Tuesday, April 15th, 2008
Category: Books
Douglas Crockford has an interesting book on the horizon, JavaScript: The Good Parts. When I first heard about the combination of author and title, I couldn’t help but think that it would be a short book, maybe a two pager as above.
But, Douglas has taken a deep look and found some content worthy of a book:
Most programming languages contain good and bad parts, but JavaScript has more than its share of the bad, having been developed and released in a hurry before it could be refined. This authoritative book scrapes away these bad features to reveal a subset of JavaScript that’s more reliable, readable, and maintainable than the language as a whole-a subset you can use to create truly extensible and efficient code.
Most programming languages contain good and bad parts, but JavaScript has more than its share of the bad, having been developed and released in a hurry before it could be refined. This authoritative book scrapes away these bad features to reveal a subset of JavaScript that’s more reliable, readable, and maintainable than the language as a whole-a subset you can use to create truly extensible and efficient code.
Considered the JavaScript expert by many people in the development community, author Douglas Crockford identifies the abundance of good ideas that make JavaScript an outstanding object-oriented programming language-ideas such as functions, loose typing, dynamic objects, and an expressive object literal notation. Unfortunately, these good ideas are mixed in with bad and downright awful ideas, like a programming model based on global variables.
When Java applets failed, JavaScript became the language of the Web by default, making its popularity almost completely independent of its qualities as a programming language. In JavaScript: The Good Parts, Crockford finally digs through the steaming pile of good intentions and blunders to give you a detailed look at all the genuinely elegant parts of JavaScript, including:
- Syntax
- Objects
- Functions
- Inheritance
- Arrays
- Regular expressions
- Methods
- Style
- Beautiful features
The real beauty? As you move ahead with the subset of JavaScript that this book presents, you’ll also sidestep the need to unlearn all the bad parts. Of course, if you want to find out more about the bad parts and how to use them badly, simply consult any other JavaScript book.
With JavaScript: The Good Parts, you’ll discover a beautiful, elegant, lightweight and highly expressive language that lets you create effective code, whether you’re managing object libraries or just trying to get Ajax to run fast. If you develop sites or applications for the Web, this book is an absolute must.
Combine this with John Resig’s new book, and we have some good stuff to look forward too.
Wednesday, April 2nd, 2008
Category: Books, Book Reviews
Back in February, I reviewed the first half of Shawn M. Lauriat’s “Advanced Ajax: Architecture and Best Practices” (Prentice Hall, 2008, 360p). The first four chapters of Lauriat’s book, which focused almost exclusively on client-side technologies, impressed me considerably. But it’s taken me several weeks to get through the remainder of the book, and there’s one reason why: PHP.
The server-side portion of “Advanced Ajax” uses PHP code to illustrate its many and varied lessons about Ajax architecture. It’s not that I have anything against the popular web-development framework and scripting language. It’s just that, after spending my career in the ASP Classic and JSP trenches and slowly ramping up on Rails in the last year, I’m not the ideal target audience for these code samples. Adding “PHP” to the title of the book might have limited its potential audience, but it also would have been more accurate.
That said, there’s a lot of value here for adherents of any server-side framework. Lauriat discusses each topic from a general perspective before diving into the code. The technical approach to a given problem would obviously differ by framework, but the high-level approach wouldn’t. If you don’t mind skimming past the content that doesn’t apply to you, Lauriat’s advice about developing stable, scalable, accessible and secure Ajax applications transcends framework allegiance.
more…
Tuesday, February 12th, 2008
Category: Books, Book Reviews
Because Ajax moves so much application logic from the server to the client, it forces many developers to master a wider range of web technologies than ever before. To work effectively on Ajax projects, front-end developers have to concern themselves with database performance, business logic and other server-side concerns. Back-end and middleware developers, meanwhile, have to make friends with XHTML, CSS, JavaScript and a wide range of browsers. Sure, it’s possible to develop Ajax apps in a siloed team environment. But it’s not the easiest way, and it rarely provides the strongest results.
Shawn M. Lauriat’s “Advanced Ajax: Architecture and Best Practices” (Prentice Hall, 2008, 360p) bridges the gap between developers with exclusive client- or server-side skills. By exploring tools, technologies and best practices for every layer of the Ajax programming model, this solid new programming manual promises to plug the holes in any developer’s resume. Lauriat’s tops-to-tails approach offers something for almost any developer, but it also guarantees most readers will find some sections remedial. As this two-part review will demonstrate, that’s not necessarily a liability.
more…
Friday, February 1st, 2008
Category: Books, DWR
Frank Zammetti has authored the first book dedicated to DWR, Practical DWR 2 (Amazon).
Joe Walker wrote a foreward which he posted, and here is Frank’s personal message:
Ajax represents a brave, new(ish) world of web development where coding on the client is just as important as on the server side. Hundreds of libraries exist that purport to make it easier for you, and there’s always the “Do It Yourself” approach. Which route should you take?
If you work with Java technologies, one choice that stands out is DWR, or Direct Web Remoting. With DWR, JavaScript-based client code that calls server-side objects works as if it were all running in the same process space. The simplicity and power DWR blends together has few rivals today.
In this, the first DWR book to be published, you’ll be introduced to DWR and all it has to offer, including reverse Ajax, XML and annotation-based configuration, container-managed security, simple POJO-based development, and greatly simplified client-side coding. You’ll learn by doing as you explore six fully functional applications including the following:
- A webmail client for remotely accessing your e-mail accounts
- A wiki for collaborative efforts
- A file manager for remotely managing your server’s file system
- A portal for enterprise reporting needs
- A project management/time-tracking system
- Even a fun little game!
In addition to DWR, you’ll also see how other popular libraries help realize the RIA/Web 2.0 vision, including Spring, Hibernate, dHTMLx, DataVision, Freemarker, and Ext JS. If you’re doing RIA development in Java, DWR is for you, as too is this book.
(and if you like sci-fi and pop culture references strewn throughout your reading material, and a touch of wise a**-edness too, you’re in for a good time to boot!)
Tuesday, January 22nd, 2008
Category: Books
Marijn Haverbeke has put together an online book titled Eloquent JavaScript that not only has some nice content, but incorporates an integrated interface for editing and running example programs.
Wednesday, January 16th, 2008
Category: Books, Book Reviews
Reviewers overuse the phrase “required reading,” but no other description fits the new book “Ajax Security” (2007, Addison Wesley, 470p). This exhaustive tome from Billy Hoffman and Bryan Sullivan places the specific security concerns of the Ajax programming model in historical perspective. It demonstrates not only new security threats that are unique to Ajax, but established threats that have gained new traction in the Web 2.0 era. It then details both the specific technical solutions and - more importantly - the mindset that are necessary to combat such threats.
Because so many developers have historically overlooked the importance of security, the authors approach their topic for what it is: a remedial subject. They take pains to explain the basic mechanisms by which hackers have exploited insecure web applications over the last decade: cross-site request forgeries, denial of service attacks, cross-site scripting and SQL injection. Then they explain how those mechanisms have changed thanks to the rise of xmlHttpRequest, public APIs, mash-ups and aggregators. If you’ve ever read a Douglas Crockford rant about the “brokenness” of the web security model and wondered why the guy was such an alarmist, Hoffman and Sullivan are only too happy to provide you with a much-needed wake-up call.
More…
Monday, December 31st, 2007
Category: Books
John Resig has some JavaScript secrets that he wishes to tell in a new book, and wants your help in getting more.
Some on the tip of his tongue are:
- What is
(function(){ })() and why is it so fundamentally important to modern JavaScript development?
- What does
with(){...} do and why is it so useful?
- How can
arguments.callee change how I work with JavaScript code?
- How exactly do timers work and how can I best use them?
- How do I identify and tackle memory leaks in web applications?
- How do I write a cross browser way of…
- Getting/setting attributes.
- Injecting HTML strings.
- Getting/setting computed css values.
- Managing DOM events.
- Writing a CSS selector engine.
- Doing smooth animations.
- How can I use verification tools (like JSLint) to my advantage - and write my own?
- What’s the best way to transmit JavaScript files?
- How do I write my own JavaScript compressor (like Packer)?
This looks like good stuff. I am sure the likes of Dean Edwards, Neil Mix, Kris Zyp, Alex Russell, and many others have interesting things to add.
A book that I would love to see is the equivalent of the Eric CSS books for Ajax. Take some real apps and build them in a book. Quality case studies that teach you a lot, in a nice glossy set of copy that makes you smile.
What would you like to see? Maybe the entire piece could be made collaboratively :)
Wednesday, November 7th, 2007
Category: JavaScript, Prototype, Books, Book Reviews, Scriptaculous, Announcements
This is a big day for Protoscript friends. The triple release. The big one. This post is a long one two as it discusses:
Prototype 1.6
They cleaned up, and 1.6 is a really nice piece of work. A lot of little nit-picks are now solved, and you are left with the lean mean machine that you know and love.
Highlights
- Ajax transport objects are now automatically wrapped in an Ajax.Response object.
- Ajax.Response includes support for accessing JSON response bodies as JavaScript objects via the responseJSON property.
- The class API now includes full support for inheritance and superclass method calls. (See Mislav’s tutorial for more info.)
- Class objects now have an addMethods method for adding instance methods after creation.
- Elements can be created easily with the new Element(…) syntax.
- Element#insert provides a unified API to DOM element and HTML fragment insertion.
- Element#select is an alias for getElementsBySelector and is now the preferred way to find elements by class name.
- Element#wrap lets you easily wrap an element inside another element in place.
- Enumerable methods on Array are now backed by native Array#forEach implementations when possible.
- Enumerable now has aliases for equivalent JavaScript 1.6 Array methods, and support for JavaScript 1.6’s context parameter for automatic callback binding.
- Enumerable#grep now calls the match method on its first argument, so you can use it to e.g. filter an array of DOM nodes by CSS selector.
- Event objects are now automatically extended with instance methods, so you can write e.g. event.stop() instead of Event.stop(event).
- Prototype’s event API now supports firing DOM-based custom events with Element#fire.
- The new dom:loaded custom event fires when the entire document has loaded and is ready for manipulation.
- Function#curry allows for partial application of function arguments.
- Function#wrap facilitates simple aspect-oriented programming and provides the basis for Prototype’s superclass method call mechanism.
- Function#delay delays invocation of the function by the given number of seconds.
- Function#defer schedules the function to run as soon as the interpreter is idle.
- The Hash API has changed, and you must now use Hash#get and Hash#set instead of directly accessing properties on Hash instances.
- String#interpolate is a shortcut for instantiating a Template from the string and calling evaluate on it.
- Object properties can now be used in template replacement strings.
Script.aculo.us 1.8
This is the last release before 2.0 comes out and features:
- Complete rewrite of Ajax.InPlaceEditor and Ajax.InPlaceCollectionEditor
- Full CSS inheritance in Effect.Morph
- New core effect: Effect.Tween
- Sound: play mp3 files for sound effects; uses native playback on IE and available plugins whereever possible
- Duration and distance options for Effect.Shake
- Performance improvements
- Tons of bugfixes
The Book (Reviewed by Stu Halloway)
The skinny: If you develop with Prototype and Scriptaculous, you need
this book.
Prototype and script.aculo.us: You Never Knew JavaScript Could Do This! is a long book, by Pragmatic Press standards. At first glance,
this might seem doubly odd, since the libraries themselves are quite
small, totaling only in the 100s of KB. But before I even opened the
book, I hoped that the length might be justified, for two reasons:
- Prototype and Scripty (hereafter P&S) are packed with dense,
expressive, beautiful code, and they can do far more than their size
might suggest.
- Along with several other Ajax libraries, P&S embody a modern
JavaScript style that embraces functional programming. This new style
is not well covered in the JavaScript books currently in print (as of
November 2007), so to learn P&S you also have to learn to think about
JavaScript in a new way.
Once inside the book, I was delighted to find that both of my hopes
were addressed. Porteneuve dives straight into the deep end,
embracing JavaScript’s functional style immediately in Chapter 2 and
never dumbing down the example code. (Don’t worry, there are forward
and backward references to help you along. This is especially nice if
you are reading the electronic copy of the book.) You may need to
read some sections of this book multiple times, and that is a good
thing.
The coverage of both Prototype and Scriptaculous is thorough. Of
course the marquee features receive due attention: Prototype’s
Ajax.Request and Scriptaculous’s Effects each have their own
chapters. More interesting to me is the thorough coverage of the less
visible parts:
- Prototype’s functional capabilities are significantly enhanced for
the 1.6 release. Chapter 4 shows how to use curry, bind (including
multiple argument invocation), delay, and defer. You can even do some
lightweight Aspect-Oriented Programming (AOP) with the new wrap method.
- Chapter 7, “Playing with the DOM is Finally Fun”, nicely mixes
tutorial and reference. The Staff Manager example motivates each
section, but each individual section also acts as a reference for a
set of DOM extensions.
- The Event mechanism has been rewritten and enhanced for Prototype
1.6. Chapter 6 covers the new unified event handling. Porteneuve
motivates the event model by contrasting three approaches: the IE
way, the standards way, and the Prototype way. With 1.6, portability
improves again with synthetic events that fill gaps in the browser
event model, e.g. dom:loaded. You can even fire and respond to your
own custom events.
- I have been using Scripty for years and I never even noticed the
sound API (Chapter 20).
Of course, no reviewer feels complete until a few nits have been
picked. So here are a few:
- Porteneuve embraces Prototype’s approach to JavaScript and the web
(as do I). That said, there are many other approaches. It would be
great to have an overview of the philosophical differences that set
P&S apart from other JavaScript libraries.
- The book’s style is casual, even by Prag standards.
- Prototype and Scriptaculous are a rich buffet, and the book
documents nearly every bite. Sometimes the book could be more
opinionated about the menu. For example, I hate the $break feature in
Prototype. Maybe Porteneuve does too–the example is certainly
contrived.
These flaws are relatively minor. Overall I was impressed by the
amount of information in the book. I have been using P&S for years,
and I learned something new in almost every chapter.
For years, developers at software conferences have asked me “What is
the best way to learn Prototype and Scripty?” Until today, my answer
has always been “Read the source code.” Not any more. If you are
building applications with P&S, you need to read this book.
Wednesday, June 27th, 2007
Category: Books, Adobe
Mike Chambers and the Adobe AIR crew have generously released the Adobe Integrated Runtime (AIR) for JavaScript Developers Pocket Guide (Amazon) under a creative commons license.
They have given us an electronic copy available for download for free, here.
The pocket guide covers:
- Introduction to AIR
- Getting Started with AIR development
- Working with JavaScript and HTML within AIR
- AIR Mini Cookbook
- Command line tools
- Aliases
Everyone who shows up for the free bus tour will get a paper copy of the book.
Tuesday, January 16th, 2007
Category: Books
Bulletproof Ajax is a new book by Jeremy Keith (of DOM Scripting fame).
This book is slightly different that many of the other Ajax books in that it is targeted on the design side.
The website that accompanies the book has some good examples to look at, so check it out and see if it is for you.
Tuesday, January 2nd, 2007
Category: Prototype, Books, Rails
Apparently Santa was listening to my request for more docs in this last post: Sergio Pereira has updated his outstanding developer notes for Prototype to cover 1.5rc2.
Scott Raymond and Sergio also worked together to create the Prototype Quick Reference, a PDF that expands on Sergio’s web site. The PDF will also be updated to cover 1.5 final, whenever that happens. There is also Ajax on Rails, written by Scott with Prototype-specific info contributed by Sergio. It also covers Scriptactulous and of RJS and other Rails specific methods for developing ajax.
Does anyone have any reviews of either they could link up or contribute?
Wednesday, November 29th, 2006
Category: Mapping, Books
Beginning Google Maps Applications has a couple of sample chapters to peruse.
The sample chapters currently available cover:
- Interaction: Now that you have your first interactive Google Maps web application, grab aGPS and start looking for geocaches to add to your map! Get your friends involved, too, and show off what you’ve learned.
- Geocoding: This chapter covers using geocoding services with your maps. It’s safe to assume that you’ll be able to adapt the general ideas and examples here to use almost any web-based geocoding service that comes along in the future. From here on, we’ll assume that you know how to use these services (or ones like them) to geocode and cache your information efficiently.
Tuesday, November 7th, 2006
Category: Editorial, Books, Security, Testing, Remoting, The Ajax Experience
Often when you hear discussions regarding Ajax and security, its said that the issues remain the same as they were ten years ago: don’t trust user input, don’t expose sensitive data without encryption, code for security from day one, never display system errors messages, etc. While that is all true and good, one thing I heard from the Ajax Experience that stuck with me is that “ajax increases the typical amount of attack vectors“. We are hitting the server more often, with different transports, and often talking to remote servers as well for services. This will only become a bigger issue as cross domain ajax becomes more prevalent and libraries and tools make it easier to mash things up without having to know each individual services’ API. Do the developers you work with keep up to date on writing secure code? Have you seen your ajax app exploited by cross-site scripting attacks or sql injection, or are do you consider things “safe” because you are only doing intranet work?
With that in mind, Michel Sutton’s entry on ten common security mistakes might be a good refresher. His earlier entry on SQL injection is also worth a read, particularly if you are hand-coding sql and aren’t using a database library that handles parameterized SQL statements for you (though if thats the case you might have bigger issues…)
Recently I went looking for an authoritative book on web app security for some fun-filled weekend reading, and came up with very few hits. The closest I found was How to Break Web Software
and Hacking Exposed Web Applications, Second Edition
. How to Break Web Software has a bunch of good reviews and looks to be a good high level coverage of many of the common attacks. Hacking Exposed is a bit newer and has less reviews, though the first edition looked to be pretty well received. That title and cover are pretty painful, though. Is there an equivalent to the K&R C Book
for web app security?
There are a ton of books on server security and locking down your OS, but not much that targets web applications specifically. Any other good suggestions? Any web security blogs worth subscribing to?
Monday, October 23rd, 2006
Category: Usability, UI, CSS, Books, The Ajax Experience, Design
Sarah Nelson and David Verba of Adaptive Path presented Practical Design for Ajax, a very good overview of many of the design and user experience issues in web development. They covered a lot of ground in 90 minutes and still had some good concrete examples. There were also several book recommendations to explore issues more in depth – I’ve collected those at the bottom of this post.
User Experience
- success comes from the user experience (editor: see also Creating Passionate Users, if you aren’t already subscribed)
- successful design depends upon context, priorities
- know who users are – design for all users
- understand your users – context, motivations, challenges
- consider the user experience from ground up, not something you can throw in at the end
Strategery
- what we do we want to get out of the site?
- what do users want out of site?
- determine our site objectives: ie revenue, or community, or sales
- get to know the users
- find the overlap between what stakeholders want and what users want
- what we learn from users should drive strategy
Scope
- dont try to be everything to everybody
- fall back on ecosystem of apps – ie use apis/mashpus to bring in other sites’ strengths
- ed: less is more?
Structure
- how do pieces of the site fit togeher?
- interaction design – how user moves from one step in process to next
- interaction frameworks
- granularity – keep similar things grouped together
- labeling – make sure your terms make sense to users first, and aren’t just biz terms – ie “jobs” versus “human resources”
- consistency – use the same terms throughout site and throughout life of the site
Skeleton
- what components will enable ppl to use the site?
- four principles: discoverability, recoverability, context, feedback
- some good examples – farecast, blogger
Surface
- what will finished product look like?
- ajax plays the most obvious role here
- “attractiveness bias” – people like pretty stuff better then ugly stuff
- but looks aren’t everthing – see: myspace
- what personality does the site have? ex: flickr has a very friendly, quirky personality
Visual Design
- get Robin William’s book (see book links below)
- four basic principles to follow
- CRAP -> Contrast Repetition Alignment Proximity
- William’s book is awesome – get it
Documentation
- “wireframing ajax is a bitch” – Jeffrey Zeldman
- frame-by-frame? no
- wireframe with key frames illustrated
- lo-fi animations
- just build the damn thing. prototype it in html/js/css
- no best practices
Q&A
q: How to deal with designers who expect us to replicate pixel perfect photoshop mockups?
a: Patience, communication. The issue starts to go away as more designers learn to operate in a more agile way, working with developers instead of throwing their designs over the wall.
q: How can you get designers and programmers to work together with ajax?
a: work for a Rails startup. Or go agile. or work for adaptive path. Real answer: education or just game the system: just get the right people in the same room and get them talking. Find receptive designers and work from the bottom up.
q: Can you recommend any accessibility books?
a: Not really. (ed: Dive Into Accessibility is a free online book. Its old so it won’t cover ajax accessibility, but many of the fundamental principles apply.)
recommended books
Thursday, August 31st, 2006
Category: .NET, Books
Wrox Press has published “Beginning Ajax with ASP.Net” by Wally McClure, Scott Cate, Paul Glavich, and Craig Shoemaker.
The book is suitable for Ajax newbies who work with .Net (as well as those who do have some Ajax experience), as the first five chapters are pure Ajax overview. Beyond that, several .Net frameworks are overviewed, including Ajax.Net, ComfortASP.Net, MagicAjax, and Anthem.Net, as well as three chapters devoted to Atlas. An often-overlooked, but essential, aspect of Ajax - debugging - is also covered.
The chapters:
1 Introduction to Ajax on ASP.NET
2 Introduction to DHTML
3 JavaScript and the Document Object Model
4 The XMLHttpRequest Object
5 Data Communication: XML, XSLT, and JSON
6 What Is Built into ASP.NET
7 Ajax.NET Professional Library
8 Anatomy of Ajax.NET Pro Library
9 Other Ajax Libraries for .NET
10 Atlas Client Scripting
11 Atlas Controls
12 Atlas Integration with ASP.NET Services
13 Debugging
More info:
Friday, August 25th, 2006
Category: Ajax, Google, Books, Remoting
Dave Thomas over at the Pragmatic Programmer let us know about a new Friday (i.e., short book that can be read entirely in a Friday afternoon) that they’ve published: Google Web Toolkit, by Ed Burnette.
Dave was kind enough to provide us with an excerpt for distribution to our readers: Chapter 5 — Remote Procedure Calls; seems appropriate for an Ajax readership. If you’ve been wanting an easy way to learn more about GWT, here’s your chance.
—
Next Page »
- before Jesse coined Ajax…
- opinionated usability.
- learn about your users by observing them.
- THE book for information architecture.