GCN Hot Topics:

AJAX: Friend or Foe

AJAX can make Web pages feel like full-fledged applications, but beware weaknesses in security and accessibility

By Drew Robb, Special to GCN

In this report

Calling users donkeys and other security woes of AJAX

More on this topic

Elements of AJAX

Asynchronous JavaScript and Extensible Markup Language is a combination of Web development technologies that allows portions of a page to update without having to refresh the entire page. These technologies include:

Cascading style sheets: CSS provides the markup to style a Web page in a way that is pleasing to the eye.

Document object model: DOM lets programmers create and modify Web pages as full-fledged programs.

Extensible markup language: XML is used to format the data used in AJAX Web transactions.

HTML and Extensible HTML: HTML provides the structure for a Web page. XHTML allows developers to provide the framework for XML data.

JavaScript: JavaScript is a scripting language for enhancing user experiences on Web pages.

XML HTTP REQUEST (XHR): XHR is an HTTP-based interface that lets Web servers update data in the browser without requiring the user to refresh the Web page.

According to the poet Homer, Ajax was one of the mightiest Greek warriors in the battle of Troy. But he also wound up going mad and turning on his friends before killing himself.

Now, 2,500 years later, AJAX, or Asynchronous JavaScript and Extensible Markup Language, is an ally of the Geeks — Web developers seeking easier ways to create interactive applications. But as they grapple with usability, security and Section 508 compliance issues surrounding AJAX, they may also worry about being turned against.

“AJAX is successful because it is so easy to learn, easy to use and easy to deploy,” said Michel Gerin, vice president of marketing at Backbase USA, an AJAX consulting and development company that has created AJAX applications for a number of federal clients, including the Navy.

“You can just write a few JavaScript codes or find some on the Web, put it in your HTML page, and — voilà — it works.”

But AJAX is not without its challenges.

“Rich Internet Applications such as AJAX and [Dynamic] HTML are becoming increasingly popular as Web development techniques,” said Judy Brewer, director of the World Wide Web Consortium’s Web Accessibility Initiative (W3C/WIA). “Yet they can create barriers for people with disabilities because of difficulty accessing dynamic navigation and event features.”

So the question arises: Which side of AJAX will you get — the mighty ally or an unstable technology that will turn on you?

Wait-loss program

AJAX is not a single technology, but a Web development technique using a set of technologies that work together to create a smoother interactive experience.

Although the term was coined in 2005 by Jesse James Garrett, president of consulting firm Adaptive Path, some of the technologies go back a decade. AJAX is just a way to describe developing Web applications using these technologies.

It is a browser-based approach that breaks down the traditional concept of the Web page, making it more like a desktop application. With traditional Web pages, Garrett wrote in his initial paper on the subject (GCN.com, Quickfind 866), a user action, such as clicking on a button, triggers an HTTP request to the Web server.

The Web server then processes the request — including querying databases, performing calculations or pulling up documents — generates a new Web page and sends that entire page via the pipe to the user.

« Previous12 3 Next »


GCN.com	Latest News	FCW.com

Government Computer News