book

JavaScript: The Definitive Guide, Fourth Edition

Name: JavaScript: The Definitive Guide, Fourth Edition
Author: David Flanagan
ISBN: 9780596000486

by David Flanagan

November 2001

Intermediate to advanced

936 pages

68h 43m

English

O'Reilly Media, Inc.

Read now

Unlock full access

JavaScript: The Definitive Guide, 4th Edition
Preface
What’s New in the Fourth Edition
Conventions Used in This Book
Errata
Finding the Examples Online
Comments and Questions
Acknowledgments
1. Introduction to JavaScript
JavaScript MythsJavaScript Is Not JavaJavaScript Is Not Simple
Versions of JavaScript
Client-Side JavaScript

JavaScript in Other Contexts
Client-Side JavaScript: Executable Content in Web Pages
Client-Side JavaScript Features
Control Document Appearance and ContentControl the BrowserInteract with HTML FormsInteract with the UserRead and Write Client State with CookiesStill More FeaturesWhat JavaScript Can’t Do
JavaScript Security
Example: Computing Loan Payments with JavaScript
Using the Rest of This Book
Exploring JavaScript
I. Core JavaScript
2. Lexical Structure
Character Set
Case Sensitivity
Whitespace and Line Breaks
Optional Semicolons
Comments
Literals
Identifiers
Reserved Words
3. Data Types and Values
NumbersInteger LiteralsHexadecimal and Octal LiteralsFloating-Point LiteralsWorking with NumbersSpecial Numeric Values
Strings
String LiteralsEscape Sequences in String LiteralsWorking with Strings
Boolean Values
Functions
Function Literals
Objects
Creating ObjectsObject Literals
Arrays
Creating ArraysArray Literals
null
undefined
The Date Object
Regular Expressions
Error Objects
Primitive Data Type Wrapper Objects
4. Variables
Variable Typing
Variable Declaration
Repeated and Omitted Declarations
Variable Scope
No Block ScopeUndefined Versus Unassigned
Primitive Types and Reference Types
Garbage Collection
Variables as Properties
The Global ObjectLocal Variables: The Call ObjectJavaScript Execution Contexts
Variable Scope Revisited
5. Expressions and Operators
Expressions
Operator Overview
Number of OperandsType of OperandsOperator PrecedenceOperator Associativity
Arithmetic Operators
Equality Operators
Equality (==) and Identity (===)Equality and inequality in NetscapeInequality (!=) and Non-Identity (!==)
Relational Operators
Comparison OperatorsThe in OperatorThe instanceof Operator
String Operators
Logical Operators
Logical AND (&&)Logical OR (||)Logical NOT (!)
Bitwise Operators
Assignment Operators
Assignment with Operation
Miscellaneous Operators
The Conditional Operator (?:)The typeof OperatorThe Object Creation Operator (new)The delete OperatorThe void OperatorThe Comma Operator (,)Array and Object Access OperatorsThe Function Call Operator
6. Statements
Expression Statements
Compound Statements
if
else if
switch
while
do/while
for
for/in
Labels
break
continue
var
function
return
throw
try/catch/finally
with
The Empty Statement
Summary of JavaScript Statements
7. Functions
Defining and Invoking FunctionsNested FunctionsThe Function( ) ConstructorFunction Literals
Functions as Data
Function Scope: The Call Object
Function Arguments: The Arguments Object
The callee Property
Function Properties and Methods
The length PropertyThe prototype PropertyDefining Your Own Function PropertiesThe apply( ) and call( ) Methods
8. Objects
Objects and PropertiesCreating ObjectsSetting and Querying PropertiesEnumerating PropertiesUndefined Properties
Constructors
Methods
Prototypes and Inheritance
Prototypes and Built-in Classes
Object-Oriented JavaScript
Instance PropertiesInstance MethodsClass PropertiesClass MethodsExample: The Circle ClassExample: Complex NumbersSuperclasses and Subclasses
Objects as Associative Arrays
Object Properties and Methods
The constructor PropertyThe toString( ) MethodThe toLocaleString( ) MethodThe valueOf( ) MethodThe hasOwnProperty( ) MethodThe propertyIsEnumerable( ) MethodThe isPrototypeOf( ) Method
9. Arrays
Arrays and Array ElementsCreating ArraysReading and Writing Array ElementsAdding New Elements to an ArrayArray LengthMultidimensional Arrays
Array Methods
join( )reverse( )sort( )concat( )slice( )splice( )push( ) and pop( )unshift( ) and shift( )toString( ) and toLocaleString( )
10. Pattern Matching with Regular Expressions
Defining Regular ExpressionsLiteral CharactersCharacter ClassesRepetitionNon-greedy repetitionAlternation, Grouping, and ReferencesSpecifying Match PositionFlagsPerl RegExp Features Not Supported in JavaScript
String Methods for Pattern Matching
The RegExp Object
RegExp Methods for Pattern MatchingRegExp Instance Properties
11. Further Topics in JavaScript
Data Type ConversionObject-to-Primitive ConversionExplicit Type ConversionsConverting Numbers to StringsConverting Strings to Numbers
By Value Versus by Reference
Primitive Types and Reference TypesCopying and Passing StringsComparing StringsBy Value Versus by Reference: Summary
Garbage Collection
Mark-and-Sweep Garbage CollectionGarbage Collection by Reference Counting
Lexical Scoping and Nested Functions
The Function( ) Constructor and Function Literals
Netscape’s JavaScript 1.2 Incompatibilities
II. Client-Side JavaScript
12. JavaScript in Web Browsers
The Web Browser EnvironmentThe Window as Global Execution ContextThe Client-Side Object Hierarchy and the Document Object ModelThe Event-Driven Programming Model
Embedding JavaScript in HTML
The <script> TagThe language and type attributesThe </script> tagThe defer attributeIncluding JavaScript FilesEvent HandlersJavaScript in URLsJavaScript in Nonstandard Contexts
Execution of JavaScript Programs
ScriptsFunctionsEvent Handlersonload and onunload event handlersJavaScript URLsWindow and Variable Lifetime
13. Windows and Frames
Window Overview
Simple Dialog Boxes
The Status Line
Timeouts and Intervals
Error Handling
The Navigator Object
The Screen Object
Window Control Methods
Opening WindowsClosing WindowsWindow GeometryKeyboard Focus and VisibilityScrollingWindow Methods Example
The Location Object
The History Object
Multiple Windows and Frames
Relationships Between FramesWindow and Frame NamesJavaScript in Interacting WindowsExample: Colored Frames
14. The Document Object
Document OverviewDocument MethodsDocument PropertiesThe Document Object and StandardsNaming Document ObjectsDocument Objects and Event Handlers
Dynamically Generated Documents
Non-HTML Documents
Document Color Properties
Document Information Properties
Forms
Images
Image Replacement with the src PropertyOffscreen Images and CachingImage Event HandlersOther Image PropertiesImage-Replacement Example
Links
Links, Web Crawlers, and JavaScript SecurityLink Event Handlers
Anchors
Applets
Embedded Data
15. Forms and Form Elements
The Form Object
Defining Form Elements
Scripting Form Elements
Naming Forms and Form ElementsForm Element PropertiesForm Element Event HandlersButtonsToggle ButtonsText FieldsSelect and Option ElementsHidden ElementsFieldset Elements
Form Verification Example
16. Scripting Cookies
An Overview of Cookies
Storing Cookies
Cookie Limitations
Reading Cookies
Cookie Example
17. The Document Object Model
An Overview of the DOMRepresenting Documents as TreesNodesTypes of nodesAttributesThe DOM HTML APIHTML naming conventionsDOM Levels and FeaturesDOM ConformanceDOM conformance in Internet ExplorerLanguage-Independent DOM Interfaces
Using the Core DOM API
Traversing a DocumentFinding Specific Elements in a DocumentModifying a DocumentAdding Content to a DocumentWorking with Document FragmentsExample: A Dynamically Created Table of ContentsWorking with XML Documents
DOM Compatibility with Internet Explorer 4
Traversing a DocumentFinding Document ElementsModifying Documents
DOM Compatibility with Netscape 4
Convenience Methods: The Traversal and Range APIs
The DOM Traversal APINodeIterator and TreeWalkerFilteringThe DOM Range APIStart and end positionsManipulating ranges
18. Cascading Style Sheets and Dynamic HTML
Styles and Style Sheets with CSSApplying Style Rules to Document ElementsAssociating Style Sheets with DocumentsThe CascadeVersions of CSSCSS Example
Element Positioning with CSS
The Key to DHTML: The position AttributeSpecifying the Position and Size of ElementsElement size and position detailsThe Third Dimension: z-indexElement Display and VisibilityPartial Visibility: overflow and clipCSS Positioning Example
Scripting Styles
Naming Conventions: CSS Attributes in JavaScriptWorking with Style PropertiesExample: Dynamic Bar ChartsDHTML Animations
DHTML in Fourth-Generation Browsers
DHTML in Internet Explorer 4DHTML in Netscape 4Example: A Cross-Platform DHTML Animation
Other DOM APIs for Styles and Style Sheets
Style DeclarationsComputed StylesOverride StylesCreating Style SheetsTraversing Style Sheets
19. Events and Event Handling
Basic Event HandlingEvents and Event TypesEvent Handlers as AttributesEvent Handlers as PropertiesExplicitly invoking event handlersEvent Handler Return ValuesEvent Handlers and the this KeywordScope of Event Handlers
Advanced Event Handling with DOM Level 2
Event PropagationEvent Handler RegistrationaddEventListener( ) and the this KeywordRegistering Objects as Event HandlersEvent Modules and Event TypesEvent Interfaces and Event DetailsEventUIEventMouseEventMutationEventExample: Dragging Document ElementsMixing Event ModelsSynthesizing Events
The Internet Explorer Event Model
The IE Event ObjectThe IE Event Object as a Global VariableEvent Bubbling in IEIE Event-Handler RegistrationExample: Dragging with the IE Event Model
The Netscape 4 Event Model
The Netscape 4 Event ObjectEvent Capturing in Netscape 4Example: Dragging with the Netscape 4 Event Model
20. Compatibility Techniques
Platform and Browser CompatibilityThe Least-Common-Denominator ApproachDefensive CodingFeature TestingPlatform-Specific WorkaroundsCompatibility Through Server-Side ScriptsIgnore the ProblemFail Gracefully
Language Version Compatibility
The language AttributeExplicit Version TestingSuppressing Version-Related ErrorsLoading a New Page for Compatibility
Compatibility with Non-JavaScript Browsers
Hiding Scripts from Old Browsers<noscript>
21. JavaScript Security
JavaScript and Security
Restricted Features
The Same-Origin Policy
Security Zones and Signed Scripts
22. Using Java with JavaScript
Scripting Java Applets
Using JavaScript from Java
The JSObject ClassUsing JSObjects in AppletsCompiling applets that use the JSObject classThe mayscript attribute
Using Java Classes Directly
LiveConnect Data Types
The JavaPackage ClassThe JavaClass ClassThe JavaObject ClassThe JavaArray ClassJava Methods
LiveConnect Data Conversion
Wrapper ObjectsLiveConnect Data Conversion in Netscape 3
JavaScript Conversion of JavaObjects
Java-to-JavaScript Data Conversion
III. Core JavaScript Reference
23. Core JavaScript Reference
Sample Entry
arguments[ ]
Arguments
Arguments.callee
Arguments.length
Array
Array.concat( )
Array.join( )
Array.length
Array.pop( )
Array.push( )
Array.reverse( )
Array.shift( )
Array.slice( )
Array.sort( )
Array.splice( )
Array.toLocaleString( )
Array.toString( )
Array.unshift( )
Boolean
Boolean.toString( )
Boolean.valueOf( )
Date
Date.getDate( )
Date.getDay( )
Date.getFullYear( )
Date.getHours( )
Date.getMilliseconds( )
Date.getMinutes( )
Date.getMonth( )
Date.getSeconds( )
Date.getTime( )
Date.getTimezoneOffset( )
Date.getUTCDate( )
Date.getUTCDay( )
Date.getUTCFullYear( )
Date.getUTCHours( )
Date.getUTCMilliseconds( )
Date.getUTCMinutes( )
Date.getUTCMonth( )
Date.getUTCSeconds( )
Date.getYear( )
Date.parse( )
Date.setDate( )
Date.setFullYear( )
Date.setHours( )
Date.setMilliseconds( )
Date.setMinutes( )
Date.setMonth( )
Date.setSeconds( )
Date.setTime( )
Date.setUTCDate( )
Date.setUTCFullYear( )
Date.setUTCHours( )
Date.setUTCMilliseconds( )
Date.setUTCMinutes( )
Date.setUTCMonth( )
Date.setUTCSeconds( )
Date.setYear( )
Date.toDateString( )
Date.toGMTString( )
Date.toLocaleDateString( )
Date.toLocaleString( )
Date.toLocaleTimeString( )
Date.toString( )
Date.toTimeString( )
Date.toUTCString( )
Date.UTC( )
Date.valueOf( )
decodeURI( )
decodeURIComponent( )
encodeURI( )
encodeURIComponent( )
Error
Error.message
Error.name
Error.toString( )
escape( )
eval( )
EvalError
Function
Function.apply( )
Function.arguments[]
Function.call( )
Function.caller
Function.length
Function.prototype
Function.toString( )
Global
Infinity
isFinite( )
isNaN( )
Math
Math.abs( )
Math.acos( )
Math.asin( )
Math.atan( )
Math.atan2( )
Math.ceil( )
Math.cos( )
Math.E
Math.exp( )
Math.floor( )
Math.LN10
Math.LN2
Math.log( )
Math.LOG10E
Math.LOG2E
Math.max( )
Math.min( )
Math.PI
Math.pow( )
Math.random( )
Math.round( )
Math.sin( )
Math.sqrt( )
Math.SQRT1_2
Math.SQRT2
Math.tan( )
NaN
Number
Number.MAX_VALUE
Number.MIN_VALUE
Number.NaN
Number.NEGATIVE_INFINITY
Number.POSITIVE_INFINITY
Number.toExponential( )
Number.toFixed( )
Number.toLocaleString( )
Number.toPrecision( )
Number.toString( )
Number.valueOf( )
Object
Object.constructor
Object.hasOwnProperty( )
Object.isPrototypeOf( )
Object.propertyIsEnumerable( )
Object.toLocaleString( )
Object.toString( )
Object.valueOf( )
parseFloat( )
parseInt( )
RangeError
ReferenceError
RegExp
RegExp.exec( )
RegExp.global
RegExp.ignoreCase
RegExp.lastIndex
RegExp.source
RegExp.test( )
RegExp.toString( )
String
String.charAt( )
String.charCodeAt( )
String.concat( )
String.fromCharCode( )
String.indexOf( )
String.lastIndexOf( )
String.length
String.localeCompare( )
String.match( )
String.replace( )
String.search( )
String.slice( )
String.split( )
String.substr( )
String.substring( )
String.toLocaleLowerCase( )
String.toLocaleUpperCase( )
String.toLowerCase( )
String.toString( )
String.toUpperCase( )
String.valueOf( )
SyntaxError
TypeError
undefined
unescape( )
URIError
IV. Client-Side JavaScript Reference
24. Client-Side JavaScript Reference
Sample Entry
Anchor
Applet
Area
Button
Button.onclick
Checkbox
Checkbox.onclick
Document
Document.all[]
Document.captureEvents( )
Document.clear( )
Document.close( )
Document.cookie
Document.domain
Document.elementFromPoint( )
Document.getSelection( )
Document.handleEvent( )
Document.lastModified
Document.links[]
Document.open( )
Document.releaseEvents( )
Document.routeEvent( )
Document.URL
Document.write( )
Document.writeln( )
Element
Event
FileUpload
FileUpload.onchange
Form
Form.elements[]
Form.onreset
Form.onsubmit
Form.reset( )
Form.submit( )
Form.target
Frame
getClass( )
Hidden
History
History.back( )
History.forward( )
History.go( )
HTMLElement
HTMLElement.contains( )
HTMLElement.getAttribute( )
HTMLElement.handleEvent( )
HTMLElement.insertAdjacentHTML( )
HTMLElement.insertAdjacentText( )
HTMLElement.onclick
HTMLElement.ondblclick
HTMLElement.onhelp
HTMLElement.onkeydown
HTMLElement.onkeypress
HTMLElement.onkeyup
HTMLElement.onmousedown
HTMLElement.onmousemove
HTMLElement.onmouseout
HTMLElement.onmouseover
HTMLElement.onmouseup
HTMLElement.removeAttribute( )
HTMLElement.scrollIntoView( )
HTMLElement.setAttribute( )
Image
Image.onabort
Image.onerror
Image.onload
Input
Input.blur( )
Input.click( )
Input.focus( )
Input.name
Input.onblur
Input.onchange
Input.onclick
Input.onfocus
Input.select( )
Input.type
Input.value
JavaArray
JavaClass
JavaObject
JavaPackage
JSObject
JSObject.call( )
JSObject.eval( )
JSObject.getMember( )
JSObject.getSlot( )
JSObject.getWindow( )
JSObject.removeMember( )
JSObject.setMember( )
JSObject.setSlot( )
JSObject.toString( )
Layer
Layer.captureEvents( )
Layer.handleEvent( )
Layer.load( )
Layer.moveAbove( )
Layer.moveBelow( )
Layer.moveBy( )
Layer.moveTo( )
Layer.moveToAbsolute( )
Layer.offset( )
Layer.releaseEvents( )
Layer.resizeBy( )
Layer.resizeTo( )
Layer.routeEvent( )
Link
Link.onclick
Link.onmouseout
Link.onmouseover
Link.target
Location
Location.reload( )
Location.replace( )
MimeType
Navigator
Navigator.javaEnabled( )
Navigator.plugins.refresh( )
Option
Password
Plugin
Radio
Radio.onclick
Reset
Reset.onclick
Screen
Select
Select.onchange
Select.options[]
Style
Submit
Submit.onclick
Text
Text.onchange
Textarea
Textarea.onchange
URL
Window
Window.alert( )
Window.back( )
Window.blur( )
Window.captureEvents( )
Window.clearInterval( )
Window.clearTimeout( )
Window.close( )
Window.confirm( )
Window.defaultStatus
Window.focus( )
Window.forward( )
Window.handleEvent( )
Window.home( )
Window.moveBy( )
Window.moveTo( )
Window.name
Window.navigate( )
Window.onblur
Window.onerror
Window.onfocus
Window.onload
Window.onmove
Window.onresize
Window.onunload
Window.open( )
Window.print( )
Window.prompt( )
Window.releaseEvents( )
Window.resizeBy( )
Window.resizeTo( )
Window.routeEvent( )
Window.scroll( )
Window.scrollBy( )
Window.scrollTo( )
Window.setInterval( )
Window.setTimeout( )
Window.status
Window.stop( )
V. W3C DOM Reference
25. W3C DOM Reference
Sample Entry
AbstractView
AbstractView.getComputedStyle( )
Attr
CDATASection
CharacterData
CharacterData.appendData( )
CharacterData.deleteData( )
CharacterData.insertData( )
CharacterData.replaceData( )
CharacterData.substringData( )
Comment
Counter
CSS2Properties
CSSCharsetRule
CSSFontFaceRule
CSSImportRule
CSSMediaRule
CSSMediaRule.deleteRule( )
CSSMediaRule.insertRule( )
CSSPageRule
CSSPrimitiveValue
CSSPrimitiveValue.getCounterValue( )
CSSPrimitiveValue.getFloatValue( )
CSSPrimitiveValue.getRectValue( )
CSSPrimitiveValue.getRGBColorValue( )
CSSPrimitiveValue.getStringValue( )
CSSPrimitiveValue.setFloatValue( )
CSSPrimitiveValue.setStringValue( )
CSSRule
CSSRuleList
CSSRuleList.item( )
CSSStyleDeclaration
CSSStyleDeclaration.getPropertyCSSValue( )
CSSStyleDeclaration.getPropertyPriority( )
CSSStyleDeclaration.getPropertyValue( )
CSSStyleDeclaration.item( )
CSSStyleDeclaration.removeProperty( )
CSSStyleDeclaration.setProperty( )
CSSStyleRule
CSSStyleSheet
CSSStyleSheet.deleteRule( )
CSSStyleSheet.insertRule( )
CSSUnknownRule
CSSValue
CSSValueList
CSSValueList.item( )
Document
Document.createAttribute( )
Document.createAttributeNS( )
Document.createCDATASection( )
Document.createComment( )
Document.createDocumentFragment( )
Document.createElement( )
Document.createElementNS( )
Document.createEntityReference( )
Document.createEvent( )
Document.createNodeIterator( )
Document.createProcessingInstruction( )
Document.createRange( )
Document.createTextNode( )
Document.createTreeWalker( )
Document.getElementById( )
Document.getElementsByTagName( )
Document.getElementsByTagNameNS( )
Document.getOverrideStyle( )
Document.importNode( )
DocumentCSS
DocumentEvent
DocumentFragment
DocumentRange
DocumentStyle
DocumentTraversal
DocumentType
DocumentView
DOMException
DOMImplementation
DOMImplementation.createCSSStyleSheet( )
DOMImplementation.createDocument( )
DOMImplementation.createDocumentType( )
DOMImplementation.createHTMLDocument( )
DOMImplementation.hasFeature( )
DOMImplementationCSS
Element
Element.getAttribute( )
Element.getAttributeNode( )
Element.getAttributeNodeNS( )
Element.getAttributeNS( )
Element.getElementsByTagName( )
Element.getElementsByTagNameNS( )
Element.hasAttribute( )
Element.hasAttributeNS( )
Element.removeAttribute( )
Element.removeAttributeNode( )
Element.removeAttributeNS( )
Element.setAttribute( )
Element.setAttributeNode( )
Element.setAttributeNodeNS( )
Element.setAttributeNS( )
ElementCSSInlineStyle
Entity
EntityReference
Event
Event.initEvent( )
Event.preventDefault( )
Event.stopPropagation( )
EventException
EventListener
EventTarget
EventTarget.addEventListener( )
EventTarget.dispatchEvent( )
EventTarget.removeEventListener( )
HTMLAnchorElement
HTMLAnchorElement.blur( )
HTMLAnchorElement.focus( )
HTMLBodyElement
HTMLCollection
HTMLCollection.item( )
HTMLCollection.namedItem( )
HTMLDocument
HTMLDocument.close( )
HTMLDocument.getElementById( )
HTMLDocument.getElementsByName( )
HTMLDocument.open( )
HTMLDocument.write( )
HTMLDocument.writeln( )
HTMLDOMImplementation
HTMLElement
HTMLFormElement
HTMLFormElement.reset( )
HTMLFormElement.submit( )
HTMLInputElement
HTMLInputElement.blur( )
HTMLInputElement.click( )
HTMLInputElement.focus( )
HTMLInputElement.select( )
HTMLOptionElement
HTMLSelectElement
HTMLSelectElement.add( )
HTMLSelectElement.blur( )
HTMLSelectElement.focus( )
HTMLSelectElement.remove( )
HTMLTableCaptionElement
HTMLTableCellElement
HTMLTableColElement
HTMLTableElement
HTMLTableElement.createCaption( )
HTMLTableElement.createTFoot( )
HTMLTableElement.createTHead( )
HTMLTableElement.deleteCaption( )
HTMLTableElement.deleteRow( )
HTMLTableElement.deleteTFoot( )
HTMLTableElement.deleteTHead( )
HTMLTableElement.insertRow( )
HTMLTableRowElement
HTMLTableRowElement.deleteCell( )
HTMLTableRowElement.insertCell( )
HTMLTableSectionElement
HTMLTableSectionElement.deleteRow( )
HTMLTableSectionElement.insertRow( )
HTMLTextAreaElement
HTMLTextAreaElement.blur( )
HTMLTextAreaElement.focus( )
HTMLTextAreaElement.select( )
LinkStyle
MediaList
MediaList.appendMedium( )
MediaList.deleteMedium( )
MediaList.item( )
MouseEvent
MouseEvent.initMouseEvent( )
MutationEvent
MutationEvent.initMutationEvent( )
NamedNodeMap
NamedNodeMap.getNamedItem( )
NamedNodeMap.getNamedItemNS( )
NamedNodeMap.item( )
NamedNodeMap.removeNamedItem( )
NamedNodeMap.removeNamedItemNS( )
NamedNodeMap.setNamedItem( )
NamedNodeMap.setNamedItemNS( )
Node
Node.appendChild( )
Node.cloneNode( )
Node.hasAttributes( )
Node.hasChildNodes( )
Node.insertBefore( )
Node.isSupported( )
Node.normalize( )
Node.removeChild( )
Node.replaceChild( )
NodeFilter
NodeIterator
NodeIterator.detach( )
NodeIterator.nextNode( )
NodeIterator.previousNode( )
NodeList
NodeList.item( )
Notation
ProcessingInstruction
Range
Range.cloneContents( )
Range.cloneRange( )
Range.collapse( )
Range.compareBoundaryPoints( )
Range.deleteContents( )
Range.detach( )
Range.extractContents( )
Range.insertNode( )
Range.selectNode( )
Range.selectNodeContents( )
Range.setEnd( )
Range.setEndAfter( )
Range.setEndBefore( )
Range.setStart( )
Range.setStartAfter( )
Range.setStartBefore( )
Range.surroundContents( )
Range.toString( )
RangeException
Rect
RGBColor
StyleSheet
StyleSheetList
StyleSheetList.item( )
Text
Text.splitText( )
TreeWalker
TreeWalker.firstChild( )
TreeWalker.lastChild( )
TreeWalker.nextNode( )
TreeWalker.nextSibling( )
TreeWalker.parentNode( )
TreeWalker.previousNode( )
TreeWalker.previousSibling( )
UIEvent
UIEvent.initUIEvent( )
ViewCSS
VI. Class, Property, Method, and Event Handler Index
26. Class, Property, Method, and Event Handler Index
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
Index
Colophon

Content preview from JavaScript: The Definitive Guide, Fourth Edition

Chapter 21. JavaScript Security

Because of the wide-open nature of the Internet, security is an important issue. This is particularly true with the introduction of languages such as Java and JavaScript, because they allow executable content to be embedded in otherwise static web pages. Since loading a web page can cause arbitrary code to be executed on your computer, stringent security precautions are required to prevent malicious code from doing any damage to your data or your privacy. This chapter discusses Internet security issues related to JavaScript. Note that this chapter does not cover any of the many other issues involved in web security, such as the authentication and cryptographic technologies used to keep the contents of web documents and HTML forms private while they traverse the Web.

JavaScript and Security

JavaScript’s first line of defense against malicious code is that the language simply does not support certain capabilities. For example, client-side JavaScript does not provide any way to write or delete files or directories on the client computer. With no File object and no file access functions, a JavaScript program cannot delete a user’s data or plant viruses on the user’s system.

Similarly, client-side JavaScript has no networking primitives of any type. A JavaScript program can load URLs and can send HTML form data to web servers, CGI scripts, and email addresses, but it cannot establish a direct connection to any other hosts on the network. This means, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

JavaScript: A Beginner's Guide, Fourth Edition, 4th Edition

Publisher Resources

ISBN: 0596000480Catalog Page Errata

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

JavaScript: The Definitive Guide, Fourth Edition

by David Flanagan

Chapter 21. JavaScript Security

JavaScript and Security

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

More than 5,000 organizations count on O’Reilly

Julian F.

Addison B.

Amir M.

Mark W.

You might also like

JavaScript: A Beginner's Guide, Fourth Edition, 4th Edition

JavaScript: The Good Parts

JavaScript Cookbook, 3rd Edition

JavaScript: The Definitive Guide, 6th Edition

Publisher Resources