El lun, 23-04-2007 a las 15:12 -0400, Weaver, Scott escribió: > Santiago, > > Actually, I use JSON for all of my AJA(X) work. The XPath is just for > manipulating the DOM of an existing page. I use a combination of > jQuery's built-in JSON support along with JSONStringify > (http://www.thomasfrank.se/json_stringify_revisited.html) for the > front end and JSONLib (http://json-lib.sourceforge.net/) on the back > end. In fact, I wrote a complete JSON-based customization pipeline > for my J2 portal. >
Cool, I thought it was for selection on the answers. > However, you must be aware of the security concerns when using JSON. > If not secured properly, you can leave your end-users and your > application open to x-site scripting attacks as documented here, > > http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf > I'm aware, but using XML only hides that the possibility of such attacks is there, only a bit more difficult to happen. :) Regards Santiago > -scott > > > -----Original Message----- > > From: Santiago Gala [mailto:[EMAIL PROTECTED] On Behalf Of Santiago > > Gala > > Sent: Monday, April 23, 2007 2:41 PM > > To: Jetspeed Developers List > > Subject: RE: Modifying the Jetspeed Desktop > > > > El lun, 23-04-2007 a las 11:27 -0400, Weaver, Scott escribió: > > (...) > > > I actually wanted to write javascript, well at least writing it the > > > jQuery way ;-). jQuery uses XPath for traversing the DOM and is quite > > > quick at it. > > > > Why not JSON ( www.json.org ) ? it is way simpler to handle, plus it > > does not require well-formed XML. Well-formedness was my killer in our > > first attempt at client-side aggregation. > > > > JSON is generated and parsed very easily, in java, ruby, python, perl, > > and, of course, javascript. > > > > Regards > > Santiago > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
