This document summarizes common web vulnerabilities including cross-site scripting (XSS), cross-site request forgery (CSRF), and clickjacking. It provides examples of how each vulnerability can be exploited, such as using JavaScript to steal cookies or make unauthorized requests. The document also lists recommendations for preventing these issues, like validating and sanitizing input, using anti-CSRF tokens, and disabling JavaScript for sensitive pages. Resources for further reading on each topic are included.
This document discusses slideshow implementations using JavaScript and CSS3. It covers HTML structure, utilities like automatic playback and image lazy loading, different transition effects like fade and slide, design patterns like adapter and factory, and extending the switchable component. It also mentions alternatives using CSS3 transitions directly and addresses past memory leak issues in YUI.
7. Javascript语言——特性
高阶函数-传递函数:
例
var woman = function () {
alert('beauty');
}
var man = function () {
alert('cool')
}
var swap = function () {
var temp = woman,
woman = man,
man = temp;
alert('交换成功')
}
查看示例
8. Javascript语言——特性
动态类型:
例
var a = new Object();
a.sex = ‘美女’;
a.age = 21;
a.say = function(){ return '帅哥你好~' };
alert(a.sex);
alert(a.age);
alert(a.say());
a.say = ‘从函数变成字符串’;
alert(a.say)
查看示例
可以赋给变量任意类型的值,并可随时更改类型
10. Javascript语言——特性
对象模型——创建一个构造函数:
例
//创建一个人并给Ta赋予一些属性
var person = function () {
this.name = '多多';
this.say = function () {
return ‘亲~‘
};
}
//基于person的原型定义一个新对象woman
var woman = new person();
alert('这位美女的名字是'+woman.name+',她对
大家说:“'+woman.say+'”');
查看示例
11. Javascript语言——特性
对象模型——通过原型继承: 查看示例
例
var person = function () {
this.name = '多多';
this.say = function () {return
'Remember'};
}
var woman = function () {
this.say = function () {
return '亲们~请多关照'
}
}
woman.prototype = new person();
var x = new woman();
alert(‘这位美女的名字是’+x.name+‘;美女对大
家说:“’+x.say()+'”');
22. Javascript语言——作用域、作用域链、闭包
例
function a(x, y) {
Activation object
var b = x + y;
this window
return b;
arguments [5,10]
}
x 5
y 10
Var total = a(5, 10) b undefined
Scope chain
var total=a(5,10)
Executioncontext 0
[[Scope]] 1
Global object
this window
window (object)
document (object)
a (function)
total undefined
24. Javascript语言——作用域、作用域链、闭包
标示符解析
例
var a = ‘set1’ var a = ‘set1’
function foo() { function foo(){
a = ‘set2’; b = ‘set2’
return a return a
} }
alert(foo()); alert(foo());
查看示例
69. Javascript引擎——垃圾回收
例 function a() {
this.text = 'a的弹窗'
}
function b() {
this.text = 'b的弹窗'
}
function c() {
var x = new a();
y = new b();
return y;
}
c();
alert(y.text)