你认为每个程序员都应该知道JavaScript的哪些“隐藏特性”?
在看到以下问题的优质答案后,我认为是时候向JavaScript请求它了。
HTML的隐藏特性 CSS的隐藏特性 PHP的隐藏特性 ASP的隐藏特性。网 c#的隐藏特性 Java的隐藏特性 Python的隐藏特性
尽管JavaScript可以说是目前最重要的客户端语言(问问谷歌就知道了),但令人惊讶的是,大多数web开发人员很少意识到它的强大。
当前回答
如果你试图沙盒javascript代码,并禁用所有可能的方法来求值字符串到javascript代码中,要注意阻塞所有明显的eval/document。Function/setTimeout/setInterval/innerHTML和其他DOM操作是不够的。
给定任何对象o, o.constructor.constructor("alert('hi')")()将弹出一个警告对话框,其中包含单词"hi"。
可以写成
var Z="constructor";
Z[Z][Z]("alert('hi')")();
有趣的东西。
其他回答
可以将JavaScript对象绑定为HTML元素属性。
<div id="jsTest">Klick Me</div>
<script type="text/javascript">
var someVariable = 'I was klicked';
var divElement = document.getElementById('jsTest');
// binding function/object or anything as attribute
divElement.controller = function() { someVariable += '*'; alert('You can change instance data:\n' + someVariable ); };
var onclickFunct = new Function( 'this.controller();' ); // Works in Firefox and Internet Explorer.
divElement.onclick = onclickFunct;
</script>
Javascript在函数中有静态变量:
function someFunction(){
var Static = arguments.callee;
Static.someStaticVariable = (Static.someStaticVariable || 0) + 1;
alert(Static.someStaticVariable);
}
someFunction() //Alerts 1
someFunction() //Alerts 2
someFunction() //Alerts 3
它在Objects内部也有静态变量:
function Obj(){
this.Static = arguments.callee;
}
a = new Obj();
a.Static.name = "a";
b = new Obj();
alert(b.Static.name); //Alerts b
正如Marius已经指出的,可以在函数中使用公共静态变量。
我通常使用它们来创建只执行一次的函数,或者缓存一些复杂的计算结果。
下面是我以前的“单例”方法的例子:
var singleton = function(){
if (typeof arguments.callee.__instance__ == 'undefined') {
arguments.callee.__instance__ = new function(){
//this creates a random private variable.
//this could be a complicated calculation or DOM traversing that takes long
//or anything that needs to be "cached"
var rnd = Math.random();
//just a "public" function showing the private variable value
this.smth = function(){ alert('it is an object with a rand num=' + rnd); };
};
}
return arguments.callee.__instance__;
};
var a = new singleton;
var b = new singleton;
a.smth();
b.smth();
如您所见,在这两种情况下构造函数都只运行一次。
For example, I used this approach back in 2004 when I had to create a modal dialog box with a gray background that covered the whole page (something like Lightbox). Internet Explorer 5.5 and 6 have the highest stacking context for <select> or <iframe> elements due to their "windowed" nature; so if the page contained select elements, the only way to cover them was to create an iframe and position it "on top" of the page. So the whole script was quite complex and a little bit slow (it used filter: expressions to set opacity for the covering iframe). The "shim" script had only one ".show()" method, which created the shim only once and cached it in the static variable :)
真实和虚假价值的概念。你不需要做这种事
if(someVar === undefined || someVar === zero) ...
只是做的事:
if (! someVar)。
每个值都有一个对应的布尔表示。
这里有一些捷径:
var a = []; // equivalent to new Array()
var o = {}; // equivalent to new Object()
