02.20.08

Prototype API Documentation Search Bar Add-On

Posted in Web Dev, AJAX, JavaScript at 10:51 pm by Spencer

The Prototype JavaScript framework is a fine thing, and the Prototype API Documentation online reference is obviously indispensible. The only problem is that currently the Prototype site has no site search, except for the API Search Bookmarklet which will only retrieve for specific method names (which is certainly useful but somewhat limiting, since it assumes you already know what you’re looking for and is not a free-text search).

So, after one too many searches on Google using site:www.prototypejs.org/api/, I wrote a couple search bar add-ons that simply uses the same Google trick to perform full-text searches of the API docs on the Prototype site.

There are two different versions — one for Firefox and one for IE7 (which has a slightly crippled implementation of the OpenSearch protocol…go figure).

Install the Prototype API Documentation search bar add-on here. (Sorry: Firefox and IE7 only.)

06.01.06

Securing Your JavaScript Against Evildoers

Posted in Web Dev, AJAX, What I'm Reading, JavaScript at 9:10 pm by Spencer

What with the Ajax invasion and all, JavaScript is once again all over the damn place.  The big difference now vs. the ’90s is JavaScript is doing a lot more heavy lifting and — more importantly — interacting with both host server and browser client (i.e. user’s machine) in ways heretofore (mostly) not seen.  And that means along with all the cool stuff and wond’rous toys and tools comes a whole new avenue for mayhem by lowlifes, script kiddies, and really gnarly folks like the Russian mafia.

Server-side programmers — at least the good ones — are already atuned the potentially cataclysmic horrors that can be wrought via insertion attack methods, but in javaScript circles — even the upper aeries of guru-dom — awareness of such dangers is not as pronounced.  This is bad.

Fortunately, A List Apart is doing its part for responsible web development (as usual) and has posted a good 2-part primer on writing secure JS code by Niklas Bivald:

Community Creators, Secure Your Code!

Community Creators, Secure Your Code! Part II

Let’s hope this is the start of a trend of articles and discussion along these lines.

02.13.06

Roundup of JavaScript Libraries

Posted in Web Dev, AJAX, Reference at 8:17 pm by Spencer

Okay, it’s a little old (November last — so not that old, tho these days it’s all relative), but I only recently came across it and man do it kick but.

eDevil (aka Saddam Azad, 18 year old Bangladeshi code whiz) has compiled an exhaustive roundup of JavaScript libraries, providing info, download and (gasp!) documentation links for a huge number of libraries, Ajax toolkits, and a few good tricks to boot.

And while you’re there, you may also want to visit his similarly thorough posting of Ruby on Rails resources.

01.20.06

FireBug Ajax/DHTML Debugging Tool for Firefox

Posted in Web Dev, AJAX, Browsers at 9:49 pm by Spencer

It’s brand-spankin’ new (and the developer owns up, calling it a “pre-pre-pre-alpha release”), but man the FireBug extension is right handy.

Some initial caveats:

Some users report the XMLHttpRequest Spy feature works fine when using the Prototype library but apparently maybe not so much when using roll-your-own XHR functions.

While the dev says FireBug “only shows you errors and log messages that came from the page you’re looking at,” I noticed today that is not necessarily so. I was working with pop-ups, so it could be this early version gets confused when dealing with child windows. I didn’t get all empirical with it, so your mileage may vary.

01.03.06

Rational Ajax Dev: “Hijax”

Posted in Web Dev, AJAX at 5:15 pm by Spencer

Jeremy Keith has a fine post at his DOMScripting Blog in which he makes a fine argument for (gasp!) retaining some basic sanity while drinking all that yummy Ajax kool-aid going around. He even coins yet another buzz word: Hijax.

It really is all very obvious to anyone who remembers the (shudder) browser wars of the late ’90s. Basically:

  • Plan for Ajax from the start.
  • Implement Ajax at the end.

More specifically, Mr. Keith says:

  1. First, build an old-fashioned website that uses hyperlinks and forms to pass information to the server. The server returns whole new pages with each request.
  2. Now, use JavaScript to intercept those links and form submissions and pass the information via XMLHttpRequest instead. You can then select which parts of the page need to be updated instead of updating the whole page.

I know…pretty radical, huh?