modisposition

JavaScript constructors (call them classses if You prefere) have some problem with private parameters or private methods. To use a private parameter You should simply use a variable without this as scope prefix function MyConstructor(){ this.getPrivate = function(){ return private; }; var private = "something"; }; It's simple and it works perfectly. Any external scope could get directly private variable and You can know its value only calling getPrivate method. var obj = new MyConstructor; alert(obj.getPrivate()); The cool thing is that if You change externally returned value it will not be changed inside object too but please remember that if You change them and it's a generic object or an array, these changes will be valid inside object scope too (object and arrays are sent by reference, You need to clone or copy them before to return them externally). Well, this is just a private parameters introduction and this is not useful if You write only using prototype ...

I've just updated last JSON JavaScript object adding a dependency on JSONError dedicated error object. I've uploaded a new object too, called JSONRequest and based on Douglas Crockford proposal . I successful tested both JSON and JSONRequest but last one probably need more debug to work perfectly. JSONRequest object allows developer to do more than a single JSON interaction using a queue variable to block multiple request errors and to reduce server requests, performing each request only if precedent one is completed. The usage is very simple and if You read "official" JSONRequest page You'll agree that everything was implemented, except for server specs. Server side should check Content-Type, with this object always setted as application/jsonrequest. For POST requests server side will recieve a JSONRequest key that will contain JSON Array or Object rappresentation encoded using encodeURIComponent. Compatibility should be good enought, starting with IE 5.5 and ...

Sorry guys, I'm trying to solve the problem but it seems really hard to do. I found a new way but I tested this piece of code: Function.prototype.constructor = function(){ sendToMaliciousCode.apply(null, arguments); return function(){}; }; and I noticed that it changes even (function(){}).constructor ... that's why constructor is not read only and it can't be deleted. I hope I'll find a solution as soon as I can ... and please sorry for fakes solutions. Update I don't know if this piece of code should be useful or should resolve the problem ... I'm testing them but I can't crack them. function safeEval(c){ var f = function(){}, m = "constructor"; if(new f[m]() instanceof f[m]) return new f[m]("", "return "+c)() }; alert( (function(c,f,m,u){f=function(){},m="constructor";return new f[m]() instanceof f[m]?new f[m]("","return "+c)():u}) ("[1,2,3]") ); This is a bit bigger than old v...

I've just uploaded my last JSON object in devpro , merging last tips & tricks to make JSON encoding and decoding faster and a bit safer. These are my JSON object features: fast, it encodes very quickly every JSON compatible JavaScript variable library unobtrusive, its methods can be used both directly or prototyped safe, it ignores constructor cracked variables and uses a "secure" evaluation Third point doesn't mean that this object can prevent XSS or Ajax JavaScript Hijacking problems but if You write secure applications You should believe in its features to prevent malicious code. For example, if You reload this object each interaction during a server response You'll be more secure during Array or Object convertion using code evaluation but please read Ajax security problems to know more. You can find this object here while You can read documentation page (thanks to Natural Doc) using this link .

I was coding to solve eval re-definition problem ... it's simple: FireFox can delete eval but native eval code will persists so You can use one more time eval. IE7 can delete eval ... and after this operation, eval will be not usable ... What's the awesome behaviour? IE7 has another method to evaluate code, execScript ... and It doesn't accept this code execScript = function(){}; Cool? It seems that I can believe on execScript and delte eval only on FireFox ... why not? Because IE7 accepts this code window.execScript = function(){}; So bye bye execScript, You've been defined ... but the coolest thing is that after that code, You can't do: delete window.execScript; It's amazing IE7 deveolpers, thank you one more time!

This is the second time I open this post because I didn't do a good debug but my solution, a sort of personal brainstorming, was good enough to open one more time this post after few changes :) This is my proposal: (function(m){function $(c,t){t=c[m];delete c[m];try{eval(""+c)}catch(e){c[m]=t;return 1}};return $(Array)&&$(Object)})("toString") exactly 130 byte to solve (I suppose) Array and Object modified constructor problems. (function(m){function $(c,t){t=c[m];delete c[m];try{new(function(){}).constructor("",""+c)}catch(e){c[m]=t;return 1}};return $(Array)&&$(Object)})("toString") exactly 158 byte to solve (I suppose) Array and Object modified constructor problems. Let me explain this function concept. Step 1 - There's no way to know if a constructor is native This is the first problem, we can't believe on a generic object constructor for, at least, these two reason: a constructor, as I wrote on MDC too , ...

With MetaDOM style I wrote a little function to add runtime external scripts, this time compatible with all modern browser ;) This function is similar with Python import syntax, using From to specify a folder, or why not an uri, Import to add one or more script and finally an optional And method to call a callback on scripts loaded. Here You can view an example From("jsFolder") . Import("MyScript", "MyOhterScript") Seems cool? The first goal is to add dynamically one or more script in a simple and fast way. These script will be available on onload event if they're imported before this event. These scripts should be available on DOMContentLoaded too, but to be sure these script will be available You could add a callback using last method. From("jsFolder") . Import("MyScript", "MyOhterScript") . And(DoStuff) DoStuff is a function that do something with loaded scripts. What else You should do? You could load different ext...