Chapter 3  ■ Web Application Technologies

JavaScript

Hyperlinks and forms can be used to create a rich user interface capable of eas-

ily gathering most kinds of input which web applications require. However,

most applications employ a more distributed model, in which the client side is

used not simply to submit user data and actions but also to perform actual pro-

cessing of data. This is done for two primary reasons:

■■

It can improve the application’s performance, because certain tasks can

be carried out entirely on the client component, without needing to

make a round trip of request and response to the server.

■■

It can enhance usability, because parts of the user interface can be

dynamically updated in response to user actions, without needing to

load an entirely new HTML page delivered by the server.

JavaScript is a relatively simple but powerful programming language that

can be easily used to extend web interfaces in ways that are not possible using

HTML alone. It is commonly used to perform the following tasks:

■■

Validating user-entered data before this is submitted to the server, to

avoid unnecessary requests if the data contains errors.

■■

Dynamically modifying the user interface in response to user actions;

for example, to implement drop-down menus and other controls famil-

iar from non-web interfaces.

■■

Querying and updating the document object model (DOM) within the

browser to control the browser’s behavior.

A significant development in the use of JavaScript has been the appearance

of AJAX techniques for creating a smoother user experience which is closer to

that provided by traditional desktop applications. AJAX (or Asynchronous

JavaScript and XML) involves issuing dynamic HTTP requests from within an

HTML page, to exchange data with the server and update the current web

page accordingly, without loading a new page altogether. These techniques

can provide very rich and satisfying user interfaces. They can also sometimes

be used by attackers to powerful effect, and may introduce vulnerabilities of

their own if not carefully implemented (see Chapter 12).

Download 5,76 Mb.

Do'stlaringiz bilan baham: