Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Development
    • Development

    AJAX Experts Tackle Security, Other Issues

    By
    Darryl K. Taft
    -
    May 11, 2006
    Share
    Facebook
    Twitter
    Linkedin

      SAN FRANCISCO—A panel of experts broke down many of the key issues surrounding AJAX—including security, tooling, support for devices and, not a small question, what will Microsoft do—at the AJAX Experience conference here May 10.

      A panel of 10 Asynchronous JavaScript and XML experts, including the two moderators, Dion Almaer and Ben Galbraith, who are co-founders of Ajaxian.com, which is helping to put on the conference, took questions from the audience for an hour.

      Security ranked among the chief concerns among the audience, with some questioning whether reports that AJAX opens users to security problems are true.

      Panelist Alex Russell, co-founder and project lead for The Dojo Toolkit, a popular AJAX framework, said, “Its worth noting that the fundamental problems with browser security and Web application security havent changed in five years—most rely on a single root of trust, and AJAX doesnt change that. Wider spread use of cross-domain content distribution,” which is not new with AJAX, is part of the issue. “The short version is still, Dont trust the client.”

      /zimages/1/28571.gifAJAX has taken the developer world by storm, but it could be even more effective with the right browser capabilities. Click here to read more.

      Brent Ashley, a consultant and scripting specialist who focuses on AJAX development, said there are some recent developments, such as a new JSONRequest proposal, that mitigate the cross-domain problem. “There are JSON [JavaScript Object Notation] requests that dont exchange cookies during the request. And [Adobe] Flex and ActionScript have a cross-domain file that says, These sites are allowed to cross-domain with me. That gives some control back to the server side. So while there are issues now, heres a new set of constraints.”

      When asked what tools they liked to use to do AJAX development, the panelists listed the programming editors often referred to as tools for “real men” programmers: Vi, Vim (also known as “Vi Improved”) and Emacs. However, after some prodding from Almaer, the group listed a few tools specific to AJAX-style development.

      “For a while there was virtually nothing; now there are some interesting things,” said Glenn Vandenburg, an independent consultant and JavaScript expert. “I think were in an intermediary period where theres a whole bunch of tools that give you 30 to 40 percent of what you need, but no tool that does most of the job.”

      David Geary, a JavaServer Faces expert and president of Clarity Training, said he uses Venkman, a JavaScript debugger. “You cant do AJAX without it,” he said. “I also use Selenium, an awesome tool for testing.”

      When asked whether there is a need to continually provide hacks to make things work better with Microsofts Internet Explorer, Joe Walker, creator of DWR (Direct Web Remoting), a popular AJAX tool kit, said, “The whole of AJAX is a hack, so I dont think we should get too purist about it.”

      “IE is a significant disappointment,” said Russell. “We should be making noise about it. To get anything better out of IE is to start burning barricades outside offices in Redmond. We should make a lot of noise.”

      Russell later said that despite a large and growing number of AJAX frameworks in the industry, he expects a “peaceful coexistence” among them.

      “Its remarkable how easy it is to mix them” and use the best features of different frameworks, said Stuart Halloway, co-founder of Relevance.

      Asked whether the browser is ready to be used as a platform for all-day use, Walker said, “That is a problem; its a work in progress. … There are some tricks you can use and pick the right browser—like not IE.”

      “IE sticks out in some ways,” said Halloway,” but these problems are going to be there regardless of doing AJAX. … This issue should really drive you to use frameworks and libraries because they are tested.”

      Vandenburg said, “I said I used to think JavaScript was a misbegotten toy. And early applications were toys, but theres still some work to be done, and memory model is a big part of that. The installed base of IE will take a long time to outgrow these issues.”

      However, Vandenburg later said that he sees “a lot more of the logic of my application running in the browser than ever before. Im doing less programming on both server and client to achieve more. These frameworks have sprung up, and Im doing less JavaScript programming than ever before.”

      The issue of mobile AJAX came up, and Greg Murray, a systems engineer at Sun Microsystems, said Sun is looking at this area.

      “Were starting discussions at Sun next week around AJAX for mobile devices,” Murray said. Suns annual JavaOne conference is next week in San Francisco.

      Meanwhile, panelists took a few shots at Microsoft, which was not represented on the panel.

      /zimages/1/28571.gifJava gurus say AJAX is the next big thing for building Web applications. Click here to read more.

      A questioner asked the panel what they thought of Atlas, Microsofts AJAX offering. Halloway said he has tested the technology, “and we find it to be pretty impressive. With Atlas its painless to get AJAX into your apps. Its fronted by WCF [Windows Communications Foundation], and its a great product.”

      Asked why Microsoft was not represented on the panel or not a sponsor of the event, Galbraith, who helped moderate the panel, said there was no anti-Microsoft bias during planning for the panel.

      “We wanted them to sponsor the show, but they ran out of budget for the end of the year,” he said to laughter from the audience.

      /zimages/1/28571.gifCheck out eWEEK.coms for the latest news, reviews and analysis in programming environments and developer tools.

      Darryl K. Taft
      Darryl K. Taft covers the development tools and developer-related issues beat from his office in Baltimore. He has more than 10 years of experience in the business and is always looking for the next scoop. Taft is a member of the Association for Computing Machinery (ACM) and was named 'one of the most active middleware reporters in the world' by The Middleware Co. He also has his own card in the 'Who's Who in Enterprise Java' deck.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Careers

      SThree’s Sunny Ackerman on Tech Hiring Trends

      James Maguire - June 9, 2022 0
      I spoke with Sunny Ackerman, President/Americas for tech recruiter SThree, about the tight labor market in the tech sector, and much needed efforts to...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×