JS USES eval to analyze the considerations for JSON

This paper analyzes the precautions of JS using eval to resolve JSON in detail. To share for your reference, the details are as follows:

In JS, the JSON string is parsed into JSON data format. Generally, there are two ways:

1.1 Use the eval() function.

2. Use the Function object for return resolution.

Parse using the eval function, and traverse using jquery's each method

jquery is used to parse JSON data as the transmission object of jquery asynchronous request, and the result returned by jquery after the request is json object. What is considered here is the form of string returned by the server in the form of JSON. For THE JSON object encapsulated by JSONObject and other plug-ins, it is much the same, which is not explained here.

Here, the JSON string set is given first. The string set is as follows:

The code is as follows:

var data="
{
root:
[
{name:'1',value:'0'},
{name:'6101',value:' The Beijing municipal '},
{name:'6102',value:' tianjin '},
{name:'6103',value:' Shanghai '},
{name:'6104',value:' chongqing '},
{name:'6105',value:' weinan '},
{name:'6106',value:' Yan 'an '},
{name:'6107',value:' Grassland, '},
{name:'6108',value:' Yulin city '},
{name:'6109',value:' Ankang municipality '},
{name:'6110',value:' shangluo '}
]
}";

Based on the data types acquired asynchronously by jquery, json object and string, the two methods of processing the results obtained are described.

1. For the JSON string returned by the server, if the jquery asynchronous request is not typed or accepted as a string, object processing is required once, either too much trouble or the string is placed in eval() for execution once. This approach is also suitable for getting json objects in the normal javascipt way, as illustrated below:

var dataObj=eval("("+data+")");// convert json object 
Red rose Why do you want to  eval I'm going to add   " ("("+data+")");// "? 

The reason: problems with eval itself. Since json starts and ends with "{}", in JS it is treated as a block of statements, so it is mandatory to convert it to an expression.

The purpose of the parentheses is to force the eval function to convert the expression inside the parentheses (expression) to an object, rather than executing it as a sentence (statement), while processing the JavaScript code. For example, if an object literal {} is not enclosed with an outer parenthesis, eval identifies the parenthesis as the beginning and end of the JavaScript block, and {} is considered to have executed a null statement. So the following two execution results are different:

alert(eval("{}"); // return undefined
alert(eval("({})");// return object[Object]

For this kind of writing, you can see it everywhere in JS.

Such as: (function ()) {} (); When doing closure operations, etc.

alert(dataObj.root.length);// The output root The number of child objects  
$.each(dataObj.root,fucntion(idx,item){ 
if(idx==0){ 
return true; 
} 
// The output of each root The name and value of the child object  
alert("name:"+item.name+",value:"+item.value); 
})

Note: For 1-like js to generate json objects, just replace the $.each () method with the for statement, nothing else.

2. For JSON string returned from the server, if jquery asynchronous request will type (1 kind) for this configuration attribute set to "json", or use $. getJSON () method to obtain the server returns, so there is no need for eval () method, because this time the result is the json object, simply call the object can be directly, in this to $. getJSON method for example data processing methods:

$.getJSON("http://www.phpzixue.cn/",{param:"gaoyusi"},function(data){ 
// Returned here data Is already json object  
// The following other operations are the same as control 1 Kind of circumstance  
$.each(data.root,function(idx,item){ 
if(idx==0){ 
return true;// with countinue To return to false with break 
} 
alert("name:"+item.name+",value:"+item.value); 
}); 
});

Of particular note here is that the eval() method in Mode 1 executes the string (possibly the js script) on the fly, which can easily cause system security issues. So you can use a third side client script library that circumventeval (), such as JSON in JavaScript, which provides a script library no larger than 3k.

The second way of parsing is to use the Function object. Its typical application is to parse the returned data data under the AJAX method in JQUERY and so on

var json='{"name":"CJ","age":18}';
data =(new Function("","return "+json))();

At this point, data is 1 object that resolves to 1 json object.

I hope this article has been helpful in JavaScript programming.