AJAX Transport Layer
Siarhei Barysiuk
s.barysiuk@sam-solutions.net

Our roadmap

AJAX... not just for toilet cleaning anymore
• AJAX = Asynchronous JavaScript and XML
• Ajax is set of technologies that allow web
applications to provide rich interaction
without whole page refreshing.

Ajax: Classic Web Application
1) Browser makes request to server
2) Server sends HTML/CSS response

Ajax: Ajax Web Application
1) Browser makes request to server
asynchronously
2) Server sends XML/JSON response
3) AJAX Engine processes response

XMLHttpRequest

XMLHttpRequest: Fetching data flow
1) User generates an event (e.g. button click)
2) System creates an XMLHttpRequest and
configures with request parameters.
3) The XMLHttpRequest object makes an
asynchronous request to the web server.
4) Web server returns XML(other) object
with data.
5) The XMLHttpRequest object receives the
XML data and calls a callback to process it.

XMLHttpRequest: XHR Interface
event listener XHR State
// event handler
attribute EventListener onreadystatechange;
// state
const unsigned short UNSENT = 0;
const unsigned short OPENED = 1;
const unsigned short HEADERS_RECEIVED = 2;
open
const unsigned short LOADING = 3;
const unsigned short DONE = 4;
send
readonly attribute unsigned short readyState;
abort
// request
void open(in DOMString method, in DOMString url);
void open(in DOMString method, in DOMString url, in boolean async);
void open(in DOMString method, in DOMString url, in boolean async, in DOMString user);
void open(in DOMString method, in DOMString url, in boolean async, in DOMString user, in DOMString password);
void setRequestHeader(in DOMString header, in DOMString value);
void send();
void send(in DOMString data);
void send(in Document data);
void abort();
Response
// response
(Text/XML)
DOMString getAllResponseHeaders();
DOMString getResponseHeader(in DOMString header);
readonly attribute DOMString responseText;
readonly attribute Document responseXML;
readonly attribute unsigned short status;
readonly attribute DOMString statusText;

XMLHttpRequest: How to get XHR
function getXHR() {
var request = null;
if (typeof XMLHttpRequest != 'undefined') {
request = new XMLHttpRequest();
}
else {
try {
request = new ActiveXObject(\"Msxml2.XMLHTTP\");
}
catch (e) {
try {
request = new ActiveXObject(\"Microsoft.XMLHTTP\");
}
catch (e) {}
}
}
return request;
}

XMLHttpRequest: Using XHR
var READY_STATE_COMPLETE=4;
var request = getXHR(); 1
2
request.onreadystatechange = function() {
if (request.readyState == READY_STATE_COMPLETE) {
//200 OK
if (request.status == 200) { 5.1
//process data
}
//Some error
5.2
else {
//process error
}
}
};
request.open(method,url,true); 3
request.send(null); 4

XMLHttpRequest: An example
A classic example is linked drop-downs.
Regions Cities

XMLHttpRequest: Supported methods
• GET
Requests a representation of the specified resource. By far the most common method used on the Web
today.
• POST
Submits data to be processed (e.g. from an HTML form) to the identified resource. The data is included in
the body of the request. This may result in the creation of a new resource or the updates of existing
resources or both.
• HEAD
Asks for the response identical to the one that would correspond to a GET request, but without the
response body. This is useful for retrieving meta-information written in response headers, without having
to transport the entire content.
• PUT
Uploads a representation of the specified resource.
• DELETE
Deletes the specified resource.
• OPTIONS
This method allows the client to determine the options and/or requirements associated with a resource.

XMLHttpRequest: GET method
var READY_STATE_COMPLETE=4;
1
var request = getXHR();
2
request.onreadystatechange = function() {
if (request.readyState == READY_STATE_COMPLETE) {
//200 OK
if (request.status == 200) { 5.1
//process data
}
//Some error
else { 5.2
//process error
is asynchronous?
}
}
};
request.open(\"GET\", \"/path?param1=value1&param2=value2\",true); 3
request.send(null); 4

XMLHttpRequest: POST method
var READY_STATE_COMPLETE=4;
1
var request = getXHR();
2
request.onreadystatechange = function() {
if (request.readyState == READY_STATE_COMPLETE) {
//200 OK
if (request.status == 200) { 5.1
//process data
}
//Some error
else { 5.2
//process error
is asynchronous?
}
}
};
request.open(\"POST\", \"/path\",true); 3
request.send(\"param1=value1&param2=value2\"); 4

XMLHttpRequest: Features
• object available in IE/Mozilla/Opera/Safari
• synchronous and asynchronous requests
• POST and GET support

XMLHttpRequest: Pros and Cons
+ not limited to XML
+ asynchronous calls
+ can receive HTTP status codes/headers
+ supported GET and POST
- back button problems
- same-origin policy

XMLHttpRequest: Same-origin policy
The philosophy of the same origin policy is simple: the browser should
not trust content loaded from arbitrary websites.
The term \"origin\" is defined using the domain name, protocol and port.
URL Outcome Reason
http://www.example.com/dir2/other.html Success Same protocol and host
http://www.example.com/dir/inner/other.html Success Same protocol and host
http://www.example.com:81/dir2/other.html Failure Same protocol and host but different port
https://www.example.com/dir2/other.html Failure Different protocol
http://en.example.com/dir2/other.html Failure Different host
http://example.com/dir2/other.html Failure Different host

Questions?

iframe transport

iframe transport: Fetching data flow
1) User generates an event (e.g. button click)
2) System creates a hidden IFrame and
configures with request parameters.
3) The IFrame element makes an request to
the web server.
4) Web server returns XML(other) object
with data.
5) The IFrame object receives the XML data
and fires a load event.

iframe transport: How to use
var iframe = document.createElement(\"iframe\"); 1
iframe.width=\"0\";
iframe.height=\"0\";
...
iframe.onload = bind(this.callback, this); 2
... GET
iframe.src = this.url + \"?\" + this.getRequestString(); 3
...
document.body.appendChild(this.iframe); 4
In order to use POST you need to
{ }
create <form> and fill it dynamically.

iframe transport: How to use
var iframe = document.createElement(\"iframe\"); 1
iframe.width=\"0\";
iframe.height=\"0\";
...
iframe.onload = bind(this.callback, this); 2
... GET
iframe.src = this.url + \"?\" + this.getRequestString(); 3
...
document.body.appendChild(this.iframe); 4
<iframe>
<!-- ... -->
<script type=\"text/javascript\">
window.parent.someFunction(/*data here*/);
</script>
<!-- ... -->
</iframe>

iframe transport: An example
Linked drop-downs example.
Regions Cities

iframe transport: Pros and Cons
+ wide browser compatibility
- browser history
- iframe not supported by XHTML strict
- cross-domain policy

iframe transport: Cross-domain policy
...
iframe.src = this.url + \"?\" + this.getRequestString();
...
different than current
<iframe>
http://host:port/path
<!-- ... -->
<script type=\"text/javascript\">
window.parent.handleIframeResponse(/*data here*/);
</script>
<!-- ... -->
</iframe>

Questions?

img cookie transport

img cookie transport: What is cookie?
Technically, cookies are arbitrary pieces of data chosen by the Web server and
sent to the browser.

img cookie transport: Cookies limitations
Relevant count of maximum stored cookies per domain for the major browsers
are:
Firefox 2
Firefox 3
Opera 9.30
IE 6
IE 7
Safari has no limit.
Safari
0 12.5 25.0 37.5 50.0
Cookies must be smaller than 4 kilobytes. Internet Explorer imposes a 4KB
total for all cookies stored in a given domain.

img cookie transport: Fetching data flow
1) Create <img> with request URL and append it to body. Browser makes a
request to the server.
2) Server sets cookies and sends response to the client.
3) Client checks cookies after some time interval.

img cookie transport: An example
...
var img = document.createElement(\"img\"); 1
img.width = \"0\";
img.heigth = \"0\";
img.src = this.url + \"?\" + this.getRequestString(this.data); 2
...
document.body.appendChild(this.img); 3
...
setTimeout(bind(this.callback,this),this.interval); 4

img cookie transport: Pros and Cons
+ lightweight
+ really really extra wide compatibility
- limited data due to GET and cookie limits

Questions?

script transport

script transport: Fetching data flow
1) Create <script> element with given src attribute. Browser makes
request to the server.
2) Server returns JSON data wrapped in function call.
3) Client runs function in own context.

script transport: JSON? What is it?
JSON (JavaScript Object Notation) is a lightweight data-interchange format.
• It is easy for humans to read and write.
• It is easy for machines to parse and generate.
• It is based on a subset of the JavaScript Programming Language.
• It is a text format that is completely language independent.

script transport: JSON? What is it?
{
{\"menu\": {
\"id\": \"file\",
\"value\": \"File\",
\"popup\": {
\"menuitem\": [
{\"value\": \"New\", \"onclick\": \"CreateNewDoc()\"},
{\"value\": \"Open\", \"onclick\": \"OpenDoc()\"},
{\"value\": \"Close\", \"onclick\": \"CloseDoc()\"}
]
}
}
}
}

script transport: An example
del.icio.us mashup

script transport: Pros and Cons
+ exempt from Same Origin restriction
+ less overhead (headers, cookies)
- JSON only
- GET method only

script transport: JSONP extension
Pass a name of callback function as jsonp parameter.
http://somehost:port/path?jsonp=funcName&param1=value1
jsonp + \"(\" + jsonResult + \");\"

Questions?

comet

comet: Intro
Named after kitchen cleaning.

comet: What is it?
Fundamentally, [Comet applications] all use long-lived HTTP
connections to reduce the latency with which messages
are passed to the server.
In essence, they do not poll the server occasionally. Instead
the server has an open line of communication with which
it can push data to the client.

comet: Who’s using it?

comet: Classic Ajax Application

comet: Comet Application

comet: An example
Highly interactive applications like chats, real-time games, etc.

comet: Pros and Cons
+ low latency
+ event-based server push
- client 2 connection limit
- pragmatically requires custom server component
Cometd
LightStreamer
...

Questions?