Items tagged javascript in 2011
Filters: Year: 2011 × javascript × Sorted by date
Does Quora use node.js?
Quora use their own event-based Python web framework which they’ve talked about quite a bit, called LiveNode. I believe it’s based on Tornado, the open source Python evented framework/appserver that was open sourced by Facebook after they acquired FriendFeed.
[... 49 words]Qwery—The Tiny Selector Engine. A quarter of the size of Sizzle (1K gzipped and minified) due to only supporting ID, class and attribute selectors. Could be useful for things like embeddable widgets and badges, where depending on a larger library is impolite. # 2nd April 2011, 8:27 am
Before events took this bad turn, the contract represented by a link was simple: “Here’s a string, send it off to a server and the server will figure out what it identifies and send you back a representation.” Now it’s along the lines of: “Here’s a string, save the hashbang, send the rest to the server, and rely on being able to run the code the server sends you to use the hashbang to generate the representation.” Do I need to explain why this is less robust and flexible? This is what we call “tight coupling” and I thought that anyone with a Computer Science degree ought to have been taught to avoid it.
— Tim Bray # 10th February 2011, 6 am
The code injected to steal passwords in Tunisia. Here’s the JavaScript that (presumably) the Tunisian government were injecting in to login pages that were served over HTTP. # 24th January 2011, 6:45 pm
Why would someone browse the web with JavaScript disabled?
Security conscious users (who understand the implications of XSS and CSRF attacks) sometimes disable JavaScript completely, or use a tool like the NoScript extension to disable it for all sites and only re-enable it on a small whitelist of sites that they trust.
[... 67 words]Display your events on your own website with Lanyrd Badges. We’ve launched badges for Lanyrd—JavaScript that lets you embed a top bar or a content “splat” showing events you plan to attend, talks you’ve given in the past and other various combinations. I’m quite pleased with the implementation—the badges are configured using classes on a link to your Lanyrd profile, and the badges themselves are served through a combination of Amazon CloudFront for the initial script and a Varnish cache for the badge data itself to keep things nice and snappy. # 13th January 2011, 8:38 pm
Are there any wikis that allow the use of JavaScript on wiki pages?
Such a wiki would be grossly insecure. That said, take a look at TiddlyWiki—it’s implemented entirely in client-side JavaScript and allows plugins to be implemented by pasting JavaScript in to a textarea.
[... 53 words]Why does Facebook chat use subdomains so aggressively?
Probably because it involves long-running connections. Browsers have a limit on the number of connections you can have open to the same domain at the same time (I think it’s 8 in most browsers these days). If Facebook chat opened a connection to www.facebook.com and you opened up 8 Facebook windows you would no longer be able to navigate to any more Facebook pages, since all 8 connections would be taken up by the long lived chat connections. By connecting to a different subdomain for each connection this problem can be avoided.
[... 107 words]What are the reasons that make jQuery more popular than MooTools?
MooTools is the only major JavaScript library that still thinks extending the prototype of built-in JavaScript objects is a good idea.
[... 44 words]What are the JSON security concerns in web development?
Be very careful when implementing JSON-P for authenticated actions—evil third party sites could assemble URLs to your user’s private data and steal it. This attack has worked against Gmail in the past.
[... 203 words]