Learning jQuery : Better Interaction Design and Web Development with Simple JavaScript Techniques

Book Image

Learning jQuery : Better Interaction Design and Web Development with Simple JavaScript Techniques

Book Image

Learning jQuery : Better Interaction Design and Web Development with Simple JavaScript Techniques

Overview of this book

Learning jQuery

Learning jQuery

Credits

About the Authors

About the Authors

About the Reviewers

About the Reviewers

Preface

Free Chapter

Getting Started

Getting Started

What jQuery Does

Why jQuery Works Well

Our First jQuery Document

Selectors—How to Get Anything You Want

Selectors—How to Get Anything You Want

The Document Object Model

The $() Factory Function

XPath Selectors

Custom Selectors

DOM Traversal Methods

Accessing DOM Elements

Events—How to Pull the Trigger

Events—How to Pull the Trigger

Performing Tasks on Page Load

Compound Events

Limiting and Ending Events

Simulating User Interaction

Effects—How to Add Flair to Your Actions

Effects—How to Add Flair to Your Actions

Inline CSS Modification

Basic Hide and Show

Effects and Speed

Multiple Effects

Simultaneous versus Queued Effects

DOM Manipulation—How to Change Your Page on Command

DOM Manipulation—How to Change Your Page on Command

Manipulating Attributes

Inserting New Elements

Moving Elements

Wrapping Elements

Copying Elements

DOM Manipulation Methods in a Nutshell

AJAX—How to Make Your Site Buzzword-Compliant

AJAX—How to Make Your Site Buzzword-Compliant

Loading Data on Demand

Choosing a Data Format

Passing Data to the Server

Keeping an Eye on the Request

AJAX and Events

Security Limitations

Table Manipulation

Table Manipulation

The Finished Code

Advanced Row Striping

Row Highlighting

Collapsing and Expanding

The Finished Code

Forms with Function

Forms with Function

Progressively Enhanced Form Styling

Form Validation

Checkbox Manipulation

The Finished Code

Placeholder Text for Fields

AJAX Auto-Completion

The Finished Code

Numeric Calculations

Editing Shipping Information

The Finished Code

Shufflers and Rotators

Shufflers and Rotators

Headline Rotator

An Image Carousel

Image Enlargement

The Finished Code

Plug-ins

How to Use a Plug-in

Popular Plug-Ins

Finding Plug-in Documentation

Developing a Plug-in

Online Resources

Online Resources

jQuery Documentation

JavaScript Reference

JavaScript Code Compressors

(X)HTML Reference

XPath Reference

Web Development Frameworks Using jQuery

Development Tools

Development Tools

Tools for Firefox

Tools for Internet Explorer

Tools for Safari

JavaScript Closures

JavaScript Closures

Inner Functions

The Great Escape

Variable Scoping

Interactions between Closures

Closures in jQuery

Memory Leak Hazards

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Security Limitations

For all its utility in crafting dynamic web applications, XMLHttpRequest (the underlying browser technology behind jQuery’s AJAX implementation) is subject to strict boundaries. To prevent various cross-site scripting attacks, it is not generally possible to request a document from a server other than the one that hosts the original page.

This is generally a positive situation. For example, some cite the implementation of JSON parsing by using eval() as insecure. If malicious code is present in the data file, it could be run by the eval() call. However, since the data file must reside on the same server as the web page itself, the ability to inject code in the data file is largely equivalent to the ability to inject code in the page directly. This means that, for the case of loading trusted JSON files, eval() is not a significant security concern.

There are many cases, though, in which it would be beneficial to load data from a third-party source. There are several ways...