using jQuery to attach an extra data to every link in the page_问答_开发者

using jQuery to attach an extra data to every link in the page

开发者 https://www.devze.com 2023-03-31 23:13 出处：网络

I am creating a web application with a non-popular programming language on the server side. Therefore much of the authentication code needs to be developed by myself.

On the server side I need to receive an authentication string with every GET request that comes from the client so that I can decide if this is a valid user (otherwise I direct the user to a login screen).

I guess I can use the jQuery to add something to the href parameter of all links, something line:

jQuery("a").attr("href).append("?token='"+tokenStr+"'");

But then if the link already has a "?", it will introduce a bug. I prefer to send the information as POST to the server (any other alternative开发者_开发技巧?) But I'm not sure if it's possible to do that in HTML.

the reason I don't want the authentication token to be a part of the URL is because if the user bookmarks that page, the server will direct him to the login page because the token will expire after some time.

Try this:

var tokenStr = 'something';
$('a').each(function(){
    var elem = $(this),
        href = elem.attr('href'),
        hasQueryString = href.indexOf('?') > -1;
    if (hasQueryString) {
        elem.attr('href', href + '&token=' + tokenStr);
    } else {
        elem.attr('href', href + '?token=' + tokenStr);
    }
});

Here's a better version that allows for hashed (#) / anchors within the url:

var tokenStr = 'something';
$('a').each(function () {
    var elem = $(this),
        parts = elem.attr('href').split('#'),
        hasQueryString = parts[0].indexOf('?') > -1;
    if (parts[0].length > 0) {
        parts[0] = parts[0] + (hasQueryString ? '&' : '?') + 'token=' + tokenStr;
    }
    elem.attr('href', (parts.length > 1 ? parts.join('#') : parts.join()));
});

Also, you can inject the "token" parameter as a hidden field to all forms on the page too:

$('form').append(
    $('<input type="hidden" name="token"/>').attr('value', tokenStr)
);

You can use both (POST or GET) in your page, and check for information on security and other implications : http://www.cs.tut.fi/~jkorpela/forms/methods.html

However, I don't quite get why you don't just parse that link of yours and act on the ? you might find with the appropriate response, such as adding a + instead of a ?

Edit: mblase is right.

You can attach hidden input to every form on page, to support sending a token via POST or GET.

$("form").append('<input type="hidden" name="token" value="'+tokenStr+'"/>');

And to add token to any links on page use: EDIT: actually there's a problem with any other implementations of appending token and that is the case when you have link with some hash in it, e.g. /mypage.html?foo=bar#content. We have to detect whenever href of link has hash character to properly append token.

Updated code below:

$("a").each(function() {
    var gps = this.href.split('#');        
    gps[0] = gps[0].indexOf('?')>-1 ? '&'+tokenStr : '?'+tokenStr;
    this.href = gps.length > 1 ? gps.join('#') : gps.join();
});