如何安全使用JSON.stringify ?

时间:2021-09-23 06:52:41

I get a JSON object, which I then stringify to var embed. The console.log looks like:

我得到一个JSON对象,然后将其字符串化为var embed。控制台。日志的样子:

console.log(send_me_along)

{"provider_url":"https://www.site.com/","description":"Stuff, you’ll need to blah blah","title":"Person detail view & engagement","url":"https://www.site.com/","version":"1.0","provider_name":"site","type":"link"}

Then in ajax beforeSend I try to pass this along:

然后在ajax中,我试着把它传递下去:

settings.data += '&embed_data=' + send_me_along;

This is where it breaks. I don't know why. Do you? Something send_me_along breaks and the JSON object never makes it to rails.

这就是它断裂的地方。我不知道为什么。你呢?send_me_along中断,JSON对象永远不会到达rails。

Started POST "/st" for 127.0.0.1 at 2012-01-12 17:20:25 -0800
Parameters: {"utf8"=>"✓", "authenticity_token"=>"MzDImoksi56IZ1Fa4ldM8jaFyBy61xaWt4bf3z0/3UQ=", "comment"=>{"content"=>"https://www.site.com", "mentions"=>"https://www.site.com"}, "commit"=>"", "embed_data"=>"{\"provider_url\":\"https://www.site.com/\",\"description\":\"Stuff, you’ll need to blah blah.\",\"title\":\"Person detail view ", "engagement\",\"url\":\"https://www.site.com/\",\"version\":\"1.0\",\"provider_name\":\"site\",\"type\":\"link\"}"=>nil, "id"=>"ae86c5b7a6"}

It appears as if the & in the title is messing up on the post. is there something that needs to be done w jQuery when using settings.data to not allow the stringified data to break everything?

看起来好像标题里的标题搞砸了。在使用设置时,是否需要使用w jQuery ?数据不允许字符串化的数据破坏一切?

Thanks

谢谢

3 个解决方案

#1


6  

If you're trying to pass a string of JSON as a url parameter you need to encode it so that special characters that have meaning in a url (like ampersands) will not break things. So something like:

如果您试图将JSON字符串作为url参数传递,则需要对其进行编码,以便url中具有含义的特殊字符(如与号)不会出错。所以类似:

settings.data += '&embed_data=' + encodeURIComponent(send_me_along)

More info on encodeURIComponent() at MDN.

更多关于MDN上的encodeURIComponent()的信息。

#2


1  

Use encodeURIComponent to encode the data.

使用encodeURIComponent对数据进行编码。

settings.data += '&embed_data=' + encodeURIComponent( send_me_along );

#3


0  

Why not just set the data as an object when you call ajax?

为什么不在调用ajax时将数据设置为对象呢?

$.ajax(
  //...
  data: {
     stuff: "something"...
  }
);

Let jquery deal with the ampersands.

让jquery处理符号。

#1


6  

If you're trying to pass a string of JSON as a url parameter you need to encode it so that special characters that have meaning in a url (like ampersands) will not break things. So something like:

如果您试图将JSON字符串作为url参数传递,则需要对其进行编码,以便url中具有含义的特殊字符(如与号)不会出错。所以类似:

settings.data += '&embed_data=' + encodeURIComponent(send_me_along)

More info on encodeURIComponent() at MDN.

更多关于MDN上的encodeURIComponent()的信息。

#2


1  

Use encodeURIComponent to encode the data.

使用encodeURIComponent对数据进行编码。

settings.data += '&embed_data=' + encodeURIComponent( send_me_along );

#3


0  

Why not just set the data as an object when you call ajax?

为什么不在调用ajax时将数据设置为对象呢?

$.ajax(
  //...
  data: {
     stuff: "something"...
  }
);

Let jquery deal with the ampersands.

让jquery处理符号。