Simon Willison’s Weblog

Items tagged javascript in Aug, 2008

Filters: Year: 2008 × Month: Aug × javascript ×

addSizes.js: Snazzy automatic link file-size generation. Posted to Nat’s snazzy new blog: a script that uses my json-head API to grab the file size of linked documents on a page and insert those sizes in to the document. # 30th August 2008, 10:39 am

WolfenFlickr 3D—An unlikely mashup. Brilliant: Wolfenstein 3D style raycasting in JavaScript with images on the walls that have been pulled in using Flickr’s JSONP API. # 29th August 2008, 10:24 am

Coding Horror: Protecting Your Cookies: HttpOnly. Jeff Atwood discovers the hard way that writing an HTML sanitizer is significantly harder than you would think. HttpOnly cookies aren’t the solution though: they’re potentially useful as part of a defense in depth strategy, but fundamentally if you have an XSS hole you’re going to get 0wned, HttpOnly cookies or not. Auto-escape everything on output and be extremely cautious with things like HTML sanitizers. # 29th August 2008, 2:01 am

Capital Radio’s London Guide. Worth pointing out: the search / map interface on this page is one of the best examples of progressive enhancement I’ve ever seen. Try disabling JavaScript and see what happens. It seems like most developers just can’t be bothered with this kind of attention to detail these days, which disappoints me. # 29th August 2008, 1:48 am

json-tinyurl. Because sometimes you want to be able to create a shorter version of a URL directly from JavaScript without hosting your own server-side proxy. # 27th August 2008, 10:58 am

jeresig’s sizzle. Sizzle is a new selector engine (work in progress, no IE support yet) from John Resig, designed to be small, standalone, library agnostic and ridiculously fast. It should eventually replace jQuery’s current selector engine, but if it stays around 4KB it’s also going to be really useful for projects that don’t need the overhead of a full library. # 24th August 2008, 11:41 pm

TraceMonkey. Brendan Eich has been preaching the performance benefits of tracing and JIT for JavaScript on the conference circuit for at least a year, and the results from the first effort to be merged in to Mozilla core are indeed pretty astounding. # 22nd August 2008, 11:13 pm

Get Lat Lon now has a “Get my location (by IP)” button. It took all of five minutes to add using the new google.loader.ClientLocation API. The button is only visible if your location can be resolved. # 22nd August 2008, 10:16 am

Gears API Blog: Gears 0.4 is here! New features are Geolocation, a Blob API for dealing with arbitrary binary data, onprogress() events for tracking HTTP downloads and uploads (meaning progress indicators) and the built-in Gears dialogs localized to 40 languages. # 22nd August 2008, 10:14 am

Google Code Blog: Two new ways to location-enable your web apps. The Gears Geolocation API isn’t very exciting just yet as it only really works on windows mobile devices, but the new google.loader.ClientLocation Ajax API is great—it gives you the user’s location based on looking up their IP address, saving you from needing to install a IP-to-geo lookup database. # 22nd August 2008, 10:12 am

Making queries faster isn’t in the critical path for improving the real-world performance of any Dojo apps I know of, and I bet the same is true for JQuery users. Reducing the size of the libraries, on the other hand, is still important. Now that we’re all fast enough, it’s time that we stopped beating on this particular drum lest we lose the plot and the JavaScript community continue to subject itself to endless rounds of benchmarketing.

Alex Russell # 22nd August 2008, 8:12 am

querySelectorAll in Firefox 3.1. John Resig benchmarks the various JavaScript libraries’ support for querySelelectorAll, and finds an impressive 2-6x performance improvement over native DOM traversal. It’s worth clicking through to John’s experimental plugin for adding support to jQuery, which does a clever trick using __proto__ to convert the collection returned by querySelectorAll in to a jQuery object in browsers that support it. # 21st August 2008, 9:50 am

YUI 3.0 Preview Release 1. YUI sandboxing is a really good idea, which cleverly addresses both the need to run multiple versions of the library at once and the complaints about how verbose traditional YUI code can get. # 14th August 2008, 10:03 am

ECMAScript Harmony. John Resig explains the outcome of the recent “Oslo meeting” where proponents of ECMAScript 3.1 (incremental improvements to JS as it exists today) and 4 (massive, sweeping changes including many new programming constructs) harmonised their differences. The combined effort is closer to 3.1 than it is to 4, which I think is the right decision. # 14th August 2008, 9:37 am

MapIconMaker. Extension API that lets you programatically construct a Google Maps bubble marker icon with a custom size, gradient and stroke colour. Under the hood it uses the Google Chart API with the (undocumented?) “mm” chart type. # 11th August 2008, 8:48 am

Facelift Image Replacement. Like sIFR but with JavaScript and a PHP text rendering component. I question the need for the JavaScript if you’re already generating the images on the server, but the actual generation script is nicely done—it makes smart use of ImageMagick and caches the generated images. # 5th August 2008, 6:36 pm