span><span class="p">}],</span><span class="w"> + </span><span class="nt">"array"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="mi">10</span><span class="p">,</span><span class="w"> </span><span class="mi">20</span><span class="p">]</span><span class="w"> +</span><span class="p">}</span><span class="w"> </span><span class="err">*/</span><span class="w"> +</span></code></pre> +</div> <p>To strip those comments use:</p> <div class="highlighter-rouge"><pre class="highlight"><code><span class="kd">var</span> <span class="nx">responseObject</span> <span class="o">=</span> <span class="nb">eval</span><span class="p">(</span><span class="s2">"("</span><span class="o">+</span><span class="nx">data</span><span class="p">.</span><span class="nx">substring</span><span class="p">(</span><span class="nx">data</span><span class="p">.</span><span class="nx">indexOf</span><span class="p">(</span><span class="s2">"\/\*"</span><span class="p">)</span><span class="o">+</span><span class="mi">2</span><span class="p">,</span> <span class="nx">data</span><span class="p">.</span><span class="nx">lastIndexOf</span><span class="p">(</span><span class="s2">"\*\/"</span><span class="p">))</span><span class="o">+</span><span class="s2">")"</span><span class="p">);</span>
