Claude Code Plugins

Community-maintained marketplace

Feedback

jquery-ajax-json

@ErnestPenaJr/Project-32
0
0

Best practices for jQuery AJAX with JSON data handling including sending/receiving JSON, error handling, security (CSRF protection, XSS prevention), promise patterns, caching, and modern alternatives. Use when working with jQuery AJAX requests, implementing JSON APIs, troubleshooting AJAX issues, or migrating from jQuery to Fetch API.

Install Skill

1Download skill
2Enable skills in Claude

Open claude.ai/settings/capabilities and find the "Skills" section

3Upload to Claude

Click "Upload skill" and select the downloaded ZIP file

Note: Please verify skill by going through its instructions before using it.

SKILL.md

name jquery-ajax-json
description Best practices for jQuery AJAX with JSON data handling including sending/receiving JSON, error handling, security (CSRF protection, XSS prevention), promise patterns, caching, and modern alternatives. Use when working with jQuery AJAX requests, implementing JSON APIs, troubleshooting AJAX issues, or migrating from jQuery to Fetch API.

jQuery AJAX with JSON - Best Practices Skill

Overview

Comprehensive guidance on using jQuery AJAX for sending and receiving JSON data with security, error handling, and modern best practices.

Core jQuery AJAX Methods

1. $.ajax() - Complete Control

```javascript $.ajax({ url: '/api/users', type: 'POST', dataType: 'json', contentType: 'application/json', data: JSON.stringify({ name: 'John', email: 'john@example.com' }), timeout: 10000, headers: { 'X-CSRF-Token': $('meta[name="csrf-token"]').attr('content') } }) .done(function(response) { /* Handle success / }) .fail(function(xhr) { / Handle error / }) .always(function() { / Cleanup */ }); ```

2. $.getJSON() - GET Shorthand

```javascript $.getJSON('/api/users', { active: true }) .done(function(data) { console.log(data); }) .fail(function(xhr) { console.error(xhr); }); ```

Critical Best Practices

1. Always Use JSON.stringify() for Complex Data

Bad: ```javascript $.ajax({ url: '/api/users', type: 'POST', data: { name: 'John', preferences: { theme: 'dark' } } // jQuery serializes as form data, not JSON! }); ```

Good: ```javascript $.ajax({ url: '/api/users', type: 'POST', contentType: 'application/json', data: JSON.stringify({ name: 'John', preferences: { theme: 'dark' } }) }); ```

2. Comprehensive Error Handling

```javascript $.ajax({ url: '/api/users' }) .done(function(data) { handleSuccess(data); }) .fail(function(xhr, textStatus, errorThrown) { let errorMessage = 'An error occurred';

if (xhr.status === 400) errorMessage = 'Invalid request';
else if (xhr.status === 401) { 
    errorMessage = 'Unauthorized';
    window.location.href = '/login';
}
else if (xhr.status === 500) errorMessage = 'Server error';
else if (textStatus === 'timeout') errorMessage = 'Request timed out';

showErrorMessage(errorMessage);

}); ```

3. Security - CSRF Token Protection

```javascript // Global setup $(document).ready(function() { const csrfToken = $('meta[name="csrf-token"]').attr('content'); $.ajaxSetup({ headers: { 'X-CSRF-Token': csrfToken } }); }); ```

4. Input Validation

```javascript function createUser() { const userData = { name: $('#name').val().trim(), email: $('#email').val().trim() };

const errors = [];
if (!userData.name || userData.name.length < 2) 
    errors.push('Name must be at least 2 characters');
if (!isValidEmail(userData.email)) 
    errors.push('Invalid email');

if (errors.length > 0) {
    showErrors(errors);
    return;
}

$.ajax({
    url: '/api/users',
    type: 'POST',
    contentType: 'application/json',
    data: JSON.stringify(userData)
});

} ```

5. Promise-Based API Service Layer

```javascript const UserAPI = { getAll: (filters) => $.ajax({ url: '/api/users', data: filters }), getById: (id) => $.ajax({ url: `/api/users/${id}` }), create: (data) => $.ajax({ url: '/api/users', type: 'POST', contentType: 'application/json', data: JSON.stringify(data) }), update: (id, data) => $.ajax({ url: `/api/users/${id}`, type: 'PUT', contentType: 'application/json', data: JSON.stringify(data) }) }; ```

Advanced Patterns

Request Cancellation

```javascript let currentRequest = null;

function searchUsers(query) { if (currentRequest) currentRequest.abort();

currentRequest = $.ajax({
    url: '/api/users/search',
    data: { q: query },
    timeout: 5000
}).always(() => currentRequest = null);

} ```

Response Caching

```javascript const cache = {}; function getCachedData(url) { if (cache[url]) return $.Deferred().resolve(cache[url]); return $.ajax({ url }).done(data => cache[url] = data); } ```

Batch Requests

```javascript Promise.all([ $.getJSON('/api/stats'), $.getJSON('/api/orders'), $.getJSON('/api/revenue') ]).then(([stats, orders, revenue]) => { displayStats(stats); displayOrders(orders); displayRevenue(revenue); }); ```

Security Checklist

  • CSRF token included in state-changing requests
  • HTTPS used for sensitive data
  • User input escaped before display (use .text() not .html())
  • Input validation on client and server
  • Error messages don't expose sensitive info
  • Rate limiting implemented

Common Pitfalls to Avoid

  1. ❌ Not setting contentType: 'application/json'
  2. ❌ No error handling (.fail)
  3. ❌ Using synchronous requests (async: false)
  4. ❌ Multiple enumerations of data
  5. ❌ Not cleaning up event handlers

Modern Alternative: Fetch API

```javascript async function createUser(userData) { try { const response = await fetch('/api/users', { method: 'POST', headers: { 'Content-Type': 'application/json', 'X-CSRF-Token': document.querySelector('[name=csrf-token]').content }, body: JSON.stringify(userData) });

    if (!response.ok) throw new Error('Request failed');
    return await response.json();
} catch (error) {
    console.error(error);
    throw error;
}

} ```