Closed Bug 360666 Opened 14 years ago Closed 3 years ago

Support for JSONRequest

Categories

(Core :: DOM: Core & HTML, enhancement)

enhancement
Not set
normal

Tracking

()

RESOLVED WONTFIX

People

(Reporter: g13n, Unassigned)

References

()

Details

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1) Gecko/20060601 Firefox/2.0 (Ubuntu-edgy)
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1) Gecko/20060601 Firefox/2.0 (Ubuntu-edgy)

The specification is available from:

  http://www.json.org/JSONRequest.html

Would it be possible for this to make it sometime for JS2?


Reproducible: Always
Assignee: nobody → general
Component: General → JavaScript Engine
Product: Firefox → Core
QA Contact: general → general
Version: unspecified → Trunk
Assignee: general → general
Component: JavaScript Engine → DOM
QA Contact: general → ian
Wrong component.  JavaScript Engine is the core language, not various APIs that are properly (or not) part of the DOM or browser object model.

Is this a dup?

/be
Whiteboard: DUPEME
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Status: ASSIGNED → NEW
dupe of 340987

*** This bug has been marked as a duplicate of 340987 ***
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
No, it isn't. JSONRequest and parseJSON/toJSONString aren't the same thing.
Status: RESOLVED → REOPENED
Resolution: DUPLICATE → ---
Status: REOPENED → NEW
Whiteboard: DUPEME
why can we have just one "Request" and use it for getting XML, JSON, image, or text, instead of separate JSONRequest, XMLHttpRequest, new Image() etc. depending on security.
(In reply to comment #4)
> why can we have just one "Request" 

"CrossSiteRequest" seems more to the point of addressing security. 

> and use it for getting XML, JSON, image, or
> text, instead of separate JSONRequest, XMLHttpRequest, new Image() etc.
> depending on security.
> 

That was my initial reaction, 30 seconds into reading the JSONRequest spec. Why is JSON is the only valid transfer encoding/type. 

The name 'JSONRequest' seems only more suitable to the interface described in the JSONRequest whitepaper than 'XMLHttpRequest' is to the XMLHttpRequest interface due to JSONRequest's encoding limitations (JSON), which do not appear to be justified. 

The JSONRequest specification appears to be biased towards JSON.

This was argued well by Jim Ley on WHAT WG:
http://lists.whatwg.org/pipermail/whatwg-whatwg.org/2006-March/006083.html

Should Security and Encoding be decoupled? 
Some security is obtained because the encoding is limited to a single format. 
A JSONRequest Firefox extension by Collin Jackson can be found at http://crypto.stanford.edu/jsonrequest/
Doug, your input on the the W3C CrossSiteRequest could be helpful:

http://www.w3.org/TR/access-control/

The addon mentioned in comment 7 is at AMO now:

https://addons.mozilla.org/en-US/firefox/addon/5615

/be
What are the chances of this going in for 3.1?

Could the addon be included as is or does it require further work (if so, what?)? Or will we need a different implementation?

CrossSiteRequest is much more complex and still in working draft status. JSONRequest fits more cleanly and simply with the way we are building AJAX sites, so it would really be nice to have it available as early as possible.
The addon is currently implemented in JavaScript. I think we'd probably want a C++ implementation if native support is desired.
(In reply to comment #10)
> CrossSiteRequest is much more complex and still in working draft status.
> JSONRequest fits more cleanly and simply with the way we are building AJAX
> sites, so it would really be nice to have it available as early as possible.

An implementation of Cross-Site XMLHttpRequest is already complete and is queued to go in Gecko 1.9.1. See bug 389508 and bug 408098.

Assignee: general → nobody
QA Contact: ian → general
Yes, use fetch() or XMLHttpRequest. Both have JSON support.
Status: NEW → RESOLVED
Closed: 14 years ago3 years ago
Resolution: --- → WONTFIX
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.