May 14, 2008 at 17:21A few things that a webmaster should know about Ajax
- Transfer
In English, AJAX is pronounced as AJ , in Russian, Ajax is quite common .
Everything seems to be beautiful, but there are several pitfalls, which I will tell you about below.
Although Ajax is an acronym for Asynchronous JavaScript and XML, this does not reveal its ideology. Ajax is an ideology that states that for a server-side web application to work, it is not necessary to reload the entire page, uselessly chasing data from server to client and vice versa. Using Ajax allows you to make the web application more flexible and modern, allowing users to work with the web application more productively and conveniently.
Ajax applications write in JavaScript and, as a rule, use the XMLHttpRequest object to transfer data (for Microsoft browsers, ActiveXObject (Microsoft.XMLHTTP) can not be helped). XMLHttpRequest has been approved by the World Wide Web Consortium. Since the technology has become widespread relatively recently, there is no common standard, and as a result, different browsers may understand Ajax differently or ask for a special approach, Microsoft’s browsers are a vivid example of this. For more global compatibility, you can use other technical solutions, for example, frames, cookies, Java-applet or Flash. However, if frames and cookies do not always cope with the assigned task, then the Java applet or Flash is too heavy. Have you ever imagined a WordPress admin panel made entirely on a flash in a nightmare?
Regardless of whether you use Ajax or not, JavaScript has risen to new heights not previously available to it. Now it is a full-fledged tool for a modern webmaster, there is no sense in ignoring it anymore, it is useful and user-friendly. For example, I actively began to learn JavaScript, if earlier I was content with some general presentation and writing simple scripts - now I started digging deeper, because I plan to work with Ajax more closely.
Developers who consider JavaScript to be second-rate or harmful language avoid it as soon as they can. However, if you are faced with the task of writing an Ajax application, you still have to use JavaScript. Only Java applets or Flash can serve as an analogy.
Ajax is very interactive, so problems with application design or coding can cause problems. Ajax inherited all the rules of good manners from JavaScript, all the rules and prohibitions - this applies to writing, debugging, and testing a ready-made application.
Despite the fact that the “X” in the acronym Ajax came from XML, its use is completely optional. It is perfectly permissible to use just text, for example, with delimiters, or even just pieces of HTML code (which I do, in general, the script to which the request was sent generates a ready-made piece of code that simply replaces the previous code). And someone else uses YAML markup.
XMLHttpRequest so far does not work well with the binary data format, unlike Flash. But soon this situation, it seems to me, will be fixed. Already there are fixes, crutches - but it's not that.
As a conclusion - analyze which data format is more convenient and faster in your case. For example, for simple manipulations, YAML or CSV is great, and XML will be too thick :)
The most obvious problem for the webmaster is that from now on the web application will send not a couple of hundred kilobytes times, for example, in 10 minutes, but more often in smaller volumes. In fact, this means the possibility of delays in processing Ajax requests and increasing the load on the web server. This should be taken into account even at the design level of the Ajax application.
Do not overdo it, because optimizing the request as a result will give you a minimum gain in the speed of sending and receiving the request. Better enable server-side compression. All modern browsers will understand and appreciate it.
However, there is a better solution - query caching. And do not bother inventing a bicycle with an attempt to cache it on the client’s side - cache directly on the server. An Ajax application will benefit from this much more than from compression.
Ajax applications are limited by the HTTP specification, which allows you to open simultaneously no more than two connections to the same network address. The good news is that in most cases these restrictions are absent. However, there may be problems with the browser, or with the network administrator. However, the last, for good, would close my eyes to this.
In a traditional web application, developers usually do not bother with how users get data. Yes, in fact, this is not necessary. Ajax doesn't like that. It is important to follow the order “sending-receiving-processing received”, otherwise completely unexpected problems may arise.
For many years, users, with problems with the display of the page, click the "Back" button in the browser. In modern Ajax applications, this is also important. After all, the usual gif image is not enough to determine the status of the request.
If an error occurs, send yourself notices to analyze them and eliminate errors and problems. And the user output something friendly after a certain time. It is also worth recognizing that modern JS / Ajax frameworks do not know how to work normally with a timeout.
In fact, an Ajax application is as secure as a traditional one. The headings are the same, the means and means of communication are the same. Although it is worthwhile to pay attention to some things as a separate line, because classic errors can calmly become a legacy of an Ajax application.
This is XSS - in itself, it is not a novelty, it just started to gain popularity with the spread of Ajax applications. At a minimum, filter any HTML code coming from the user. Also check out HTTP Referer - for this is important.
Now, network experts come to the conclusion that inappropriate protection of a site that actively uses JavaScript can lead not only to unauthorized access to your server, but also to your visitor's computer. Be careful and careful, because then it will be unpleasant to find out that because of your laziness someone has taken away your ICQ or wallet.
This text is a free translation with amendments and additions to article 10 things IT needs to know about Ajax .
Cross-post from my blog .
Everything seems to be beautiful, but there are several pitfalls, which I will tell you about below.
Ajax is not just an acronym, it's an idea
Although Ajax is an acronym for Asynchronous JavaScript and XML, this does not reveal its ideology. Ajax is an ideology that states that for a server-side web application to work, it is not necessary to reload the entire page, uselessly chasing data from server to client and vice versa. Using Ajax allows you to make the web application more flexible and modern, allowing users to work with the web application more productively and conveniently.
This is really JavaScript.
Ajax applications write in JavaScript and, as a rule, use the XMLHttpRequest object to transfer data (for Microsoft browsers, ActiveXObject (Microsoft.XMLHTTP) can not be helped). XMLHttpRequest has been approved by the World Wide Web Consortium. Since the technology has become widespread relatively recently, there is no common standard, and as a result, different browsers may understand Ajax differently or ask for a special approach, Microsoft’s browsers are a vivid example of this. For more global compatibility, you can use other technical solutions, for example, frames, cookies, Java-applet or Flash. However, if frames and cookies do not always cope with the assigned task, then the Java applet or Flash is too heavy. Have you ever imagined a WordPress admin panel made entirely on a flash in a nightmare?
Regardless of whether you use Ajax or not, JavaScript has risen to new heights not previously available to it. Now it is a full-fledged tool for a modern webmaster, there is no sense in ignoring it anymore, it is useful and user-friendly. For example, I actively began to learn JavaScript, if earlier I was content with some general presentation and writing simple scripts - now I started digging deeper, because I plan to work with Ajax more closely.
Developers who consider JavaScript to be second-rate or harmful language avoid it as soon as they can. However, if you are faced with the task of writing an Ajax application, you still have to use JavaScript. Only Java applets or Flash can serve as an analogy.
Ajax is very interactive, so problems with application design or coding can cause problems. Ajax inherited all the rules of good manners from JavaScript, all the rules and prohibitions - this applies to writing, debugging, and testing a ready-made application.
XML is optional
Despite the fact that the “X” in the acronym Ajax came from XML, its use is completely optional. It is perfectly permissible to use just text, for example, with delimiters, or even just pieces of HTML code (which I do, in general, the script to which the request was sent generates a ready-made piece of code that simply replaces the previous code). And someone else uses YAML markup.
XMLHttpRequest so far does not work well with the binary data format, unlike Flash. But soon this situation, it seems to me, will be fixed. Already there are fixes, crutches - but it's not that.
As a conclusion - analyze which data format is more convenient and faster in your case. For example, for simple manipulations, YAML or CSV is great, and XML will be too thick :)
Count and plan for an increase in HTTP requests
The most obvious problem for the webmaster is that from now on the web application will send not a couple of hundred kilobytes times, for example, in 10 minutes, but more often in smaller volumes. In fact, this means the possibility of delays in processing Ajax requests and increasing the load on the web server. This should be taken into account even at the design level of the Ajax application.
Optimize Ajax Requests Neatly
Do not overdo it, because optimizing the request as a result will give you a minimum gain in the speed of sending and receiving the request. Better enable server-side compression. All modern browsers will understand and appreciate it.
However, there is a better solution - query caching. And do not bother inventing a bicycle with an attempt to cache it on the client’s side - cache directly on the server. An Ajax application will benefit from this much more than from compression.
Remember the maximum number of connections
Ajax applications are limited by the HTTP specification, which allows you to open simultaneously no more than two connections to the same network address. The good news is that in most cases these restrictions are absent. However, there may be problems with the browser, or with the network administrator. However, the last, for good, would close my eyes to this.
Follow the answers
In a traditional web application, developers usually do not bother with how users get data. Yes, in fact, this is not necessary. Ajax doesn't like that. It is important to follow the order “sending-receiving-processing received”, otherwise completely unexpected problems may arise.
Keep a close eye on bugs
For many years, users, with problems with the display of the page, click the "Back" button in the browser. In modern Ajax applications, this is also important. After all, the usual gif image is not enough to determine the status of the request.
If an error occurs, send yourself notices to analyze them and eliminate errors and problems. And the user output something friendly after a certain time. It is also worth recognizing that modern JS / Ajax frameworks do not know how to work normally with a timeout.
Old tale of security
In fact, an Ajax application is as secure as a traditional one. The headings are the same, the means and means of communication are the same. Although it is worthwhile to pay attention to some things as a separate line, because classic errors can calmly become a legacy of an Ajax application.
This is XSS - in itself, it is not a novelty, it just started to gain popularity with the spread of Ajax applications. At a minimum, filter any HTML code coming from the user. Also check out HTTP Referer - for this is important.
Now, network experts come to the conclusion that inappropriate protection of a site that actively uses JavaScript can lead not only to unauthorized access to your server, but also to your visitor's computer. Be careful and careful, because then it will be unpleasant to find out that because of your laziness someone has taken away your ICQ or wallet.
Instead of “Thank you for your attention”
This text is a free translation with amendments and additions to article 10 things IT needs to know about Ajax .
Cross-post from my blog .