面试题与答案

Security and JSON Parser to understand by below examples
// Include http://www.json.org/json.js
var myObject = myJSONtext.parseJSON();
� eval() can compile and execute any JavaScript program, so there can be security issues (cross-site scripting)
Use eval() when the source can be trusted
� When security is a concern - the source cannot be trusted -, it is better to use a JSON parser
A JSON parser will only recognize JSON text and so is much safer
Object to Text Conversion
var myJSONText = myObject.toJSONString();
� You can convert JSON object into JSON text
� JSON does not support cyclic data structure
Do not give cyclical structures to the JSON stringifier

� JSON-RPC is a simple remote procedure call protocol similar to XML-RPC although it uses the lightweight JSON format instead of XML
� JSON-RPC-Java is a Java implementation of the JSON-RPC protocol

� It allows you to transparently call server-side Java code from JavaScript with an included lightweight JSON-RPC JavaScript client.
� It is designed to run in a Servlet container such as Tomcat and can be used with J2EE Application servers to allow calling of plain Java or EJB methods from within a JavaScript DHTML web application.

� Dynamically call server-side Java methods from JavaScript DHTML web applications. No Page reloading.
� Asynchronous communications.
� Transparently maps Java objects to JavaScript objects.
� Lightweight protocol similar to XML-RPC although much faster.
� Leverages J2EE security model with session specific exporting of objects.
� Supports Internet Explorer, Mozilla, Firefox, Safari, Opera.