申明:许多题目和答案摘抄自网上许多大佬的博客,我会尽量注明引用处,此文只做准备面试之用
1,防止javascript脚本读取cookie信息
如果您在cookie中设置了HttpOnly属性,那么通过js脚本将无法读取到cookie信息,这样能有效的防止XSS攻击
HttpOnly的设置样例:
response.setHeader(“Set-Cookie”, “cookiename=value;
Path=/;Domain=domainvalue;Max-Age=seconds;HTTPOnly”);
2,bind,call,apply实现:
Function.prototype.bind_ = function (obj){
if(typeof this != 'function'){
throw new Error("can't bind");
}
var args = Array.prototype.slice.call(arguments,1);
var fn = this;
var _fn = function (){}
var bound = function (){
var params = Array.prototype.slice.call(arguments);
fn.apply(this.constructor === fn?this:obj,args.concat(params))
}
_fn.prototype = fn.prototype;
bound.prototype = new _fn();
return bound;
}
Function.prototype.call_ = function (obj){
obj = obj?Object(obj):window;
var args=[];
obj.fn = this;
for(var i=1;i < arguments.length;i++){
args.push("arguments["+i+"]");
}
var res = eval("obj.fn("+args+")");
delete obj.fn;
return res;
}
Function.prototype.apply_ = function (obj,arr){
obj = obj?Object(obj):window;
obj.fn = this;
var res;
if(!arr){
res = obj.fn();
}else{
var args = [];
for(var i=0;i<arr.length;i++){
args.push("arr["+i+"]");
}
res = eval("obj.fn("+args+")");
}
delete obj.fn;
return res;
}
3,获取变量type:
function type(obj){
var regexp = /\s(\w+)\]/;
var res = regexp.exec(Object.prototype.toString.call(obj))[1];
return res;
}
4,防抖和节流
function debounce(fn,delay){
let timeout = null;
return function (){
clearTimeout(timeout);
timeout = setTimeout(()=>{
fn.apply(this,arguments)
},delay)
}
}
function throttle(fn,delay){
let canrun = true;
return function (){
if(!canrun) return;
canrun = false;
setTimeout(()=>{
fn.apply(this,arguments);
canrun = true;
},delay)
}
}
4:深度拷贝:
JSON.parse(JSON.stringify(XXXX))
function copy (obj) {
var newobj = obj.constructor === Array ? [] : {};
if(typeof obj !== 'object'){
return;
}
for(var i in obj){
newobj[i] = typeof obj[i] === 'object' ?
copy(obj[i]) : obj[i];
}
return newobj
}
5,img加载会影响渲染吗?
6:输入url到页面显示的步骤:
详细博文