Persist javascript changes on the server side - javascript

Does any body know how to persist javascript changes on the server side.
For example if I added items to a drop down list client side, how can i persist them in order to read them on the server side.
By the way, Telerik control have this feature.

Your questions doesn't contains any details, so I can only give you a generic answer:
You have to post the new data back to the server, either by using AJAX (I'd suggest using jQuery) or by sumbitting the new data in some field (preferably hidden) with a regular html-form (can be done in JavaScript or by having the user click "submit").

You need to tell the server what the Javascript did using AJAX or a hidden field.

Related

Passing data to server using javascript securelly?

At the moment I'm passing data to node js server via javascript and the reason i must do this is because I'm using socket.io so I emit the data from the client.
There's a method on javascript to store data on a div and the data is invisible on the div $('#divID').data('name','value'); but still the user can see the data when i'm storing it and when I'm sending it. Is there a way I can store and emit the data via javascript the way that user can't change or see it?
It's a 16-digit user ID.
Javascript in essence is meant to be publicly viewable. Anybody with the knowledge of Javascript will be able to see everything that you are doing. So, you will have to continue to send it to the server before it can go to the database.

How can I pass data from one page to another in PHP and Javascript without from?

How can I pass data from one page to another page in PHP using Javascript without from?
In my blog have a post comment with email Id
and this is routing using foreach loop
problem occur when get email id and comment
how can i do this? plz help
you can make use of client side cookie for this. one page you create cookie and on second page read that cookie.
I guess that what you dislike with forms is the page reloading on the client side.
If that is the case then you can use ajax requests (maybe with the help of a framework like jQuery, or pure javascript with the xmlHTTPRequest()).
Alternatively you can use cookies, but it's not what they really are for.
If you don't mind the page reloading, you can also use HTTP GET requests with javascript :
location.assign("http://www.my_site.com/index.php?param1=value1&param2=value2");
You can also store data in Web storage if the data doesn't necessarily need to be processed in PHP.
You will need to have a backup system in cookies though for the older browsers that do not support his.

Risk in returning HTML content on AJAX call via HTTPS

I wanted to load HTML contents dynamically, such as updating a Bootstrap's modal dialog contents via AJAX call (because refreshing the page and showing the modal again is weird), but before I do that, I want to know what risks that I will need to concern when doing so, and possible solutions.
The main reason to do this is that I'm developing a portlet for Liferay, and I wished to update the content of my portlet dynamically without refreshing the whole page.
Of course I could return data in JSON from my server to client, but I will have to write complex client side logic to update the DOM, which the logic is probably done easier in, say, JSP
Assume the webapp is HTTPS only, not sure if this will help with anything.
Based on the assumption that the webapp is HTTPS only, it would be very good to let all AJAX calls also use that. This will not create a breach of mixing unsecure and secure connections, and the warning dialogs, which browsers give.
The only risk can be caused by cross-site scripting, if parts of the HTML is generated elsewhere or if parts of it is based on unvalidated user input.
Solutions for that is to always validate ans sanitize the input from other sources. More information about this can be found here: https://www.owasp.org/index.php/Data_Validation
Perhaps you chosen the wrong framework for the job and would have consider something like an client side rendering where you would bind json data to the view (eg: angular, ember, backbone or knockout)
Consider using Element.innerText or $(Elm).text() instead of Element.innerHTML or $(elm).html() when possible
Perhaps it will be a good idea to encode everything that a user can change before you save it to the database or when you are rendering the view
However if you do allow some html you would need a sanitize plugin with a witelist approtch to strict the allowed tag & attributes
the only diffrence with http and https is that it will be much harder for a man-in-the-middle attack to read/intercept/change the content of the request & the response

Is storing sensitive data in array at client side be dangerous

I am a newbie and I am creating a form in which there are 10 buttons next to some products. When the user clicks on these buttons then the corresponding product name is added to an array in jquery. When the user submits the form, i pass that array to the server through ajax and then create a session for those values there. All this is working fine.
QUESTION:-
Is it dangerous to store the data at client side like this? Can any malicious user play with that array of data and change it at client side?
Since I cant create a session on every click because it will need to connect to the server again and again, so what could be the best approach to do this?
Is it dangerous to store the data at client side like this?
Not if you do proper data validation server-side
Can any malicious user play with that array of data and change it at client side?
Yes
Since I cant create a session on every click because it will need to connect to the server again and again, so what could be the best approach to do this?
This would be a working option. Or you just submit the form instead of tryin to store everything in an array. Forms were developed to submit used data. Another option would be to use ajax to set the selcted choice onSelect()
Is it like a shopping cart? wherein your are posting all the selected products to the server?
If so storing the just the product names on the client side is of no harm, definitely one can tamper the array, however on the server side you should validate the array with checks like it contains valid products etc, other than that there is no harm in it.
However one should avoid storing sensitive data on the client side, however in you case no issues.

Is auto post back in ASP.net and AJAX are the same?

Is auto post back in ASP.net and AJAX are the same??? I want to send data to server and store that data in XML file without refreshing the page. I dont want to use ajax.. If there is any other way to do this with plain javascript then do let me know... thanks in advance...
Is auto post back in ASP.net and AJAX are the same???
Not from a users perspective. When doing a postback, the user will see his entire page getting refreshed. When using AJAX, the user will not see his page get refreshed
I want to send data to server and store that data in XML file without
refreshing the page. I dont want to use ajax.. If there is any other way
to do this with plain javascript
If you want to interact with the server without refreshing the page, you have to use AJAX.
Note: You may be confusing AJAX with the various AJAX controls / libraries like AjaxControlToolKit etc. If that is the case, then you can definitely use AJAX without using any of the libraries / controls. That is done by using the XMLHTTPRequest and XMLHTTPResponse objects directly via Javascript. However, that in itself is AJAX. Sample code of how to do it can be seen in this page
So, atleast as far as i know, you need to use AJAX to go to the server without appearing to the user that your page has gotten refreshed.
as InSane said PostBack is quite different in AJAX and asp.net. AJAX mostly use Partial postback using XMLHTTPRequest Objects while full page postback sends complete Page's data to server resulting in complete page recycle.
For Your second question.. if you don't want to postback and still want to send some data to server there is only one way to do this by AJAX. AJAX in javascript is quite obscure i'll prefer using some javascript library like JQuery. Here is a link that shows how to call WebMethod on an ASPX page from JQuery.
http://encosia.com/2008/05/29/using-jquery-to-directly-call-aspnet-ajax-page-methods/
Hope this will help.
Regards.

Categories