SlideShare a Scribd company logo

MunichJS - 2011-04-06

M
Mike West

Presentation to Munich JS on 2011-04-06: covers the Munich Chrome team's privacy efforts, and argues that IndexedDB is a better mechanism than localStorage for applications of any real complexity. HTML version up at http://20110406-munichjs.appspot.com/

Technology
1 of 39
Download to read offline
MunichJS: 2011-04-06 Mike West (mkwst@google.com)
Hi. I'm Mike. You can email me at mkwst@google.com, follow me on Twitter @mikewest, or visit my outdated blog at mikewest.org.
Two topics: IndexedDB (which is awesome). Chromium extension goodness.
IndexedDB
Uxebu are awesome. I'm thrilled that they're writing abstraction layers. Seriously, this rocks. If you haven't read the article, do.
“But how is this better than localStorage? It isn't.” I'm less thrilled that they're wrong.
My thesis: IndexedDB, or something like it, is the way forward. Yes, it's complex, and the API could be better, but we're adults here. We'll deal.
Why IndexedDB? A short intro to Chromium internals.
Chromium splits the world into one trusted browser and many untrusted renderers.
Browser All I/O goes through the browser; it's the only piece of Chromium that can make system calls, access files or DBs, and display output to the user.
Sandboxed Renderers Renderers run in processes with as few permissions as possible, and only have I/O access via IPC messages to the browser's process.
I/O is a bottleneck There's only one I/O messaging thread on each renderer; it's critical not to block while waiting for a response.
Asynchronous APIs! The additional conceptual complexity aside, they allow you to smoothly continue responding to user interactions.
With that in mind... What's wrong with this code? var x = JSON.stringify( complexObject ); window.localStorage['x'] = x; window.localStorage['anotherX'] = x;
Problem 1: localStorage requires objects be flattened via stringify, called synchronously in user-space. var x = JSON.stringify( complexObject ); window.localStorage['x'] = x; window.localStorage['anotherX'] = x;
IndexedDB stores unserialized objects As far as your (single-threaded) JavaScript process is concerned, you'll never block while processing JSON.
Problem 2: localStorage itself is synchronous, which means the assignment blocks while the write goes through to the file system. var x = JSON.stringify( complexObject ); window.localStorage['x'] = x; window.localStorage['anotherX'] = x;
IndexedDB is asynchronous. db.transaction(store, READ_WRITE). objectStore(store). put({ ... }). addEventListener( 'onsuccess', function (e) { ... });
Problem 3: There's no mechanism to ensure that both assignments go through successfully, nor that they both apply to the same baseline. var x = JSON.stringify( complexObject ); window.localStorage['x'] = x; window.localStorage['anotherX'] = x;
Transactions & Locking db.transaction(store, READ_WRITE)… db.transaction(store, READ_ONLY)…
Chrome Privacy
“Chromium provides users full transparency and control over the information managed by the browser.” Our privacy team's mission statement.
The team approaches this task in a number of ways, notably in terms of new extension APIs.
WebNavigation Events onBeforeNavigate onBeforeRetarget onCommitted onCompleted onDOMContentLoaded onErrorOccurred
Done when they're done... WebRequest API ContentSettings API DevTools (WebInspector, Debugger, etc.) And more... goo.gl/Hy6Jy
Stay up to date chromestatus.com and Last Week in Chromium/Webkit (goo.gl/XWEY3) are great resources. HTML5Rocks.com is full of useful tutorials (and will be localized soonish).
Questions? mkwst@google.com @mikewest

Recommended

Ajax
AjaxAjax
AjaxGovardhan Bhavani
 
Stefano Maestri - Blockchain and smart contracts, what they are and why you s...
Stefano Maestri - Blockchain and smart contracts, what they are and why you s...Stefano Maestri - Blockchain and smart contracts, what they are and why you s...
Stefano Maestri - Blockchain and smart contracts, what they are and why you s...Codemotion
 
Programming Languages and Development Tools: State of the Art and (Hopefully)...
Programming Languages and Development Tools: State of the Art and (Hopefully)...Programming Languages and Development Tools: State of the Art and (Hopefully)...
Programming Languages and Development Tools: State of the Art and (Hopefully)...Bambang Purnomosidi D. P.
 
Programming Decentralized Application
Programming Decentralized ApplicationProgramming Decentralized Application
Programming Decentralized ApplicationBambang Purnomosidi D. P.
 
BlockChain Basic Concepts
BlockChain Basic ConceptsBlockChain Basic Concepts
BlockChain Basic ConceptsMuLearn
 
Intro to mongo db
Intro to mongo dbIntro to mongo db
Intro to mongo dbChi Lee
 
03 blockchain transactions
03 blockchain transactions03 blockchain transactions
03 blockchain transactionsBastianBlankenburg
 
Blockchain Programming
Blockchain ProgrammingBlockchain Programming
Blockchain ProgrammingRhea Myers
 

Recommended

Ajax
AjaxAjax
AjaxGovardhan Bhavani
 
Stefano Maestri - Blockchain and smart contracts, what they are and why you s...
Stefano Maestri - Blockchain and smart contracts, what they are and why you s...Stefano Maestri - Blockchain and smart contracts, what they are and why you s...
Stefano Maestri - Blockchain and smart contracts, what they are and why you s...Codemotion
 
Programming Languages and Development Tools: State of the Art and (Hopefully)...
Programming Languages and Development Tools: State of the Art and (Hopefully)...Programming Languages and Development Tools: State of the Art and (Hopefully)...
Programming Languages and Development Tools: State of the Art and (Hopefully)...Bambang Purnomosidi D. P.
 
Programming Decentralized Application
Programming Decentralized ApplicationProgramming Decentralized Application
Programming Decentralized ApplicationBambang Purnomosidi D. P.
 
BlockChain Basic Concepts
BlockChain Basic ConceptsBlockChain Basic Concepts
BlockChain Basic ConceptsMuLearn
 
Intro to mongo db
Intro to mongo dbIntro to mongo db
Intro to mongo dbChi Lee
 
03 blockchain transactions
03 blockchain transactions03 blockchain transactions
03 blockchain transactionsBastianBlankenburg
 
Blockchain Programming
Blockchain ProgrammingBlockchain Programming
Blockchain ProgrammingRhea Myers
 
Intro to IndexedDB (Beta)
Intro to IndexedDB (Beta)Intro to IndexedDB (Beta)
Intro to IndexedDB (Beta)Mike West
 
Mitigate Maliciousness -- jQuery Europe 2013
Mitigate Maliciousness -- jQuery Europe 2013Mitigate Maliciousness -- jQuery Europe 2013
Mitigate Maliciousness -- jQuery Europe 2013Mike West
 
comparatives
comparativescomparatives
comparativeshome
 
Indexed db
Indexed dbIndexed db
Indexed dbMartin Giger
 
2nd Conditional
2nd Conditional2nd Conditional
2nd Conditionalhome
 
Love The Terminal
Love The TerminalLove The Terminal
Love The TerminalMike West
 
Webquest Template0[1]
Webquest Template0[1]Webquest Template0[1]
Webquest Template0[1]guest21e82c
 
Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007Stephan Chenette
 
Sandboxing JS and HTML. A lession Learned
Sandboxing JS and HTML. A lession LearnedSandboxing JS and HTML. A lession Learned
Sandboxing JS and HTML. A lession LearnedMinded Security
 
The Future of Web Attacks - CONFidence 2010
The Future of Web Attacks - CONFidence 2010The Future of Web Attacks - CONFidence 2010
The Future of Web Attacks - CONFidence 2010Mario Heiderich
 
Real World Single Page App - A Knockout Case Study
Real World Single Page App - A Knockout Case StudyReal World Single Page App - A Knockout Case Study
Real World Single Page App - A Knockout Case Studyhousecor
 
All of Javascript
All of JavascriptAll of Javascript
All of JavascriptTogakangaroo
 
Cross site scripting
Cross site scriptingCross site scripting
Cross site scriptingDilan Warnakulasooriya
 
Designing A Project Using Java Programming
Designing A Project Using Java ProgrammingDesigning A Project Using Java Programming
Designing A Project Using Java ProgrammingKaty Allen
 
Thug: a new low-interaction honeyclient
Thug: a new low-interaction honeyclientThug: a new low-interaction honeyclient
Thug: a new low-interaction honeyclientAngelo Dell'Aera
 
"Scala in Goozy", Alexey Zlobin
"Scala in Goozy", Alexey Zlobin "Scala in Goozy", Alexey Zlobin
"Scala in Goozy", Alexey Zlobin Vasil Remeniuk
 
(In)Security Implication in the JS Universe
(In)Security Implication in the JS Universe(In)Security Implication in the JS Universe
(In)Security Implication in the JS UniverseStefano Di Paola
 
Dojo - from web page to web apps
Dojo - from web page to web appsDojo - from web page to web apps
Dojo - from web page to web appsyoavrubin
 
All of javascript
All of javascriptAll of javascript
All of javascriptTogakangaroo
 
Node.js Enterprise Middleware
Node.js Enterprise MiddlewareNode.js Enterprise Middleware
Node.js Enterprise MiddlewareBehrad Zari
 
JS Libraries and jQuery Overview
JS Libraries and jQuery OverviewJS Libraries and jQuery Overview
JS Libraries and jQuery OverviewAleksandr Motsjonov
 
Node.js: A Guided Tour
Node.js: A Guided TourNode.js: A Guided Tour
Node.js: A Guided Tourcacois
 

More Related Content

Viewers also liked

Intro to IndexedDB (Beta)
Intro to IndexedDB (Beta)Intro to IndexedDB (Beta)
Intro to IndexedDB (Beta)Mike West
 
Mitigate Maliciousness -- jQuery Europe 2013
Mitigate Maliciousness -- jQuery Europe 2013Mitigate Maliciousness -- jQuery Europe 2013
Mitigate Maliciousness -- jQuery Europe 2013Mike West
 
comparatives
comparativescomparatives
comparativeshome
 
2nd Conditional
2nd Conditional2nd Conditional
2nd Conditionalhome
 
Love The Terminal
Love The TerminalLove The Terminal
Love The TerminalMike West
 
Webquest Template0[1]
Webquest Template0[1]Webquest Template0[1]
Webquest Template0[1]guest21e82c
 

Viewers also liked (7)

Intro to IndexedDB (Beta)
Intro to IndexedDB (Beta)Intro to IndexedDB (Beta)
Intro to IndexedDB (Beta)
 
Mitigate Maliciousness -- jQuery Europe 2013
Mitigate Maliciousness -- jQuery Europe 2013Mitigate Maliciousness -- jQuery Europe 2013
Mitigate Maliciousness -- jQuery Europe 2013
 
comparatives
comparativescomparatives
comparatives
 
Indexed db
Indexed dbIndexed db
Indexed db
 
2nd Conditional
2nd Conditional2nd Conditional
2nd Conditional
 
Love The Terminal
Love The TerminalLove The Terminal
Love The Terminal
 
Webquest Template0[1]
Webquest Template0[1]Webquest Template0[1]
Webquest Template0[1]
 

Similar to MunichJS - 2011-04-06

Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007Stephan Chenette
 
Sandboxing JS and HTML. A lession Learned
Sandboxing JS and HTML. A lession LearnedSandboxing JS and HTML. A lession Learned
Sandboxing JS and HTML. A lession LearnedMinded Security
 
The Future of Web Attacks - CONFidence 2010
The Future of Web Attacks - CONFidence 2010The Future of Web Attacks - CONFidence 2010
The Future of Web Attacks - CONFidence 2010Mario Heiderich
 
Real World Single Page App - A Knockout Case Study
Real World Single Page App - A Knockout Case StudyReal World Single Page App - A Knockout Case Study
Real World Single Page App - A Knockout Case Studyhousecor
 
Designing A Project Using Java Programming
Designing A Project Using Java ProgrammingDesigning A Project Using Java Programming
Designing A Project Using Java ProgrammingKaty Allen
 
Thug: a new low-interaction honeyclient
Thug: a new low-interaction honeyclientThug: a new low-interaction honeyclient
Thug: a new low-interaction honeyclientAngelo Dell'Aera
 
"Scala in Goozy", Alexey Zlobin
"Scala in Goozy", Alexey Zlobin "Scala in Goozy", Alexey Zlobin
"Scala in Goozy", Alexey Zlobin Vasil Remeniuk
 
(In)Security Implication in the JS Universe
(In)Security Implication in the JS Universe(In)Security Implication in the JS Universe
(In)Security Implication in the JS UniverseStefano Di Paola
 
Dojo - from web page to web apps
Dojo - from web page to web appsDojo - from web page to web apps
Dojo - from web page to web appsyoavrubin
 
Node.js Enterprise Middleware
Node.js Enterprise MiddlewareNode.js Enterprise Middleware
Node.js Enterprise MiddlewareBehrad Zari
 
JS Libraries and jQuery Overview
JS Libraries and jQuery OverviewJS Libraries and jQuery Overview
JS Libraries and jQuery OverviewAleksandr Motsjonov
 
Node.js: A Guided Tour
Node.js: A Guided TourNode.js: A Guided Tour
Node.js: A Guided Tourcacois
 
Douglas - Real JavaScript
Douglas - Real JavaScriptDouglas - Real JavaScript
Douglas - Real JavaScriptd0nn9n
 
Locking the Throneroom 2.0
Locking the Throneroom 2.0Locking the Throneroom 2.0
Locking the Throneroom 2.0Mario Heiderich
 
The Ultimate Deobfuscator - ToorCON San Diego 2008
The Ultimate Deobfuscator - ToorCON San Diego 2008The Ultimate Deobfuscator - ToorCON San Diego 2008
The Ultimate Deobfuscator - ToorCON San Diego 2008Stephan Chenette
 
Microservice pitfalls
Microservice pitfalls Microservice pitfalls
Microservice pitfalls Mite Mitreski
 

Similar to MunichJS - 2011-04-06 (20)

Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007Automated JavaScript Deobfuscation - PacSec 2007
Automated JavaScript Deobfuscation - PacSec 2007
 
Sandboxing JS and HTML. A lession Learned
Sandboxing JS and HTML. A lession LearnedSandboxing JS and HTML. A lession Learned
Sandboxing JS and HTML. A lession Learned
 
The Future of Web Attacks - CONFidence 2010
The Future of Web Attacks - CONFidence 2010The Future of Web Attacks - CONFidence 2010
The Future of Web Attacks - CONFidence 2010
 
Real World Single Page App - A Knockout Case Study
Real World Single Page App - A Knockout Case StudyReal World Single Page App - A Knockout Case Study
Real World Single Page App - A Knockout Case Study
 
All of Javascript
All of JavascriptAll of Javascript
All of Javascript
 
Cross site scripting
Cross site scriptingCross site scripting
Cross site scripting
 
Designing A Project Using Java Programming
Designing A Project Using Java ProgrammingDesigning A Project Using Java Programming
Designing A Project Using Java Programming
 
Thug: a new low-interaction honeyclient
Thug: a new low-interaction honeyclientThug: a new low-interaction honeyclient
Thug: a new low-interaction honeyclient
 
"Scala in Goozy", Alexey Zlobin
"Scala in Goozy", Alexey Zlobin "Scala in Goozy", Alexey Zlobin
"Scala in Goozy", Alexey Zlobin
 
(In)Security Implication in the JS Universe
(In)Security Implication in the JS Universe(In)Security Implication in the JS Universe
(In)Security Implication in the JS Universe
 
Dojo - from web page to web apps
Dojo - from web page to web appsDojo - from web page to web apps
Dojo - from web page to web apps
 
All of javascript
All of javascriptAll of javascript
All of javascript
 
Node.js Enterprise Middleware
Node.js Enterprise MiddlewareNode.js Enterprise Middleware
Node.js Enterprise Middleware
 
JS Libraries and jQuery Overview
JS Libraries and jQuery OverviewJS Libraries and jQuery Overview
JS Libraries and jQuery Overview
 
Node.js: A Guided Tour
Node.js: A Guided TourNode.js: A Guided Tour
Node.js: A Guided Tour
 
HTML5
HTML5HTML5
HTML5
 
Douglas - Real JavaScript
Douglas - Real JavaScriptDouglas - Real JavaScript
Douglas - Real JavaScript
 
Locking the Throneroom 2.0
Locking the Throneroom 2.0Locking the Throneroom 2.0
Locking the Throneroom 2.0
 
The Ultimate Deobfuscator - ToorCON San Diego 2008
The Ultimate Deobfuscator - ToorCON San Diego 2008The Ultimate Deobfuscator - ToorCON San Diego 2008
The Ultimate Deobfuscator - ToorCON San Diego 2008
 
Microservice pitfalls
Microservice pitfalls Microservice pitfalls
Microservice pitfalls
 

Recently uploaded

Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 

Recently uploaded (20)

Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 

MunichJS - 2011-04-06

  • 1. MunichJS: 2011-04-06 Mike West (mkwst@google.com)
  • 2. Hi. I'm Mike. You can email me at mkwst@google.com, follow me on Twitter @mikewest, or visit my outdated blog at mikewest.org.
  • 3. Two topics: IndexedDB (which is awesome). Chromium extension goodness.
  • 5.
  • 6. Uxebu are awesome. I'm thrilled that they're writing abstraction layers. Seriously, this rocks. If you haven't read the article, do.
  • 7. “But how is this better than localStorage? It isn't.” I'm less thrilled that they're wrong.
  • 8.
  • 9. My thesis: IndexedDB, or something like it, is the way forward. Yes, it's complex, and the API could be better, but we're adults here. We'll deal.
  • 10. Why IndexedDB? A short intro to Chromium internals.
  • 11.
  • 12. Chromium splits the world into one trusted browser and many untrusted renderers.
  • 13. Browser All I/O goes through the browser; it's the only piece of Chromium that can make system calls, access files or DBs, and display output to the user.
  • 14.
  • 15. Sandboxed Renderers Renderers run in processes with as few permissions as possible, and only have I/O access via IPC messages to the browser's process.
  • 16.
  • 17. I/O is a bottleneck There's only one I/O messaging thread on each renderer; it's critical not to block while waiting for a response.
  • 18.
  • 19. Asynchronous APIs! The additional conceptual complexity aside, they allow you to smoothly continue responding to user interactions.
  • 20. With that in mind... What's wrong with this code? var x = JSON.stringify( complexObject ); window.localStorage['x'] = x; window.localStorage['anotherX'] = x;
  • 21. Problem 1: localStorage requires objects be flattened via stringify, called synchronously in user-space. var x = JSON.stringify( complexObject ); window.localStorage['x'] = x; window.localStorage['anotherX'] = x;
  • 22. IndexedDB stores unserialized objects As far as your (single-threaded) JavaScript process is concerned, you'll never block while processing JSON.
  • 23. Problem 2: localStorage itself is synchronous, which means the assignment blocks while the write goes through to the file system. var x = JSON.stringify( complexObject ); window.localStorage['x'] = x; window.localStorage['anotherX'] = x;
  • 24. IndexedDB is asynchronous. db.transaction(store, READ_WRITE). objectStore(store). put({ ... }). addEventListener( 'onsuccess', function (e) { ... });
  • 25. Problem 3: There's no mechanism to ensure that both assignments go through successfully, nor that they both apply to the same baseline. var x = JSON.stringify( complexObject ); window.localStorage['x'] = x; window.localStorage['anotherX'] = x;
  • 26. Transactions & Locking db.transaction(store, READ_WRITE)… db.transaction(store, READ_ONLY)…
  • 27.
  • 29. “Chromium provides users full transparency and control over the information managed by the browser.” Our privacy team's mission statement.
  • 30. The team approaches this task in a number of ways, notably in terms of new extension APIs.
  • 31.
  • 32.
  • 33.
  • 34. WebNavigation Events onBeforeNavigate onBeforeRetarget onCommitted onCompleted onDOMContentLoaded onErrorOccurred
  • 35. Done when they're done... WebRequest API ContentSettings API DevTools (WebInspector, Debugger, etc.) And more... goo.gl/Hy6Jy
  • 36. Stay up to date chromestatus.com and Last Week in Chromium/Webkit (goo.gl/XWEY3) are great resources. HTML5Rocks.com is full of useful tutorials (and will be localized soonish).
  • 37.
  • 38.