Frank Carver’s musings about software and life
This seems obscure, but potentially useful. It seems that the window title javascript attribute persists, even when the window it is describing changes from one URL to another. This in turn allows a script form one site to populate it, and a script from another site to read it. A sneaky way round some of the limitations of cross-site scripting (XSS).
Here’s a neat little thing which I heard about on the Stackoverflow podcast. I can already think of plenty of uses for it. A general purpose code “prettifier” which detects, lays out and highlights the syntax of a range of programming languages. Looks simple to include in the JavaScript of any page which might be displaying code.
A fascinating collection of possible cross-site-scripting vulnerabilities. Potentially very valuable for anyone developing a web application which allows text input.
Martin Fowler’s “bliki” is often an interesting read. This recent article is very thought-provoking, offering a clever way to bridge the gap between fully dynamic and fully-static web pages.
In regular web development, there is a stark choice between marking a web page as fully dynamic (typically by adding a sprinkle of “don’t cache me” headers) and marking it as static and unchanging. Dynamic pages can bypass web-caches to provide up-to-the-minute information, but force the server to handle the load of every request from every user. Static pages gain the speed and scalability advantages from distributed caching but can fall foul of many problems including stale data and user-session-confusion.
Fowler proposes a technique of using separate HTTP requests controlled by JavaScript to fetch dynamic page fragments and merge them with the main, static, content.
The new bit about this is the solution of using JavaScript to fetch fragments and modify the HTML. The overall approach has been used successfully since the dawn of modern web browsers. - it’s very similar in concept to the way the old faithful “img” tag has always been handled.
Oddly enough, some colleagues have been working with integrating progressive sound into web pages. This looks like a really neat JavaScript/CSS API for such stuff.