JSON must be known for a PostScript

Terms

Portability

Compatibility between platforms and systems for transmitting information.

Json

Javascriptobjectnotation object notation.

Data Interchange Format

Text that is used to exchange data between different platforms or systems.

Literal quantity

A value that is exactly the same as the meaning to be expressed.

Variable

A class of values that can be modified by means of a shape such as the x identifier.

Maximum portability

It provides portability beyond the data format itself by ensuring that the data itself is compatible with the platform and the system.

Name-value pairs

Refers to attributes and characteristics (also called key-value pairs) that have names and corresponding values.

Syntax validation

Validation in JSON format.

Conformance verification

Focus on unique data structure validation.

String types in JSON

A string value, such as "You're a good person," wrapped in double quotes.

Concept

JSON is a data interchange format.

JSON is independent of the programming language.

JSON is based on the literal notation of the JavaScript object (with emphasis on notation).

JSON expresses data in a way that is friendly to general programming concepts.

JSON represents the syntax of a property based on JavaScript object literals, but does not contain parts related to the function of the JavaScript object literal.

In JSON name-value pairs, the names are always wrapped in double quotes.

JSON name-value pairs, values can be strings, numbers, Boolean values, NULL, object-style arrays.

The list of name-value pairs in JSON is always wrapped in curly braces.

Multiple name-value pairs in JSON are separated by commas.

The JSON file uses the. json extension.

The media type of JSON is Application/json.

The Boolean type values in JSON are only true and false, and all letters must be lowercase.

All letters of a null value in JSON must be lowercase to indicate a null value.

The number type in JSON, a numeric value, such as 66, can be a positive integer, a negative integer, a decimal, an exponent.

The key difference between object and array is that an object is a list or collection of name-value pairs, which are lists and collections of values.

Another key difference between objects and arrays is that all values in the array should have the same data type.

Terms

Arrays in JSON

An array is a collection or list of values, each of which can be a string, a number, a Boolean value, an object, or any one of the arrays. The array must be wrapped by [] and separated by a comma between the value and the value.

Object types in JSON

The object type is a comma-delimited collection of name-value pairs and uses the {} package.

JSON Schema

A virtual contract in data exchange.

Server (in Web development)

A series of operations performed on the server when a Web-page resource is requested. The server provides its processing and loading response for the Internet browser.

Client (in web development)

A sequence of actions that are performed when the interface that the browser requests is loaded, usually referred to as html,css and JavaScript.

Concept

The JSON validator is responsible for validating syntax errors, and the JSON schema is responsible for providing conformance validation.

Jsonschema is the first line of defense in charge of data receiving, and it is also a good tool for data sender to save time and ensure the correct data.

Jsonschema can resolve the following conformance validation issues

1. Is the data type of the value correct? You can specify that a value is a type such as a number, a string, and so on.

2. Do you want to include the required data? You can specify what data is needed and what is not.

3. Is the value in the form I need? You can specify a range, minimum maximum value.

JSON itself does not constitute a threat, it is just text.

Here are 3 things to keep in mind when locating JSON security issues.

1. Do not use top-level arrays, top-level arrays are legitimate JavaScript scripts, they can be linked with <script> tags and used.

2. For resources that do not want to be exposed, only the HttpPost method request is allowed, not the Get method, and the Get method can be requested through a URL or even placed in the script tag.

3. Using Json.parser () instead of Eval (), the eval () function compiles and executes the incoming string, which makes your code vulnerable to parsing JSON data using only Json.parser ().

Security breaches are often caused by developers not taking into account the "How hackers exploit this" issue.

The relationship between JavaScript's XMLHttpRequest and Webapi is the relationship between the client and the server.

XMLHttpRequest is not limited to XML, it can also be used to request JSON resources

Terms

Cross-site request forgery (CSRF)

Use a site to attack the user's browser's trust

Top-level JSON array

A JSON array at the top of the document that exists outside the JSON name-value pair.

Injection attack

An attack that relies on injecting data into a Web application to facilitate the execution or compilation of malicious data.

JSON cross-site scripting attack

An injection attack on a site by intercepting or replacing the third-party code used in the site with a malicious script.

WebApi

A series of directives and standards that interact with the service through HTTP.

XMLHttpRequest

A JavaScript object that fetches data from a URL without having to refresh the page, often with Ajax programming.

Hypertext Transfer Protocol (HTTP)

Basic protocols for exchanging data used by the World Wide Web

Serialization of

Action to convert an object to text

Deserialization

The manipulation of converting text to objects.

Concept

Web site for human Service, WEBAPI for code services, they all use the HTTP protocol.

The same-origin policy makes it difficult for JavaScript and JSON resources to communicate with the client-server side.

Client cross-domain XMLHttpRequest requires support from the service side to ensure that the JSON resource request succeeds.

jquery is an abstraction tool that provides JSON request and resolution capabilities to shorten development time, while also addressing cross-browser compatibility issues.

The concept of AngularJS MVC

JSON is a model | | Data model

HTML is a view and provides syntax to bind to the model

A controller is a JavaScript file that Angularjs syntax to define and manipulate interactions with models and views.

Angularjs makes JavaScript objects and JSON shine in the MVC architecture.

In a relational database, there are often table column rows and their relationships, where primary and foreign keys are used.

There are many kinds of NoSQL databases, which have different data storage and utilization methods than traditional relational models.

COUCHDB Database Key Concepts

1. It is a document-oriented NoSQL database

2. It stores and manages JSON documents

3. It maintains good data structures while storing and retrieving

4. It uses the HTTP-based API to get the data as a JSON document resource

5. It uses JavaScript as the query language and obtains data across the API through the view's map and reduce methods.

On the server side, you can deserialize the JSON into an object and use it in programming logic, or you can serialize the object into JSON format.

JSON is well supported by both the server and the client, making it stand out from the many Exchange data formats in the web domain.

Terms

Homologous policy

For security reasons, the browser only requests scripts for the same domain.

Cross-domain resource sharing cors

The response header is set so that cross-over requests can succeed.

Json-p

Use the script tag to bypass the same-origin policy restrictions and request JSON from servers of different domain names.

Abstraction of

A technique for dealing with complex systems, the main idea is to convert a big problem into several small problems

Framework

An abstraction tool that saves time and lets us focus more on building functionality.

Jquery.parserjson ()

A jquery function that not only invokes the Json.parser () function, but also is compatible with older browsers that do not support the Json.parser () function, and evaluates strings by validating characters, thus avoiding possible security issues.

Jquery.getjson ()

The shorthand form of the Jquery.ajax () function, which contains the ability to parse JSON into a JavaScript object.

Single Page Web application

Unlike traditional multi-page approaches, Web pages are focused on providing a more seamless application experience.

Model-View-controller (MVC)

An application architecture pattern that divides the application into 3 parts: Model (data), view (presentation), and controller (update model and view)

AngularJS

A JAVASCRIPTMVC framework that uses JavaScript objects as a data model.

relational database

A database for structured storage of stored data in a recognizable relationship.

NoSQL Database

A database that is not stored by storing relationships between data.

Couchdb

A document-oriented NoSQL database storage type that stores data in the form of a JSON document.

asp

Server-side web framework developed by Microsoft

Php

Server-side scripting language for creating dynamic Web pages

Ruby on Rails

A server-side Web application framework written using Ruby

node. js

Server-side JavaScript based on the Google V8 engine.

Java

An object-oriented programming language.

JSON also acts as a static configuration file

When considering what data format to use, the form of data and the system of exchanging data should be taken into account.!!! JSON is not always the best choice.

JSON must be known for a PostScript