via onException, I get two errors, json has no values and invalid
label. It's wierd, but my json is valid as far as I can tell. I
can't think of a reason why it would be valid in 1.5 but not in 1.5.1
Wierd huh? -stephan
On 5/21/07, David Dashifen Kees <[EMAIL PROTECTED]> wrote:
>
> Yes, I removed the security filter. But that you say it works in 1.5.0
> probably means that the whitespace google inserted was screwing things
> up. What's going wrong with your app? What error is being thrown?
>
> - Dash -
>
> Stephan Ellis wrote:
> > Hmm, interesting. Did you remove the /*-secure- */ part? It works
> > perfectly with 1.5.0 -stephan
> >
> > On 5/21/07, David Dashifen Kees <[EMAIL PROTECTED]> wrote:
> >
> >> When I try to evaluate your JSON using Firebug, it tells me there's an
> >> invalid label in there somewhere.
> >>
> >> - Dash -
> >>
> >> Stephan Ellis wrote:
> >>
> >>> OK, so let me show you (according to firebug) the response prototype
> >>> is getting from my application.
> >>>
> >>> Response Headers
> >>> Connection close
> >>> Date Mon, 21 May 2007 19:54:31 GMT
> >>> Content-Length 998
> >>> Content-Type application/javascript; charset=utf-8
> >>> Set-Cookie bg2_session=5279b9253f970f84dd032ec4a00ba2a34dcff66c;
> >>> path=/; expires=Mon, 21-May-2007 21:54:31 GMT
> >>> Status 200
> >>> X-Catalyst 5.7007
> >>>
> >>> Response Body
> >>> /*-secure-
> >>> {"path_json":[],"files_json":[{"versions":1,"newest_id":64,"is_image":"y","date_added":"04-09-2007
> >>> 14:54:50","name":"Water lilies.jpg","id":59,"date_newest":"04-09-2007
> >>> 14:54:50"},{"versions":1,"newest_id"
> >>> :66,"is_image":"y","date_added":"04-11-2007 15:56:15","name":"Blue
> >>> hills.jpg","id":61,"date_newest":"04-11-2007
> >>> 15:56:15"}],"folders_json":[{"folders":0,"date":"03-29-2007
> >>> 19:34:16","files":0,"name":"Billy","id"
> >>> :22},{"folders":0,"date":"03-29-2007
> >>> 19:34:45","files":0,"name":"Kendall","id":24},{"folders":0,"date"
> >>> :"03-29-2007
> >>> 19:35:01","files":0,"name":"Nothing","id":25},{"folders":2,"date":"03-29-2007
> >>> 19:31:49"
> >>> ,"files":0,"name":"DB","id":16},{"folders":1,"date":"03-29-2007
> >>> 19:34:11","files":6,"name":"Angus","id"
> >>> :21},{"folders":2,"date":"03-29-2007
> >>> 19:34:29","files":0,"name":"Tanya","id":23},{"folders":2,"date"
> >>> :"03-29-2007 20:34:37","files":0,"name":"Another
> >>> folder","id":56},{"folders":2,"date":"04-03-2007 15
> >>> :42:23","files":20,"name":"Smellis","id":89}],"parent_json":""} */
> >>>
> >>> So, does everyone agree that this should be working? I am lost.
> >>>
> >>>
> >>> On 5/21/07, David Dashifen Kees <[EMAIL PROTECTED]> wrote:
> >>>
> >>>
> >>>> Looks good to me.
> >>>> - Dash -
> >>>>
> >>>> Stephan Ellis wrote:
> >>>>
> >>>>
> >>>>> OK, so I went over the code, and it appears that as long as the X-JSON
> >>>>> header does not exist and my Content-type is application/javascript and
> >>>>> my
> >>>>> json in the response body is wrapped with:
> >>>>>
> >>>>> /*-secure- (some whitespace) [json data here](some more whitespace) */
> >>>>>
> >>>>> It should evaluated the response body. Am I wrong?
> >>>>>
> >>>>> -stephan
> >>>>>
> >>>>> On 5/21/07, David Dashifen Kees <[EMAIL PROTECTED]> wrote:
> >>>>>
> >>>>>
> >>>>>
> >>>>>> Wow ... I didn't know that about the content-type of the response body.
> >>>>>> Thanks.
> >>>>>> - Dash -
> >>>>>>
> >>>>>> Tom Gregory wrote:
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>> The value of the X-JSON header and whether the response body is
> >>>>>>> evaluated are separate concerns. If the X-JSON header is present, and
> >>>>>>> evals to a json object, it's passed as the second parameter to
> >>>>>>> onSuccess, et al.
> >>>>>>>
> >>>>>>> e.x.
> >>>>>>> onSuccess (transport, json) {
> >>>>>>> // ...
> >>>>>>> }
> >>>>>>>
> >>>>>>> The eval of the response body is based on the "Content-type" header.
> >>>>>>> If you poke around the code from svn, you'll find these lines in
> >>>>>>> ajax.js:
> >>>>>>>
> >>>>>>> var contentType = this.getHeader('Content-type');
> >>>>>>> if (contentType && contentType.strip().
> >>>>>>> match(/^(text|application)\/(x-)?(java|ecma)script(;.*)?$/i))
> >>>>>>> this.evalResponse();
> >>>>>>> // ...
> >>>>>>>
> >>>>>>> // ...
> >>>>>>> evalResponse: function() {
> >>>>>>> try {
> >>>>>>> return eval((this.transport.responseText ||
> >>>>>>> '').unfilterJSON());
> >>>>>>> } catch (e) {
> >>>>>>> this.dispatchException(e);
> >>>>>>> }
> >>>>>>> }
> >>>>>>>
> >>>>>>> Does that make things any clearer?
> >>>>>>>
> >>>>>>>
> >>>>>>> TAG
> >>>>>>>
> >>>>>>> On May 21, 2007, at 12:38 PM, Stephan Ellis wrote:
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>
> >>>>>>>> Yes, my framework, specifically my view that generates JSON sticks
> >>>>>>>> the X-JSON header in to accommodate prototype. I guess to rephrase
> >>>>>>>> my question, if I turn on the X-JSON header, is it supposed to
> >>>>>>>> automatically eval the response body? Sorry if I seem like I have
> >>>>>>>> a thick skull :) Thanks a bunch...
> >>>>>>>> -stephan
> >>>>>>>>
> >>>>>>>> On 5/21/07, David Dashifen Kees <[EMAIL PROTECTED]> wrote:
> >>>>>>>>
> >>>>>>>> Yes. If your JSON is in the response body, you will have to
> >>>>>>>> evaluate it
> >>>>>>>> yourself. It must be the framework you're using which is creating
> >>>>>>>> the
> >>>>>>>> X-JSON header, perhaps? For example:
> >>>>>>>>
> >>>>>>>> new Ajax.Request("some_page.php", {
> >>>>>>>> parameters: {id: 6},
> >>>>>>>> onComplete: function(xhr) {
> >>>>>>>> var json = xhr.responseText.evalJSON(true);
> >>>>>>>> /* ... do something else ... */
> >>>>>>>> }
> >>>>>>>> });
> >>>>>>>>
> >>>>>>>> You're responseText should then be valid JSON. For more information,
> >>>>>>>> see http://prototypejs.org/api/string/evaljson.
> >>>>>>>>
> >>>>>>>> - Dash -
> >>>>>>>>
> >>>>>>>> Stephan Ellis wrote:
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>> Dash,
> >>>>>>>>> Thanks for the reply. Are you saying that I have to evaluate the
> >>>>>>>>> reponseText myself if the JSON is in the response body? I
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>> configured my
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>> application to not send the X-JSON header, but prototype is still
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>> not
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>> evaluating the response body.
> >>>>>>>>>
> >>>>>>>>> Thanks,
> >>>>>>>>> -stephan
> >>>>>>>>>
> >>>>>>>>> On 5/21/07, David Dashifen Kees <[EMAIL PROTECTED]> wrote:
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>
> >>>>>>>>>> The problem is how you're sending information in the X-JSON header.
> >>>>>>>>>> Prototype will try to automatically evaluate anything in the X-JSON
> >>>>>>>>>> header assuming that it is a JSON string. You're X-JSON header
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>> is not a
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>> JSON string but rather another call to eval() so the internal
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>> Prototype
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>> String.evalJSON() function is probably your failure point.
> >>>>>>>>>>
> >>>>>>>>>> Instead, either make "var json = transport.responseText.evalJSON
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>> (true)"
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>> the first line of your callback function, or make sure that your
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>> X-JSON
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>> header is *only* a JSON string.
> >>>>>>>>>>
> >>>>>>>>>> Also, you should be aware that Prototype 1.5.1 added security
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>> features
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>> to help avoid the execution of JSON with invalid code or
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>> malicious code
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>> within it. As a result, JSON created and passed around by
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>> prototype has
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>> /*-secure- before your JSON and */ after it. If you use the
> >>>>>>>>>> String.evalJSON() function to parse your information, you might
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>> need to
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>> explicitly add these strings before and after your JSON to
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>> evaluate it
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>> properly.
> >>>>>>>>>>
> >>>>>>>>>> - Dash -
> >>>>>>>>>>
> >>>>>>>>>> smellis wrote:
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>>> Hello Everyone,
> >>>>>>>>>>>
> >>>>>>>>>>> I upgraded to 1.5.1 today and I have run into a problem:
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>> automatic
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>>> JSON evaluation has stopped working. On the server side I use
> >>>>>>>>>>> Catalyst, an MVC framework for perl. I use
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>> Catalyst::View::JSON to
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>>> turn my perl data structures in to JSON. Here is what my response
> >>>>>>>>>>> headers look like:
> >>>>>>>>>>>
> >>>>>>>>>>> Response Headers
> >>>>>>>>>>> Connection close
> >>>>>>>>>>> Date Mon, 21 May 2007 15:12:54 GMT
> >>>>>>>>>>> Content-Length 984
> >>>>>>>>>>> Content-Type application/javascript; charset=utf-8
> >>>>>>>>>>> Set-Cookie
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>> bg2_session=5279b9253f970f84dd032ec4a00ba2a34dcff66c;
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>>> path=/; expires=Mon, 21-May-2007 17:12:54 GMT
> >>>>>>>>>>> Status 200
> >>>>>>>>>>> X-Catalyst 5.7007
> >>>>>>>>>>> X-JSON eval("("+this.transport.responseText+")")
> >>>>>>>>>>>
> >>>>>>>>>>> The JSON is actually in the response body. I had to subclassed my
> >>>>>>>>>>> JSON view to spit out application/javascript, because the default
> >>>>>>>>>>> content-type (application/json) is not listed in the prototype
> >>>>>>>>>>> documentation as one that will cause prototype to auto evaluate
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>> the
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>>> reponse. I have tried turning off the X-JSON header to see if
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>> that
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>>>> was a problem, but it still doesn't work. Any ideas? Thanks in
> >>>>>>>>>>> advance. -stephan
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>
> >
> > >
> >
> >
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Spinoffs" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/rubyonrails-spinoffs?hl=en
-~----------~----~----~----~------~----~------~--~---
