The JavaScript Object Notation (JSON) mechanism for representing data has rapidly become an indispensable part of the web developer’s toolkit, allowing JavaScript applications to obtain and parse data intuitively, within scripts, with lightweight data encapsulation. Firefox 3.5 includes support for JSON natively by exposing a new primitive — window.JSON — to the top level object.
Native “out of the box” support for JSON comes to the web courtesy of the ECMAScript 5th Edition (PDF link to specification), other aspects of which will also be supported by Firefox 3.5. Presently, native JSON is supported by Firefox 3.5 and IE8, with a strong likelihood of other browsers supporting it soon as well.
Native JSON support has two advantages:
- Safety. Simply using
evalto evaluate expressions returned as strings raises security issues. Also, the native JSON primitive can only work with data. It can’t be used to parse objects with method calls; attempting to do so returns an error. - Performance. Parsing JSON safely, using third-party scripts and libraries, is likely to be slower than native JSON parsing within the browser.
Let’s look at some examples.
A JSON API for search results might look like this:
/* Assume that you obtained var data as a string from a server For convenience we display this search result on separate lines */ var data = ' { "responseData": {"results": [ { "SafeSearch":"true", "url":"http://www.arunranga.com/i.jpg", }, { "SafeSearch":"false", "url":"http://www.badarunranga.com/evil.jpg", } ]}}';
Such a resource could be returned by a simple HTTP GET request using a RESTful API.
Using native JSON, you could do something like this:
/* Obtain a handle to the above JSON resource This is best and most conveniently done via third-party libraries that support native JSON */ if (window.JSON) { var searchObj = JSON.parse(data); for (var i=0; i++; i < searchObj.responseData.results.length) { if (searchObj.responseData.results[i].SafeSearch) { var img = new Image(); img.src = searchObj.responseData.results[i].url; // ... Insert image into DOM ... } }
You can also stringify the object back to the string:
// Back to where we started from var data = JSON.stringify(searchObj); // data now holds the string we started with
Of course, to really enable the power of JSON, you’ll want to retrieve JSON resources from different domains, via callback mechanisms like JSONP. Many web developers are unlikely to use the JSON primitive directly. Rather, they’ll use them within libraries such as Dojo and jQuery. These libraries allow for the retrieval and direct parsing of JSON resources from different domains, and add a great deal of syntactic sugar to the process of callbacks and DOM insertions.
The native JSON primitive works with the popular json2.js library (which correctly detects if native JSON is enabled), so developers can seamlessly use JSON parsing on browsers that don’t support native JSON. As of this writing, Dojo and jQuery have committed to supporting native JSON:
Pingback from 颠覆网络35天 ─ 使用本地JSON获得更好的安全和性能 < MJiA on June 16th, 2009 at 10:50 pm:
Pingback from Mozilla Hacks: Natywny JSON – większe bezpieczeństwo i wydajność « marcoos.techblog on June 17th, 2009 at 2:40 pm:
Pingback from 谋智社区 » Blog Archives » 颠覆网络35天 ─ 使用本地JSON获得更好的安全和性能 on July 27th, 2009 at 1:10 am: