如何跟踪网络应用程序上的字段
以 Facebook 的回复状态为例。当您回复某人的状态时,脚本是否会在该状态的 DOM 中查找该状态的 ID,并发送 Ajax 来更新具有该 ID 的条目?
如果是这样的话,你不能只修改ID并污染数据
吗?作为后续,我看到了一个客户端 MVC 实现 Backbone.js,它可以管理类似上面的内容,而不使用任何 ID,但我仍然不知道如何管理。
http://documentcloud.github.com/backbone/docs/backbone.html
这是源码,相关代码'view'从最后1/4开始
Take Facebook's reply-to-status as an example. When you replies to someone's status, does the script looks into the DOM of that status for the ID of that status, and send an Ajax to update the entry with that ID?
If that's the case, couldn't you just modify the ID and pollute the data
P.S. as a followup, I've seen a client-side MVC implementation, Backbone.js, that manage things like the above w/o the use of any ID, which I still haven't figured out how.
http://documentcloud.github.com/backbone/docs/backbone.html
Here is the source, the relevant code 'view' starts at last 1/4
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
发布评论
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
它仍然会验证它是否是服务器端的有效 ID、您是否有权跟踪该用户的状态等。
It will still verify that it's a valid id on the server side, that you have permissions to follow up to that user's statuses, etc.