Behavior: FormatJson

Applies filters that will automatically convert action returns into JSON responses

This behavior uses a “beforeAction” filter that listens for Action calls with a “format” parameter that equals “json”.  When discovered, normal output is suppressed and instead the return value from the action is captured, converted to JSON, and sent to the browser with a mime/type of “application/json”

Potential security risk

Because this behavior halts further filter execution, it should be applied AFTER any authentication or authorization, so that passing a format parameter doesn’t bypass security

// in app/controllers/<name>_controller.sjs
function init(){
//apply auth behaviors/filters first

// then apply FormatJson

// calling this with ?format=json will cause it to return JSON instead of
// calling the view
function list(params){
//set returns the value set
return this.set("rows",this.model.findBeans())