This tiny plugin provides a registry for different filter functions to sanitize ajax responses.

It requires jQuery 1.3 with its new feature, the 'dataFilter' ajax setting.

If you want to provide a new implementation, you need to do something like this:

  1. jQuery.ajaxFilter.register( 'js_in_href''html'function( data ){ 
  3.      return data.replace(/href="javascript:[^"]+"/g, ''); 
  5. });  


  1. jQuery.ajaxFilter.register('eval''script html json'function( data ){ 
  3.      return data.replace(/eval\(.+?\);?/g, ''); 
  5. }); 

Arguments for jQuery.ajaxFilter.register() are:

Name for the filter, used as 'filter' when calling jQuery.ajax.

One or more dataTypes to handle. Can be any combination of ajax, html, json and xml separated by spaces.

The filter function. Will receive 2 arguments: the data and the type. The 'this' will reference the settings object.

To use it, you do:

  1. jQuery.ajax({ 
  2.      url:'foo.html'
  3.      filter:'js_in_href'
  4.      // ... 
  5. }); 

The filter can also parse the response.

That means it can (for example) provide an alternative way of eval'ing json. This is specially useful for Adobe AIR apps.

If the filter returns something else than a string, it's assumed to be the final response.



转载请注明:代码家园 » AjaxFilter