IE8 native JSON support

This new Native JSON function enables Internet Explorer 8 to use existing Ajax applications. Program It runs more quickly and securely.

What is JSON?

Most developers do not only develop Ajax programs. Here I will introduce some background knowledge. JSON is a simple data exchange format that can be read by people. In Ajax programs, this format is usually used when data is transmitted between servers and web programs.

For example, if you select a contact name from the favorite web mail, you can see the contact information. The data stream sent by the server to a web program (running in a browser) may look like the following:

{
"Firstname": "Cyra ",
"Lastname": "Richard ",
"Address ":{
"Streetaddress": "1 Microsoft Way ",
"City": "Redmond ",
"State": "wa ",
"Postalcode": 98052
},

"Phonenumbers ":[
"425-777-7777 ",
"206-777-7777"
]
}

Fortunately, this format is fully compatible with the Javascript syntax. Many today's programs use the Javascript eval () function to convert the obtained data into JavaScript objects. Using eval () is insecure and resource-consuming. Eval () parses the string into a JScript expression and runs it. If the string passed to eval () has been tampered with, it may contain unexpected data, or even others'CodeIn this way, it is injected into your web program.

Currently, many libraries written in JavaScript are used to securely parse untrusted JSON data. Some sdks written in JScript (http: // www.json.org/json_parser.js) perform strict data verification. Some libraries, such as json2 and JS (http: // www.json.org/json2.js ), use a regular expression to perform a full check on the input string, and then use eval () for fast parsing. The ideal solution is a native implementation method that prevents application code injection and runs fast and can be used everywhere.

Original JSON in IE8 JScript

IE8's JScript engine already has a completely native Implementation of JSON, in keeping with the es3.1 proposal draft (proposal working draft, address http://wiki.ecmascript.org/doku.php? Id = es3.1: es3.1 _ proposal_working_draft) JSON supports compatibility, greatly improving the serialization and deserialization speed, and improving the security of parsing untrusted data.

API

We have defined a new built-in object "JSON", which can be modified or overwritten. It looks like math or other built-in Global Objects. In addition to JSON objects, the specific functions tojson () are also added to the prototype of date, number, string, and Boolean objects. The JSON object has two methods: parse () and stringify ().

For example:

VaR jsobjstring = "{\" membernull \ ": NULL, \" membernum \ ": 3, \" memberstr \ ": \" stringjson \ ", \" memberbool \": true, \ "memberobj \": {\ "mnum \": 1, \ "mbool \": false}, \ "memberx \":{}, \ "memberarray \": [33, \ "stringtst \", null, {}] ";
VaR jsobjstringparsed = JSON. parse (jsobjstring );
VaR jsobjstringback = JSON. stringify (jsobjstringparsed );

The objects generated by the parse () method and serialized by the stringify () method are exactly the same as the following objects:

VaR jsobjstringparsed =
{
"Membernull": NULL,
"Membernum": 3,
"Memberstr": "stringjson ",
"Memberbool": True,
"Memberobj ":
{
"Mnum": 1,
"Mbool": false
},
"Memberx ":{},
"Memberarray ":
[
33,
"Stringtst ",
Null,
{}
]
};

JSON. parse (source, reviver)

The JSON. parse method executes deserialization. It uses a JSON string (specified by the source parameter) to generate a JScript object or array.

The optional parameter revive is a user-defined function used to calculate resolution changes. Result objects or arrays are recursively traversed. The reviver function is used on each member. Each member value is replaced by the return value of reviver. If reviver returns NULL, the object member is deleted. The traversal and calling of reviver are completed in the descending order. That is to say, after all the members of the object are "Revived", the entire object will be "Revived.

Reviver is mainly used to identify strings like ISO and convert them into date objects. So far, JSON format (http://www.json.org/) cannot be converted back and forth for date objects, because there is no standard date text volume for JScript. Es3.1 draft (http://wiki.ecmascript.org/doku.php? Id = es3.1: es3.1 _ proposal_working_draft) contains an example of how to use the reviver function to solve this problem.

JSON. stringify (value, replacer, space)

This is the serialization method. It uses the object or array specified by the value parameter as the parameter to generate a string in JSON format. Recursive access to an object or array, serialized into a specific JSON format. If the value parameter has the tojson () method, this method acts as the first filter. The original value is replaced by value. tojson (key), and the final value is serialized. The parameter key is a string. When an object like (key: Value) is serialized, the key is the name of the member. For the root object, the key is a null string.

Date. Prototype. tojson () generates a string that does not need to be escaped and is a real serializer, because stringify () returns the original string without any change. The date object is serialized using the tojson () method.

Number. Prototype. tojson (), String. Prototype. tojson (), Boolean. Prototype. tojson () function returns valueof (). They are used for correct Object serialization, such as "Var num = new number (3.14.

The optional replacer parameter acts as a filter and is used recursively. It can be a function or an array. If replacer is a function, replacer (Key, value) is called for key: value of each object member ). For the root object, call replacer ("", value ). If replacer is an array, it must be an array string. The element of the array is the name of the member to be serialized. The serialization order follows the name order in the array. Array replacer is ignored when arrays are serialized.

The optional parameter space is about how to format the output text. If this parameter is omitted, the output text does not contain any extra spaces. If it is a number, it specifies the number of spaces for each level of indentation. If it is a character (such as "\ t" or ""), it indent each level of characters with these characters.

What is the impact on existing web pages?

Es3.1 JSON proposal is the main factor used by popular json2.js. We also use the JSON name. The Global Object JSON can be overwritten. However, it is no longer an undefined object. This is the same as introducing the new keyword in the script language. Using a name occasionally affects the existing code. Pages using json2.js are unlikely to be affected. Except for a few exceptions, all these pages will continue to work normally, but they can only run faster.

The pages defined by the self-implemented JSON object may be affected, especially when the "If (! This. JSON) {JSON = ...}" JSON object defined in this mode. There are two main ways to solve this problem:

1. migrate existing code using a native JSON object
If your own JSON implementation is based on a certain version of json2.js, it will be easy to migrate.

2. decide not to use native JSON support and continue to use your existing JSON object.
This can be achieved by renaming or rewriting the JSON name. Rename means you need to change all codes using JSON names to names like "myjson. Rewriting means that your own JSON definition will overwrite all the code defined using the default native JSON. In most cases, you only need to remove the condition "If (! This. JSON.

Considering the impact of the 3.1 Standard, the JSON name is consistent with our desire to implement interoperability through the defined interfaces.

There are many things to talk about native JSON. The parser is an independent implementation instead of based on eval. It is supported with JSON (http://wiki.ecmascript.org/doku.php? Id = es3.1: json_support. It is also safe with http://www.json.org/json_parser.js, and the operation speed is much faster. Therefore, if you use eval () or your own JSON library, check the original JSON implementation in IE8 for better performance and security operations.