Topic: Web 2.0 best practices? (Page 1 of 1) Pages that link to <a href="http://ozoneasylum.com/backlink?for=29923" title="Pages that link to Topic: Web 2.0 best practices? (Page 1 of 1)" rel="nofollow" >Topic: Web 2.0 best practices? <span class="small">(Page 1 of 1)</span>\

 
argo navis
Paranoid (IV) Inmate

From: Switzerland
Insane since: Jul 2007

IP logged posted posted 01-26-2008 16:16 Edit Quote

Hello.

Few questions as I get familiar with web 2.0 :

1) Is there any real world application of atom at the moment? The concept is nice, a resource hog for servers so far, and?
2) Why is innerHTML evil?
3) Are there any other popular constructs of the past that are to be considered evil?

poi
Paranoid (IV) Inmate

From: Norway
Insane since: Jun 2002

IP logged posted posted 01-26-2008 16:40 Edit Quote

1) Atom is better specified. Supports I18N, creation and lastModified dates ( hence can be useful coupled with a versioning system ), unlike RSS it specifies the Content-type of the payload of each item,

2) many reasons :

  • it's only been standardized recently and so far browser vendors have had to implement it on their own
  • it makes script injection ridiculously easy. script tags, object tags, iframes, script execution in background:url(javascript:...); etc...
  • it nukes the events attached in that branch of the DOM tree

There is certainly more reasons.

Of course innerHTML can be bloody fast when creating/removing a massive amount of elements but quite often it's as easy and more practical to clone a template sub tree and customize it then insert/replace it.

3) eval( "someJsCode" ), JSON, Function( "someJsCode" ), setTimeout( "someJsCode", delay ) and setInterval( "someJsCode", delay ) are equaly evil and slower than passing some arguments to a function. Also their use is rarelly justified.



Basically don't trust user inputs and don't make it easy to inject evil stuff.

argo navis
Paranoid (IV) Inmate

From: Switzerland
Insane since: Jul 2007

IP logged posted posted 01-26-2008 17:08 Edit Quote

Ok, thanks. Got something completely wrong for some reason : my question about Atom
(answer is useful though) was instead a question about Comet.

And about this bit :
>> setTimeout( "someJsCode", delay ) and setInterval( "someJsCode", delay )

someJsCode like a simple call to a function? Or some js code like some raw operations?

poi
Paranoid (IV) Inmate

From: Norway
Insane since: Jun 2002

IP logged posted posted 01-26-2008 17:14 Edit Quote

"someJsCode" could be anything, that's what makes these constructs evil in addition to being slow.

argo navis
Paranoid (IV) Inmate

From: Switzerland
Insane since: Jul 2007

IP logged posted posted 01-26-2008 18:20 Edit Quote

And what would be an alternative for making a "pseudo thread?" I mean, WTF???
Everybody and their moms, when they want a runnable piece of js, have setTimeout or setInterval
and no other construct afaik.

(besides, read the point about COMET - I don't see any stunning application of it yet, I just see potential).

poi
Paranoid (IV) Inmate

From: Norway
Insane since: Jun 2002

IP logged posted posted 01-26-2008 18:26 Edit Quote

Call a function don't have the JS engine parse something potentially evil everything frakkin single time.


Comet smooths the communication between client and server. It's a lot nicer than polling but it requires persistent, or lasting, connections which can be a problem with some hosts.

liorean
Paranoid (IV) Inmate

From: Umeå, Sweden
Insane since: Sep 2004

IP logged posted posted 01-26-2008 19:26 Edit Quote
code:
setTimeout(fnorstring,time);

Is executed like this...

if fnorstring is a function:
    when time milliseconds has elapsed:
        add a call with zero arguments to fnorstring to the execution queue
else
    set fn to new Function(fnorstring)
    when time milliseconds has elapsed:
        add a call with zero arguments to fn to the execution queue



--
var Liorean = {
abode: "http://liorean.web-graphics.com/",
profile: "http://codingforums.com/member.php?u=5798"};

(Edited by liorean on 01-26-2008 19:27)

argo navis
Paranoid (IV) Inmate

From: Switzerland
Insane since: Jul 2007

IP logged posted posted 01-26-2008 21:51 Edit Quote

Yeah, I know I didn't want to make a big deal out of it, but a copy paste won't hurt
as poi seems to be a bit busy atm :

>> someJsCode like a simple call to a function? Or some js code like some raw operations?

So the right way, and the way I use, is a call to a function. Neat to know that I knew o)
(for a second I thought poi came up with a brand new way to handle threading in js).

And the second question : is there any public and good demo of Comet in action?
Because the (server) resource consuming demos I have seen suck balls.



Post Reply
 
Your User Name:
Your Password:
Login Options: Remember Me On This Computer
 
Your Text:
Loading...
Options: Show Signature
Enable Slimies
Enable Linkwords

« BackwardsOnwards »

Show Forum Drop Down Menu