Response title
This is preview!
Move this topic
Dynamic global variable across multiple JS files?
in Using jQuery
•
7 years ago
I need to use dynamic global variable declared in one .js file can be
used in another .js file?
for example 3 js files
for example 3 js files
1. one.js
2. two.js
3. global.js
I declared dynamic global variable in global.js as var
token = "token from server"
can this token be used in
one.js and two.js files ???
1
Replies(23)
Yes. Global is global.
Just don’t use var again!
JΛ̊KE
I didnt use var again in one.js file i just
used
$('#id').click(function(){ alert(token) })
But isnt working !!!
and i included all js files in html file
Leave a comment on jakecigar's reply
I do it all the time. I can’t guess what you did wrong.
You can also use the fact that a global variable is a member of the
window object.
- window.token = "token from server"
is the same as
- var token = "token from server"
But
it can be inside a function.
In
either case you can
- alert(token)
JΛ̊KE
Leave a comment on jakecigar's reply
jQuery works that way too. jQuery and $ are global variables, that you
can access in your own scripts.
JΛ̊KE
My bad.! Misspelled js filename in html file.
Im getting Token in
one.js but the problem, i cant use that variable as parameter to the
server like
$.post('sample.php',{tokentoserver: token},function(){......})
the token which is global variable is unable to send its
value to php page...?
Leave a comment on jakecigar's reply
Nope. It’s something else. Maybe you redeclared token somewhere?
JΛ̊KE
No
i did it correctly here is my code
global.js :-
var token;
$('#indexId').click(function(){console.log(token)
}); // working
$('#anotherId').click(function(){console.log(token)
}); // Not working
one.js :-
token
= data.token; (from server);
$('#indexId').click(function(){console.log(token)
}); // working
two.js :-
$('#anotherId').click(function(){console.log(token)
}); //
Not working
Index.html :-
<script src="one.js">
<script src="global.js">
.....
<div id="indexId"></div>
Another.html:-
<script src="two.js">
<script src="global.js">
....
<div id="anotherId"></div>
Leave a comment on jakecigar's reply
LOL, it's always what you don't mention...
You asked about multiple .js files. Not about multiple HTML files.
Global variables do not persist across
multiple HTML documents. When you load a new document, the old
document no longer exists - nor does your variable.
You need to use a cookie or local storage to
persist a value across multiple documents. Or, you can pass the
value through the server.
Actually im using localstorage now, but the problem is security. where
anyone can edit the localStorage.
Is there any alternative for localStorage.
Leave a comment on watusiware's reply
No. Both cookies and local storage can be hacked. As can any other
method we might mention.
JΛ̊KE
What would i do, Im getting a alphanumeric value from server which is a TOKEN, where the whole project is based on that token. If i use localStorage and cookie both are hackable as u said!!!
Leave a comment on jakecigar's reply
When the token is used, make sure it is used by the correct IP address,
and destroy it after some time.
Use https for a bit more security. Other than that, you are in the
same boat as the rest of the world!
JΛ̊KE
Leave a comment on jakecigar's reply
The is no possibility of expecting anything you send to a web browser to
remain secure. You must assume that the user is able to access it. It
doesn't take a very sophisticated "hacker" to retrieve
anything you send to the browser.
SSL/HTTPS does not help with this. The user is still able to access
the data. SSL will protect the data from snoopers while it is in-transit.
Tokens should not be used for long-term secure access to a site.
They should have a shelf-life, they should only be accepted from the
IP address that they were issued-to, as Jake has suggested.
Leave a comment on watusiware's reply
Hmm is there anything we can do with storage events
for localStorage
?
When reloading page set the value to default values in
localStorage with Storage Events.?
Leave a comment on kpsk's reply
storage
events
are
very cool, but they only come into play when you have multiple pages
open from the same domain.
instead of
- var x = 34;
you can code
- var x = localStorage.x || 34;
- var x = "x" in localStorage ? localStorage.x : 34;
JΛ̊KE
Leave a comment on jakecigar's reply
I need it only in one tab.! but the storage events can be used only when
multiple tabs are open.
how can i set expiring session for token
using jquery and access it in multiple js pages ?
Leave a comment on kpsk's reply
You leave the token in localStorage. When someone tries to use it, you
check it’s creation time in your database, if it is too old, or came
from the wrong IP address or wrong user, or wrong anything else, you
don’t use it.
If you remember the "creation time" in the browser, that
can be hacked as well.
Your token should be completely random characters, generated by
your server program.
JΛ̊KE
Leave a comment on jakecigar's reply
Leave a comment on kpsk's reply
That one is a jquery plugin for managing cookie in jQuery style and it
can be also hackable.
Sometime i need to use cookie or localStorage and i add almost all securities measures JAKE suggested.
On top of that I use AES 256 encryption. So when ever i need to save something in user's browser, I encrypt it using AES 256 in my serverside code and send it browser, same way when i received it from user, i decrypt again before matching against the original value.
And i use 32 character string as encryption key.
I don't know what language you are using for serverside coding but i am sure all most all popular languages has AES 256 encryption.
Sometime i need to use cookie or localStorage and i add almost all securities measures JAKE suggested.
On top of that I use AES 256 encryption. So when ever i need to save something in user's browser, I encrypt it using AES 256 in my serverside code and send it browser, same way when i received it from user, i decrypt again before matching against the original value.
And i use 32 character string as encryption key.
I don't know what language you are using for serverside coding but i am sure all most all popular languages has AES 256 encryption.
If the localStorage values are encrypted can they be editable in the
browser?
my localStorage values are used in the way like, if the
value is set to 0 then page is not verified and if it is set to 1 the
page is verified, i should prevent from editing in the browser where
i've written the script for changing those values dynamically ...!
Leave a comment on Sµßhrånil∂'s reply
even encrypted string can be editable from the localStorage, but if some
one edit it then it will not give you correct value while decrypting.
Like if you encrypt 1 then it will be a string with around 50
characters.
Leave a comment on Sµßhrånil∂'s reply
I would not encrypt anything.
Give the user a random string. It can’t be decrypted because it
contains any data. It can be used for 1 thing only, looking up in
your database for some values that were inputted earlier in that day
by the logged in user.
JΛ̊KE
Leave a comment on jakecigar's reply
Change topic type
Link this topic
Provide the permalink of a topic that is related to this topic
Reply to kpsk's question
{"z7664639":[14737000006117460,14737000006117476],"z20383684":[14737000006111842,14737000006111847,14737000006111859,14737000006118413,14737000006118457,14737000006118459,14737000006121345,14737000006121347,14737000006121371,14737000006121467,14737000006118693],"z2950240":[14737000006113999,14737000006116003,14737000006116005,14737000006116013,14737000006122093,14737000006122129,14737000006118523,14737000006118527,14737000006118711],"z4688377":[14737000006122383,14737000006122401]}
Statistics
- 23 Replies
- 64219 Views
- 1 Followers