GlobalCube
/
analytics


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899
								/****************************************************************
** Licensed Materials - Property of IBM
**
** IBM Cognos Products: drill
**
** (C) Copyright IBM Corp. 2001, 2010
**
** US Government Users Restricted Rights - Use, duplication or 
** disclosure restricted by GSA ADP Schedule Contract with 
** IBM Corp.
*****************************************************************/
// Copyright (C) 2006 Cognos Incorporated. All rights reserved.
	// Cognos (R) is a trademark of Cognos Incorporated.

	/**
	 * securejson.js extends json.js to allow one add a POISONTOKEN to
	 * the JSONString and parse a SecureJSONString (POISONTOKEN + JSONString)
	 * <p> 
	 * By adding a POISONTOKEN like while(1);/* as a prefix to the JSONString
	 * we prevent a possible eavsdropper to use an <script> tag and run the code
	 * <p>
	 * The class also enable one to recieve a SecureJSONString and parse it in a proper manner.
	 * @author Alireza Pourshahid   
	 */

	
	/**
	 * POISONTOKEN is defined as a global static variable that is used by all the method
	 * this is the string that is added as a prefix to JSONString to make it secure. 
	 */

	var POISONTOKEN = "while(1);/*";
	
	
	
	/**
	 * 	
	 *  addPoisonToken returns a SecureJSONString by adding a POISONTOKEN to a JSONString 
	 *  This method should be used when user orginaly create a String and not a JSONObject  
	 *  @return string SecureJSONString (POISONTOKEN + JSONSTRING)
	 *  @author Alireza Pourshahid
	 */
	
	
     Object.prototype.addPoisonToken = function () {
    	return POISONTOKEN + this;
    };

	/**
	 * 	
	 *  addPoisonToken returns a SecureJSONString by adding a POISONTOKEN to a JSONString 
	 *  This method should be used when user create a JSONObject and not a String  
	 *  @return string SecureJSONString (POISONTOKEN + JSONSTRING)
	 *  @author Alireza Pourshahid
	 */

    
     Object.prototype.toSecureJSONString = function () {
        if (typeof JSON != 'undefined') {
            return POISONTOKEN + JSON.stringify(this);
        } else {
            return POISONTOKEN + this.toJSONString();
        }
    };
	
	         
 	/**	
 	 * 	returns a JSONObject after parsing a SecureJSONString
 	 * 	This method removes the POISONTOKEN and parse the remaned 
 	 *  String as a JSONString using parseJSON method from JSON 
 	 *  orginal distirbution. 
 	 * 
  	 *  @return j a JSONObject 
  	 * 	@author Alireza Pourshahid
  	 */
 
  (function (s) {
        s.parseSecureJSON = function (filter) {
            var j;
            j = this.substr(POISONTOKEN.length,this.length);
            if (typeof JSON != 'undefined') {
                return JSON.parse(j);
            } else {
                return j.parseJSON();
            }
        };

    })(String.prototype);