面试题与答案

Security and JSON Parser to understand by below examples
// Include http://www.json.org/json.js
var myObject = myJSONtext.parseJSON();
• eval() can compile and execute any JavaScript program, so there can be security issues (cross-site scripting)
Use eval() when the source can be trusted
• When security is a concern - the source cannot be trusted -, it is better to use a JSON parser
A JSON parser will only recognize JSON text and so is much safer
Object to Text Conversion
var myJSONText = myObject.toJSONString();
• You can convert JSON object into JSON text
• JSON does not support cyclic data structure
Do not give cyclical structures to the JSON stringifier

• JSON-RPC is a simple remote procedure call protocol similar to XML-RPC although it uses the lightweight JSON format instead of XML
• JSON-RPC-Java is a Java implementation of the JSON-RPC protocol

• It allows you to transparently call server-side Java code from JavaScript with an included lightweight JSON-RPC JavaScript client.
• It is designed to run in a Servlet container such as Tomcat and can be used with J2EE Application servers to allow calling of plain Java or EJB methods from within a JavaScript DHTML web application.

• Dynamically call server-side Java methods from JavaScript DHTML web applications. No Page reloading.
• Asynchronous communications.
• Transparently maps Java objects to JavaScript objects.
• Lightweight protocol similar to XML-RPC although much faster.
• Leverages J2EE security model with session specific exporting of objects.
• Supports Internet Explorer, Mozilla, Firefox, Safari, Opera.