Upload
danielle-leigh
View
1.145
Download
0
Embed Size (px)
DESCRIPTION
Lecture notes on client-side web scripting. basics on javascript, important outlines about client-side web scripting like dynamic html, dom, javascript, etc
Citation preview
Client-Side Web Scripting • allows programs (i.e., scripts) to be downloaded from the web server
and executed on the client (i.e., browser) • common client-side scripting technologies:
o JavaScript, ECMAScript, JScript o VBScript, ActionScript o Java applets, ActiveX controls, Flash animations
• common uses: o dynamic (X)HTML
page embellishments and special visual “effects”, content generation and manipulation, user interaction, document and page navigation, etc.
o form validation o asynchronous/partial content retrieval, RIA technologies (e.g.,
AJAX) • common issues:
o browser support no scripting support scripting disabled plugin availability
o version incompatibilities, non-standard implementations o capability restrictions
scripting languages are not general-purpose programming languages
e.g., JavaScript is restricted by the sandbox execution model and the same origin policy
o security risks browser implementation defects (e.g., buffer overflows) e.g., for JavaScript, cross-site scripting (XSS) or cross-site
request forgery (XSRF) issues malicious ActiveX controls
JavaScript
• developed by Brendan Eich at Netscape Communications as the scripting language for the Netscape Navigator browser
• formerly called Mocha, then LiveScript, then JavaScript • standardized by Ecma International as ECMAScript • latest version: JavaScript 1.8 • common version: JavaScript 1.5, JScript 5.5, ECMAScript v3 (ECMA-
262 3rd edition)
• linked/embedded in web pages using the <script> element o linked:
<script type=”text/javascript” src=”scripts.js” />
o embedded (either in the <head> or the <body> element): <script type=”text/javascript”> <!-- hide script from non-JavaScript browsers... /* script code goes here... */ // end of script hiding... --> </script>
• JavaScript + DOM/BOM + CSS + (X)HTML = DHTML • basic language features:
o paradigm: object-oriented (prototype-based), functional, imperative,
scripting language o Java-/C-like syntax:
implicit semicolon insertion for statement termination identifiers use alphanumeric, _, and $ characters case-sensitive keywords and identifiers single-line (//) or block (/* */) comments
o type system and variable scoping rules: dynamic (a.k.a. loose or weak) typing global (a.k.a. top-level) or local scopes data types:
• primitive types o numbers (decimal, hexadecimal notation) o booleans (true, false) o strings (single or double quote delimited) o undefined and null
• composite (object) types o core JavaScript objects
Object, Number, Boolean, String, Date, Math, Global, RegExp, Error
arrays (Array) functions (Function, Arguments)
o client-side JavaScript objects Window, Navigator, Screen, Document, Location, History
Anchor, Applet, Attr, Comment, DOMException, DOMImplementation, DocumentFragment, Element, Event, Form, Image, Input, Layer, Link, Node, Option, Select, Style, Text, TextArea
o keywords: break, case, catch, continue, default, delete, do, else, false, finally, for, function, if, in, instanceof, new, null, return, switch, this, throw, true, try, typeof, var, void, while, with
o reserved words (for possible future language extensions): abstract, boolean, byte, char, class, const, debugger, double, enum, export, extends, final, float, goto, implements, import, int, interface, long, native, package, private, protected, public, short, static, super, synchronized, throws, transient, volatile
o operators . [] () new ++ -- + - * / % = compound assignment operators == != < <= > >= === !== && || ! & | ^ ~ << >> >>> ?: , delete typeof instanceof in void
o statements and control structures var if-else
• condition expressions having values of 0, ””, null, and undefined evaluate to false
switch-case-default-break • allows any expression type as the switch expression • can use expressions as case labels • with fall-through functionality
while, do-while, for, for-in, break, continue try-catch-finally, throw
• throw and catch can handle any expression type function, return with