A few things about Ajax that a webmaster should know
In English, AJAX is pronounced as hey-jax , in Russian, Aayax is quite common.
Everything seems to be beautiful, but there are a few pitfalls, which I will tell you about below.
Although Ajax is an acronym for Asynchronous JavaScript and XML, this does not reveal its ideology. Ajax is an ideology that says that in order for a server-based web application to work, it’s not at all necessary to reload the entire page, it is useless to drive data from the server to the client and back. Using Ajax allows you to make the web application more flexible and modern, allowing users to work with the web application more productively and conveniently.
Ajax applications write in JavaScript and, as a rule, use the XMLHttpRequest object for data transfer (for Microsoft browsers — ActiveXObject (Microsoft.XMLHTTP) — nothing can be done). The XMLHttpRequest object has been approved by the World Wide Web Consortium . Since the technology has become widely spread relatively recently, there is no general standard, and as a result, different browsers can understand Ajax differently or ask for a particular approach, a vivid example of which is Microsoft's browsers. For more global compatibility, you can use other technical solutions, such as frames, cookies, a Java applet or Flash. However, if frames and cookies do not always cope with the task assigned, then a Java applet or Flash is too heavy. Have you ever imagined a WordPress admin made entirely on a flash in a nightmare?
')
Regardless of whether you are using Ajax or not, JavaScript has risen to new heights previously unavailable to it. Now this is a complete tool for a modern webmaster, it makes no sense to ignore it anymore, it is useful and convenient for the user. For example, I actively began to learn JavaScript, if earlier I was content with some general presentation and writing simple scripts - but now I began to dig deeper, because I plan to work with Ajax more closely.
Developers who consider JavaScript to be a second-rate or harmful language avoid it as soon as they can. However, if you are faced with the task of writing an Ajax application, you still have to use JavaScript. The only analogy is Java applets or Flash.
Ajax is very interactive, so if there are errors in designing an application or coding, problems may arise. Ajax has inherited all the rules of good form from JavaScript, all the rules and restrictions - this concerns writing, debugging and testing an already finished application.
Despite the fact that “X” in the acronym Ajax originated from XML, its use is not at all necessary. It is quite admissible to use just text, suppose, with delimiters, or even just pieces of HTML code (which I do, in general, the script to which the request was sent generates a ready piece of code that simply replaces the previous code). And someone else uses YAML markup.
XMLHttpRequest so far does not work well with binary data format, unlike Flash. But soon this situation, as it seems to me, will be corrected. Already there are fixes, crutches - but it's not that.
As a conclusion, analyze which data format is more convenient and faster in your case. For example, YAML or CSV is great for simple manipulations, and XML will be too thick :)
The most obvious problem for the webmaster is that the web application will no longer send a couple of hundred kilobytes, for example, in 10 minutes, but more often in smaller volumes. In practice, this means the possibility of delays in processing Ajax requests and increasing the load on the web server. This should be considered at the design level of an Ajax application.
Do not overdo it, because optimizing a request will ultimately give you a minimal gain in the speed of sending and receiving a request. Better turn on server side compression. All modern browsers will understand and appreciate this.
However, there is a better solution - query caching. And do not bother to invent a bicycle with an attempt to cache it on the client’s side - cache it right on the server. An Ajax application will win a lot more from this than from compression.
Ajax applications are limited to the HTTP specification, which allows you to simultaneously open no more than two connections to the same network address. The good news is that in most cases there are no restrictions. However, there may be problems with the browser, or with a network administrator. However, the last, for good, to close my eyes to this.
In a traditional web application, developers usually do not bother with how users receive data. Yes, in fact, it is not necessary. Ajax doesn't like that. It is important to observe the sequence of "sending-receiving-processing received", otherwise there may be quite unexpected problems.
For many years, users with problems with the display of the page click the "Back" button in the browser. In modern Ajax applications, this is also important. After all, the usual gif image is not enough to determine the status of the request.
In the event of an error, send yourself notices to analyze and eliminate errors and problems. And the user output something friendly after a certain time. It should also be recognized that modern JS / Ajax frameworks do not know how to work normally with a timeout.
In fact, the Ajax application is as safe as the traditional one. The headings are the same, the means and methods of communication are the same. Although it is worthwhile to pay attention to some things as a separate line, after all, classic mistakes can be easy to become a legacy of an Ajax application.
This is XSS - in itself it is not new, it just began to gain popularity with the spread of Ajax applications. At a minimum, filter any HTML code that comes from the user. Also check HTTP Referer - for this is important.
Now network experts come to the conclusion that inadequate protection of the site, which actively uses JavaScript, can lead not only to unauthorized access to your server, but also to your visitor’s computer. Be careful and cautious, because then it will be unpleasant to find out that because of your laziness someone has increased ICQ or wallet.
This text is a free translation with revisions and additions to article 10 of what IT needs to know about Ajax .
Cross post from my blog .
Everything seems to be beautiful, but there are a few pitfalls, which I will tell you about below.
Ajax is not just an acronym, it's an idea
Although Ajax is an acronym for Asynchronous JavaScript and XML, this does not reveal its ideology. Ajax is an ideology that says that in order for a server-based web application to work, it’s not at all necessary to reload the entire page, it is useless to drive data from the server to the client and back. Using Ajax allows you to make the web application more flexible and modern, allowing users to work with the web application more productively and conveniently.
This is really javascript
Ajax applications write in JavaScript and, as a rule, use the XMLHttpRequest object for data transfer (for Microsoft browsers — ActiveXObject (Microsoft.XMLHTTP) — nothing can be done). The XMLHttpRequest object has been approved by the World Wide Web Consortium . Since the technology has become widely spread relatively recently, there is no general standard, and as a result, different browsers can understand Ajax differently or ask for a particular approach, a vivid example of which is Microsoft's browsers. For more global compatibility, you can use other technical solutions, such as frames, cookies, a Java applet or Flash. However, if frames and cookies do not always cope with the task assigned, then a Java applet or Flash is too heavy. Have you ever imagined a WordPress admin made entirely on a flash in a nightmare?
')
Regardless of whether you are using Ajax or not, JavaScript has risen to new heights previously unavailable to it. Now this is a complete tool for a modern webmaster, it makes no sense to ignore it anymore, it is useful and convenient for the user. For example, I actively began to learn JavaScript, if earlier I was content with some general presentation and writing simple scripts - but now I began to dig deeper, because I plan to work with Ajax more closely.
Developers who consider JavaScript to be a second-rate or harmful language avoid it as soon as they can. However, if you are faced with the task of writing an Ajax application, you still have to use JavaScript. The only analogy is Java applets or Flash.
Ajax is very interactive, so if there are errors in designing an application or coding, problems may arise. Ajax has inherited all the rules of good form from JavaScript, all the rules and restrictions - this concerns writing, debugging and testing an already finished application.
XML is optional
Despite the fact that “X” in the acronym Ajax originated from XML, its use is not at all necessary. It is quite admissible to use just text, suppose, with delimiters, or even just pieces of HTML code (which I do, in general, the script to which the request was sent generates a ready piece of code that simply replaces the previous code). And someone else uses YAML markup.
XMLHttpRequest so far does not work well with binary data format, unlike Flash. But soon this situation, as it seems to me, will be corrected. Already there are fixes, crutches - but it's not that.
As a conclusion, analyze which data format is more convenient and faster in your case. For example, YAML or CSV is great for simple manipulations, and XML will be too thick :)
Calculate and plan an increase in HTTP requests
The most obvious problem for the webmaster is that the web application will no longer send a couple of hundred kilobytes, for example, in 10 minutes, but more often in smaller volumes. In practice, this means the possibility of delays in processing Ajax requests and increasing the load on the web server. This should be considered at the design level of an Ajax application.
Optimize Ajax requests neatly
Do not overdo it, because optimizing a request will ultimately give you a minimal gain in the speed of sending and receiving a request. Better turn on server side compression. All modern browsers will understand and appreciate this.
However, there is a better solution - query caching. And do not bother to invent a bicycle with an attempt to cache it on the client’s side - cache it right on the server. An Ajax application will win a lot more from this than from compression.
Remember the maximum number of connections
Ajax applications are limited to the HTTP specification, which allows you to simultaneously open no more than two connections to the same network address. The good news is that in most cases there are no restrictions. However, there may be problems with the browser, or with a network administrator. However, the last, for good, to close my eyes to this.
Follow the responses.
In a traditional web application, developers usually do not bother with how users receive data. Yes, in fact, it is not necessary. Ajax doesn't like that. It is important to observe the sequence of "sending-receiving-processing received", otherwise there may be quite unexpected problems.
Watch for bugs carefully
For many years, users with problems with the display of the page click the "Back" button in the browser. In modern Ajax applications, this is also important. After all, the usual gif image is not enough to determine the status of the request.
In the event of an error, send yourself notices to analyze and eliminate errors and problems. And the user output something friendly after a certain time. It should also be recognized that modern JS / Ajax frameworks do not know how to work normally with a timeout.
Old tale of security
In fact, the Ajax application is as safe as the traditional one. The headings are the same, the means and methods of communication are the same. Although it is worthwhile to pay attention to some things as a separate line, after all, classic mistakes can be easy to become a legacy of an Ajax application.
This is XSS - in itself it is not new, it just began to gain popularity with the spread of Ajax applications. At a minimum, filter any HTML code that comes from the user. Also check HTTP Referer - for this is important.
Now network experts come to the conclusion that inadequate protection of the site, which actively uses JavaScript, can lead not only to unauthorized access to your server, but also to your visitor’s computer. Be careful and cautious, because then it will be unpleasant to find out that because of your laziness someone has increased ICQ or wallet.
Instead of "Thank you for your attention"
This text is a free translation with revisions and additions to article 10 of what IT needs to know about Ajax .
Cross post from my blog .
Source: https://habr.com/ru/post/31564/
All Articles