- 1 Introduction to Ajax Part I Core Ideas
- Ajax Defi ned
- Hello Ajax World
- The Challenges of Running Ajax Examples Locally
- The Rise of Ajax
- Implications of Ajax
- Summary
- 2 Pre-Ajax JavaScript Communications Techniques
- One-way Communication
- One-way Image Object Technique
- One-way Iframes with Query Strings
- One-way Script Tags
- Other Approaches
- One-way Iframes with Form Posts
- Cookie-based Transport
- Two-way Communications
- Images for Two-way Communications
- Two-way Script Tag Communication
- Less Common Two-way Methods
- Two-way Iframes
- Communications Pattern Review
- Example Applications
- A Client-Side JS Error Reporter
- Offsite Link Press Monitoring
- Fancy Ratings—Pre-Ajax Version
- RSS Reader
- Summary
- One-way Communication
- 3 XMLHttpRequest Object
- Overview of XHRs
- Instantiation and Cross-Browser Concerns
- ActiveX XHR Anxiety
- A Cross-Browser XHR Wrapper
- XHR Request Basics
- Synchronous Requests
- Asynchronous Requests
- Sending Data via GET
- Sending Data via Post
- Request Headers
- Other HT TP Requests
- Head Requests
- Response Basics
- readyState Revisited
- status and statusText
- responseText
- responseXML
- Response Headers
- Controlling Requests
- Authentication with XHRs
- Propriety and Emerging XHR Features
- Managing MIME Types
- Multipart Responses
- onProgress and Partial Responses
- Other Firefox Event Handlers
- XHR Arcana and Future Changes
- XHR Implications and Challenges
- Ajax and Memory Leaks
- Summary
- 4 Data Formats
- Ajax and Character Sets
- Data Format Decisions
- Encoding/Decoding Requests
- Encoding/Decoding Responses
- Security Considerations
- Transmission Considerations
- Standard Encoding: x-www-form-urlencoded
- Extending Standard Encoding
- Form Serialization
- Object Serialization
- Using Other Input Formats
- XML
- JSON
- Other Request Forms: YAML, Text, and Beyond
- File Attachments
- Response Formats
- Text Responses
- Script Responses
- XML Responses and Handling
- Well-Formed XML
- Valid XML
- XML and the DOM
- Processing Responses with XPath
- Transforming Responses with XSLT
- Data Islands: Proprietary and Powerful
- Binary Responses
- Encoded Content: Base64
- Experimenting with Data URLs
- File Responses
- Summary
- 5 Developing an Ajax Library Part II Applied Ajax
- Not Another Ajax Library!
- AjaxTCR Library Overview
- Adding Modern Conveniences
- Data Format Handling
- Request Status
- Request Control
- AjaxTCR Library Utility Functions
- AjaxTCR Library Basic Features Summary
- Beyond the AjaxTCR Library
- Introduction to YUI
- YUI’s Connection Manager
- Other YUI Features
- Introduction to Prototype
- Ajax Prototype Style
- Prototype Ajax Assistance
- Exploring Prototype Further
- Introduction to jQuery
- jQuery’s Approach to Ajax
- jQuery Ajax Conveniences
- The Strengths and Weaknesses of jQuery
- Other Libraries: Dojo and Beyond
- Summary
- 6 Networking Considerations
- What Could Go Wrong?
- Timeouts
- Retries
- Handling Server Errors
- Handling Content Errors
- Dealing with Multiple Requests x Ajax: The Complete Reference
- Beyond the Two-Connection Limit?
- Request Queues
- Order Is Not Guaranteed
- Are Race Conditions Possible?
- Ensuring Communication Robustness
- Server Availability
- Client Availability
- Connection Rates
- Tracking Network Conditions
- Improving Ajax Performance
- HTTP Compression
- Content Optimization
- Caching
- Busting Browser Caches
- Working with the Browser Cache
- An Ajax Response Cache
- Precaching
- Get the Balance Right
- There’s Always More
- Summary
- 7 Security Concerns
- The Web Attack Surfaces
- Web Application Reconnaissance Review
- Web Application Attack Review
- Ajax Security Differences
- JavaScript Security
- JavaScript Protection
- JavaScript’s Security Policy
- Same-Origin Policy
- Exceptions to the Same-Origin Policy
- Trusted External Scripts
- Ajax and Authentication
- HTTP Authentication under Ajax
- Ajax and SSL
- Custom Form-Cookie Authentication
- Cross-Site Scripting
- Addressing XSS
- XHR Hijacking with XSS
- History Exposure: The Start of a Hack
- Cross Site Request Forgery (CSRF)
- CSRF Attacks on JSON, JSONP and Script Responses
- Defeating CSRF
- Ajax Payload Protection
- Web Services and Ajax: Security’s Pandora’s Box
- Summary
- 8 User Interface Design for Ajax
- The User Interface Implications of Ajax
- Communicating Network Activity
- Traditional Web Pattern Activity Indicators
- Ajax Application’s Activity Indicators
- Detailed Status Indications
- Communicating Problems and Errors
- Communicating Change
- To-Do List Introduction: Delete, Confi rm, and Transition
- Patterns of Immediacy
- Click-to-Edit
- Click-to-Edit List
- Drag-and-Drop
- Draggable List
- The Real Power: Data on Demand
- Auto Completion and Suggestion
- Auto Search
- Auto Validation
- Previewing
- Progressive Loading
- The Danger of Incremental Loading
- What About...?
- Putting Things Together
- Accessibility
- Summary
- 9 Site and Application Architecture with Ajax
- Adding Ajax
- In-Page Ajax
- Rating Refactored
- Building a Rating Widget
- Enabling Alternate Transports
- Automatic Communication Fallback
- Degrading Not Enhancing
- Leveraging Templates
- Client-Side Templates
- Applied Templates
- Wrapping the Widget
- Full-Site Ajax
- Fighting the Back Button Blues
- Embracing History
- Applied History
- Ajax and Bookmarking
- A Full Example: To-Do List xii Ajax: The Complete Reference
- Coupled or Decoupled Architecture
- Loose Coupling
- Tight Coupling
- Exploring Tightly Coupled Architecture Approaches
- Architectural Final Analysis
- Summary
- 10 Web Services and Beyond Part III Advanced Topics
- Ajax and Web Services
- Server Proxy Solution
- URL Forwarding Scheme
- Using the
- Ajax and Web Services
avery
(avery)
#1