This document discusses top HTML5 features for Oracle Cloud developers. It begins with an introduction to various Oracle Cloud services that use HTML5 extensively, such as Oracle Sites Cloud Service. It then discusses why HTML5 is important for cloud development due to its wide acceptance, rapid development cycles, and cheaper hosting model. The document outlines the top 10 HTML5 features developers should know, including semantic HTML, local storage, geolocation, OAuth2, CORS, advanced forms, WebSockets, WebWorkers, built-in audio/video support, and custom DOM elements. It provides details and examples for each feature.
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 10 HTML5 Features for Oracle Cloud Developers
1. Top 10 HTML5 Features for
Oracle Cloud Developers
Brian “Bex” Huff
Chief Software Architect
2. 2
Agenda
Intro to Oracle Cloud
• Which ones use HTML5 extensively?
Intro to HTML5
• Why lightweight HTML5 frameworks are usually superior
Top 10 HTML5 features
• The big ones you should know about
HTML5 Frameworks
• Oracle JET, jQuery, node.js, etc.
Questions/Comments?
The most recent version of this presentation is on SlideShare:
http://www.slideshare.net/bexmex/
3. 3
Intro to Oracle Cloud
Oracle Sites Cloud Service
• Extension of Oracle Document Cloud Service
• HTML5 centric application for website design
Oracle Social Cloud
• Deep integrations with the other cloud applications
• Soon to be bundled with Document Cloud
Oracle Mobile Cloud
• Create rich mobile web apps with the power of native
• Leverages HTML5 browser built into all smartphones
4. 4
Why HTML5?
HTML5 is critical for cloud development
Accepted on almost all platforms
• Easier to support homogenous environment if based on open standards
Rapid development cycles
• Less need for server-side code development
Cheaper hosting model
• Heavy CPU processing on client browser, not server hardware
5. Why HTML5 for the enterprise
Enterprise apps are (slowly) moving to the cloud
Cloud apps use a more open and friendly architecture
• Based on standard protocols
• HTTP, XML, JSON
Heavy frameworks still have value (ADF, etc)
• But entire point of the cloud is the least complex way to solve problems
• Heavily customized system? Probably need on-premise solution w/ADF
• Simplified front end? JavaScript and HTML5 are the future
5
6. Brief History of HTML5
Initiated in 2004 by Apple, Mozilla, Google, and Microsoft
XHTML dropped by the W3C in favor of HTML5 in 2009
Apple bundles HTML5 compliant browser into iPhone
Apple officially rejects mobile Flash in April 2010
Adobe stops developing mobile Flash in November 2011
Became a W3C 1.0 standard in October 2014
But the most critical event in the history of HTML5???
Microsoft drops support for browsers older than IE 11/Edge in
January 2016
6
7. 7
Top 10 Features
1. Semantic HTML
2. Local Storage
3. Geolocation
4. New security options: OAuth2
5. Cross-Origin Resource Sharing
6. Advanced HTML forms
7. WebSockets
8. WebWorkers
9. Built in Audio/Video support
10.Custom DOM Elements and Attributes
8. 8
1) Semantic HTML
Explicit tags for the sections of a page everybody uses
• header, footer, article, section, nav, menu
Structure
• http://www.hongkiat.com/blog/html-5-semantics/
• https://www.w3.org/WAI/GL/wiki/Using_HTML5_section_elements
Semantic web comes closer, but probably wont happen yet
• RDFa protocol
• schema.org microdata
• JSON-LD
9. Semantic HTML Example
<body>
<header>
<h1>Welcome To Our Website!</h1>
</header>
<nav>
<header>
<h2>Please select one!</h2>
</header>
<ul>
<li>Menu 1</li>
<li>Menu 2</li>
</ul>
</nav>
<aside>
<h2>Get To Know Us Better!</h2>
<section>
<h3>Popular Posts</h3>
</section>
</aside>
9
10. Semantic HTML Example, cont.
<article>
<header>
<h1>Title of Article</h1>
<h2>Subtitle of Article</h2>
</header>
<section>
<h3>First Logical Part (e.g. "Theory")</h3>
<p>Paragraph 1 in first section</p>
</section>
<footer>
<h4>Author Bio</h4>
<p>Paragraph in Article's Footer</p>
</footer>
</article>
<footer>
<div>Social Media Links</div>
</footer>
</body>
10
11. 11
2) Local storage
Allows large “offline” storage of structured data
• Bye bye cookies, hello database!
• By default, up to 5 Megs per website
• Expandable with user permission
• http://stackoverflow.com/questions/6276282/how-can-i-request-an-increase-to-
the-html5-localstorage-size-on-ipad-like-the-f
All browser support basic offline Web Storage for strings:
localStorage["foobar"] = "my data";
localStorage.setItem("foobar", "my data");
sessionStorage["colorScheme"] = "oracle-red";
Objects must be explicitly serialized into JSON:
localStorage["foobar"] = JSON.stringify("my data");
var foobar = JSON.parse(localStorage["foobar"]);
12. 12
2) Local storage, cont.
contenteditable
• Cool flag to auto-add this functionality
• http://html5demos.com/contenteditable
• But keep in mind, the UI is kind of terrible
• https://medium.com/medium-eng/why-contenteditable-is-terrible-122d8a40e480
<section id="editable" contenteditable="true">
<p>This text is natively editable in the browser</p>
</section>
<script>
var editable = document.getElementById('editable');
addEvent(editable, 'blur', function () {
localStorage.setItem('contenteditable', this.innerHTML);
});
</script>
13. 13
2) Local storage, cont.
Query languages exist, but are not universal
• LocalStorage
• Supported by all browsers, but just name-value pairs
• WebSQL
• Supported in Chrome and Safari, but deprecated since 2010
• IndexedDB
• Successor to both, but browser support is very spotty
• Kind of slow, weird API
Query Performance is in its infancy
• IndexDB blocks the DOM unless run as a Web Worker (discussed later)
Not hopeful for any decent query standard any time soon
• Classic example of why WHATWG was better than W3C
14. 14
3) Geolocation
Allows web sites to determine the location of the client
• http://html5demos.com/geo
• http://www.w3schools.com/html/html5_geolocation.asp
Not just for mobile web: also for laptops and mobile web sites
15. 15
3) Geolocation, cont.
How does it know my location???
• This is left up to the implementers of the spec to determine
• Each browser and platform has a different process
Mobile web: location is usually known
• Either GPS or cell tower info
Desktop
• In Chrome, it sends a message with your network info (IP address, MAC
address, Access Point, signal strength) to a Google service
• Compares to data Google Maps gathered about WiFi access points
• Or get closest known public router based on IP address
16. 16
4) OAuth2
Add-on to HTML5, built into most Oracle Cloud apps
• Not strictly part of the spec, but critical for its future
Think of OAuth2 as the “valet key for the web”
• Grants limited access to specific resources, without giving it all away
OAuth2 process:
1.An application requests authorization on a user's behalf.
2.The application obtains a Grant Token.
3.The client requests an Access Token by using the Grant Token.
4.The authorization server validates the Grant Token and issues an Access
Token and a Refresh Token.
5.The client requests the protected resource, authenticating using the
Access Token.
6.The resource server verifies the Access Token and serves the request.
18. 18
5) Cross Origin Resource Sharing
Previously, AJAX calls could only go back to original server
• Probably the most irritating security ‘feature’ in HTML4
Could not host HTML and JS on two domains without hacks
• Google Maps was ‘hackable’ but most sites were not
• Each loaded JavaScript file needed a ‘callback’ to load
• Every developer had to roll their own callback API
Now, new HTTP header to load sources from multiple servers
• Access-Control-Allow-Origin: *
19. 5) Cross Origin Resource Sharing, cont.
Use standard AJAX objects across domains
var req = new XmlHTTPRequest();
req.open("POST", "http://example.org");
Use new window.postMessage to message across domains
window.postMessage("hello world!", "http://example.org");
function receiveMessage(event) {
// minimal security checks
if (event.origin !== "http://example.org")
return;
alert(event.data);
}
window.addEventListener("message", receiveMessage, false);
19
20. 20
6) Advanced Web Forms
HTML5 adds form options that have been sorely needed for
decades
New input types
• url, tel(telephone number), email, number, color, range, datetime, etc
Automatic in-line validation: critical for mobile web
• Use the pattern attribute to do regular expression validation
• Also specify min, max, required and a placeholder text
<input type="text" id="productId" pattern="[A-Z]{3}[0-9]{3}"
placeholder="XXX999" maxlength="6" required/>
<input type="number" id="quantity" min="0" max="100" step="1" />
21. 21
7) WebSockets
Web protocols (HTTP) are “stateless”
• By design, as soon as the page is drawn, the data might be out of date
• How do we know when the data has been updated?
Prior to HTML5, had to use JavaScript to “poll” for new data
• JavaScript timeouts to load in new data
• Every application/framework had to roll their own
• Fairly high overhead, depending on the framework
WebSockets act like normal sockets
• Allows back-end HTTP server to “push” new notifications to web front end
22. 7) WebSockets, cont.
var connection = new WebSocket('ws://example.com/echo');
connection.onerror = function (error) {
alert('WebSocket Error ' + error);
};
connection.onmessage = function (e) {
alert('Server said: ' + e.data);
};
// send a string, binary data, or even a file!
connection.send('your message');
var binary = new Uint8Array(img.data.length);
connection.send(binary.buffer);
var file = document.querySelector('input[type="file"]').files[0];
connection.send(file);
22
23. 23
8) WebWorkers
JavaScript is a single-threaded programming language
• All scripts and events handled by one single thread
• So if one function takes a long time, the whole web page hangs!
• Major reason why JavaScript cant run heavy enterprise apps
The solution? WebWorkers!
• Runs in the background, instead of the foreground
• No more JavaScript errors from hogging the CPU resources
• Send messages from main window to worker window
24. 8) WebWorkers, cont.
Typically, the main page will start a worker, and post JSON
formatted messages to it
• Binary data in buffers can also be transferred
<output id="result"></output>
<script>
var worker = new Worker('doWork.js');
worker.addEventListener('message', function(e) {
document.getElementById('result').textContent = e.data;
}, false);
worker.postMessage({'cmd':'doStuff', 'msg':'my message...'});
worker.terminate();
</script>
24
25. 8) WebWorkers, cont.
The worker page (doWork.js) creates an event listener, and
responds to messages from the main page by posing a message
to the ‘self’ object:
self.addEventListener('message', function(e) {
var data = e.data;
switch (data.cmd) {
case 'doStuff':
self.postMessage('DOING STUFF: ' + data.msg);
break;
default:
self.postMessage('Unknown command: ' + data.msg);
};
}, false);
25
26. 8) WebWorkers, cont.
For security, performance, and thread-safety a web worker has
more limited access to JavaScript functions
The following objects are not available:
• The DOM (it's not thread-safe)
• The window object
• The document object
• The parent object
26
27. 27
9) Audio and Video Support
New elements: <video> ,<audio>, and <track>
Mostly eliminates the need for JavaFX, Flash, or Silverlight
HTML5 is now the enterprise video/audio standard
• http://www.ramp.com/enterprise/the-dawn-of-html5-video-as-the-
enterprise-standard/
YouTube made HTML5 its default delivery platform in 2015
• http://youtube-eng.blogspot.com/2015/01/youtube-now-defaults-to-
html5_27.html
28. 28
9) Audio and Video Support, cont.
YouTube wanted to make the jump years ago, but several pieces
were missing that have been recently added:
• Fullscreen mode
• WebRTC: real time video communication between browsers
• Google hangouts
• Encrypted media extensions
• Adaptive Bitrate: downgrade to lower video quality based on bandwidth
• MediaSource extensions: allow JavaScript to create and manage streams
29. 29
10) Custom DOM Elements and Attributes
In addition to semantic HTML, you can make your own custom
elements and attributes
• Make HTML more like XML, and avoid pages of <div> soup
Custom elements can be declared in the HTML like others:
<my-elem></my-elem>
The behavior of the custom element is like the <span> tag, until
you register the element and its behavior:
var myElem = document.registerElement('my-elem', {
prototype: Object.create(HTMLElement.prototype)
});
document.body.appendChild(new myElem());
;
30. 30
10) Custom DOM Elements and Attributes, cont.
Custom data attributes can be added to all elements:
<div id="foo" data-my-attribute="bar"></div>
Access data with the standard getAttribute function:
var foo = document.getElementById('foo');
var data = plant.getAttribute('data-my-attribute');
Limitations and best practices:
• Custom elements must contain a dash
• Ensures it will be compatible with future HTML6 tags
• Custom attributes must start with data-
• HTML5 spec strongly states that data attributes be PRIVATE to that page
• Only JavaScript on that page should interact with those attributes
• Should not be considered a replacement for microformats
• IE 11 supports custom attributes, not custom elements (yet)
31. 31
Tips & Tricks
HTML5 opens new security holes that need to be plugged
• WebSockets and Cross Origin Resource Sharing in particular
• Never, ever, ever assume LocalStorage can be trusted!
• https://www.owasp.org/index.php/HTML5_Security_Cheat_Sheet
Double check for browser compatability
• Check http://caniuse.com/ to verify
Performance will likely be an issue for a while
• Plan on using web workers a lot!
32. 32
HTML5 Frameworks to Use
Oracle JavaScript Extension Toolkit (JET)
• Lightweight JS framework for Oracle apps
• Use in Oracle Dev cloud, Social cloud
jQuery
• Most battle-tested HTML/JS framework
• Uses HTML5 features when possible, or downgrades to HTML4 for older
browsers
Node.js
• Front end and back end JavaScript framework
• More free developer packages that Ruby, Python, or Rails
All can be added to DEV cloud or Sites cloud
33. 33
My Company: http://bezzotech.com
My Blog: http://bexhuff.com
My Self: bex@bezzotech.com
Questions?