tags:

views:

91

answers:

3
+1  Q: 

How is javascript evaluated at the target page in an AJAX situation?

This may be a philosophical question.

Suppose you're making an AJAX request to a page (this is using Prototype):

new Ajax.Request('target.asp',
{
 method:"post",
 parameters:{alldata:Object.toJSON(myinfo)},
 onSuccess: function(transport){
   var response = transport.responseText || "no response text";
   alert("Success! \n\n" + response);
   },
 onFailure: function(){ alert('Something went wrong...') }
});

Now suppose on the target page, the server -- using ASP -- generates some Javascript based on the myinfo object you sent it, and you are interested in the resulting Javscript. My guess is that, since this target page is never seen by a browser (where the JS interpreter lives), the JS isn't evaluated. And it will only be evaluated if it is returned to the calling page and evaluated there. Is that the point?

Thanks for screwing my head on straight for me.

+1  A: 

The JS on the target.asp page is not evaluated in the client unless you eval() it or push it into the DOM or something.

danb  2009-09-30 14:48:40
+1  A: 

Yes, the assumption is right. The response of that Ajax request is just a string. And that needs to be interpreted somehow that the JavaScript that’s embedded in that response is also interpreted.

Gumbo  2009-09-30 14:49:43
+1  A: 

I am not at all comfortable with ASP, I'll say that up front...

If the server is generating javascript, it would be as a string. As such, it would need to be written to the DOM in some way in order to be meaningful (I'm including the ajax script when I say DOM).

BUT!!!

I know that ASP and .NET are really weird and like to put hooks and callbacks all over the place. In theory, ASP does speak javascript and thus might have some js interpreter of it's own. But I try to sleep at night by thinking that the folks at MS would NOT allow their server-side scripts to execute anything that is intended for the client-side.

Short answer: yes, if the code isn't written out to the page, the code shouldn't be executed. You should be encoding your server's output to be on the safe side, simply because it's a good practice (changing < to &lt;, etc).

Anthony  2009-09-30 14:53:35

related questions

What JavaScript patterns do you use most?
Javascript events
What style do you use for creating an "class" in JavaScript?
Graphing JavaScript Library
What's the difference in closure style
Getting the text from a drop-down box
How to specify javascript to run when ModalPopupExtender is shown
Length of Javascript Associative Array
How Do I Post and then redirect to an external URL from ASP.Net?
How to set up a CSS switcher in ASP.NET
Wrapping lists into columns
Javascript keyboard events primer? (or rather: help me with my custom dropdown)
Http Auth in a Firefox 3 bookmarklet
Best Debugging Tools for JavaScript/xulrunner Development
How can I turn a string of HTML into a DOM object in a Firefox extension?
Call ASP.NET Function From Javascript?
Javascript troubleshooting tools in IE
MAC addresses in JavaScript
Capturing TAB key in text box
CSS Background Color in Javascript
How can I make the browser see CSS and Javascript changes?
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP .Net Custom Client-Side Validation
What JavaScript library would you choose for a new project and why?
Detecting font in JavaScript