Entries tagged javascript
Filters: Type: entry × javascript × Sorted by date
How is JSON different then a JavaScript (programming language) object?
JSON is a carefully selected subset of JavaScript. A JSON object can only consist of dictionaries, strings, numbers (in JavaScript floating point and integers are treated as the same thing), lists, booleans and null. The spec on JSON.org is a good guide: http://json.org/
[... 119 words]Are there any performance drawbacks when rendering DOM views at runtime with JavaScript, rather than rendering server-sent HTML?
Yes, there is quite a significant impact on first-load performance. The browser has to pull down all of the linked scripts before it can display any content—if you’re using a library like jquery that’s a sizeable chuck of code that has to be loaded and executed just on its own.
[... 152 words]Does Quora use node.js?
Quora use their own event-based Python web framework which they’ve talked about quite a bit, called LiveNode. I believe it’s based on Tornado, the open source Python evented framework/appserver that was open sourced by Facebook after they acquired FriendFeed.
[... 49 words]Why would someone browse the web with JavaScript disabled?
Security conscious users (who understand the implications of XSS and CSRF attacks) sometimes disable JavaScript completely, or use a tool like the NoScript extension to disable it for all sites and only re-enable it on a small whitelist of sites that they trust.
[... 67 words]Are there any wikis that allow the use of JavaScript on wiki pages?
Such a wiki would be grossly insecure. That said, take a look at TiddlyWiki—it’s implemented entirely in client-side JavaScript and allows plugins to be implemented by pasting JavaScript in to a textarea.
[... 53 words]Why does Facebook chat use subdomains so aggressively?
Probably because it involves long-running connections. Browsers have a limit on the number of connections you can have open to the same domain at the same time (I think it’s 8 in most browsers these days). If Facebook chat opened a connection to www.facebook.com and you opened up 8 Facebook windows you would no longer be able to navigate to any more Facebook pages, since all 8 connections would be taken up by the long lived chat connections. By connecting to a different subdomain for each connection this problem can be avoided.
[... 107 words]What are the reasons that make jQuery more popular than MooTools?
MooTools is the only major JavaScript library that still thinks extending the prototype of built-in JavaScript objects is a good idea.
[... 44 words]What are the JSON security concerns in web development?
Be very careful when implementing JSON-P for authenticated actions—evil third party sites could assemble URLs to your user’s private data and steal it. This attack has worked against Gmail in the past.
[... 203 words]What are the best alternatives to JavaScript when writing web applications?
CoffeeScript is rather nice—it compiles to non-obfuscated JavaScript.
[... 27 words]Why do browsers allow cross-domain JavaScript to execute but not XMLHttpRequests?
It’s called the Same Origin Policy, and it’s principally about intranets. Imagine you have a URL http://intranet.corp/top-secret-...—and you then visit http://evil.example.com/ . If cross domain XHR was allowed the evil site could suck that secret document off your intranet without you realising.
[... 105 words]What is the best JS library for automated cropping?
Not entirely clear what you’re looking for, but if you mean a UI tool for letting people resize and crop an image Jcrop is really nice http://deepliquid.com/content/Jc...
[... 43 words]Why do some websites implement their logout link as a form post via JavaScript versus a plain old GET request?
Probably because if you implement logout as a GET action, I can force you to log out of a site by tricking you in to visiting a page with an <img src="http://yoursite.com/logout/" width="1" height="1"> element on it.
[... 64 words]What companies are using Node.js in production in Texas?
There’s a list on this page: https://github.com/joyent/node/w...
[... 23 words]Why don’t more people use Google Web Toolkit for web development as opposed to scripting alternatives like JavaScript?
I’m morally opposed to GWT, because I don’t believe in building sites or applications that are entirely dependent on JavaScript to function. As someone who took the time to learn JavaScript, I’m also not at all convinced that Java is a more productive language.
[... 68 words]Why do so few companies use the Dojo Toolkit?
Dojo is fantastic software, but it does a lot more than the other libraries and consequently has a much higher learning curve. It’s advanced features may serve as something of a disadvantage for achieving more widespread adoption—most developers don’t need the more advanced abstractions provided by Dojo when they start their projects, and by the time they DO need that stuff they’ve already written a ton of code using another library!
[... 88 words]Is there a modern, tested, reliable, standalone onDomReady function that isn’t part of a larger library?
I’ve just noticed that the original comment thread on Dean Edwards blog from 2006 is still open, and a comment by byron from January 2010 has a promising looking candidate: http://dean.edwards.name/weblog/...
[... 54 words]Why are XSS attacks spreading like fire these days?
XSS attacks are common and easy, and crop up all the time. What’s new is that the number of people who are aware of the potential for XSS worms has increased hugely, so when an XSS does crop up in something popular there’s a much higher chance of someone turning it in to a worm (as happened with Twitter the other day).
[... 96 words]What is the largest production deployment of Server Side JavaScript?
I believe Flickr used to use Rhino for scripting the image processing (resizing, thumbnailing, sharpening) that was applied to every single uploaded photo. No idea if that’s still the case though.
[... 47 words]Node.js is genuinely exciting
I gave a talk on Friday at Full Frontal, a new one day JavaScript conference in my home town of Brighton. I ended up throwing away my intended topic (JSONP, APIs and cross-domain security) three days before the event in favour of a technology which first crossed my radar less than two weeks ago.
[... 2009 words]A few notes on the Guardian Open Platform
This morning we launched the Guardian Open Platform at a well attended event in our new offices in Kings Place. This is one of the main projects I’ve been helping out with since joining the Guardian last year, and it’s fantastic to finally have it out in the open.
[... 839 words]Comet works, and it’s easier than you think
I gave a talk this morning at the Yahoo! Web Developer Summit on Comet, cometd and Bayeux.
[... 1314 words]jQuery for JavaScript programmers
When jQuery came out back in January 2006, my first impression was that it was a cute hack. Basing everything around CSS selectors was a neat idea (see getElementsBySelector) but the chaining stuff looked like a bit of a gimmick and the library as a whole didn’t look like it would cover all of the bases. I wrote jQuery off as a passing fad.
[... 2608 words]JavaScript Libraries: The Big Picture
I just gave my first talk at XTech 2007 (I’m speaking again on Friday, on OpenID). Slides are on slideshare.net.
[... 40 words]Why JSON isn’t just for JavaScript
Dave Winer’s discovery of JSON (and shock that “it’s not even XML”) has triggered an interesting discussion thread, on his blog and elsewhere. Plenty of people have re-assured him (and themselves) that it’s only used for JavaScript—it’s convenient in the browser but irrelevant elsewhere.
[... 787 words]Tamarin
On Tuesday, the Mozilla Foundation and Adobe announced the Tamarin project, an open-source ECMAScript virtual machine based on the ActionScript engine used by Flash Player 9.
[... 380 words]Notes on JavaScript Libraries
@media 2006 was a blast. Great talks, great people and some of the highest production values I’ve ever seen at a conference (check out the bags!).
[... 682 words]Fjax: Just say no
To my utter amazement, a decent amount of buzz appears to be building around a new “technology” called Fjax—much of it centred around this interview on Webmonkey, but also benefiting from a mention on the O’Reilly Radar and of course the obligatory Digg story.
[... 879 words]Speaking gigs
I’ve been doing a fair amount of public speaking recently, based on the principle that the only way to get good at it is to get a lot of practise. My last two talks were a session on Django and Web Application Frameworks at the ACCU 2006 conference and a talk on the Yahoo! Developer Network for NMK’s Beers and Innovation series.
[... 304 words]