SlideShare a Scribd company logo

Re-Introduction to Third-party Scripting

B
benvinegar
Technology
1 of 58
Download to read offline
a re-introduction to third-party scripting techtalksTO Sunday, September 18, 2011
who invited this guy? • name’s ben • former torontonian • working at disqus in san francisco Sunday, September 18, 2011
DISQUS • dis·cuss • dĭ-skŭs' • third-party commenting platform • customers: CNN, MLB, IGN, and other exciting acronyms • 500 million visitors/month Sunday, September 18, 2011
third-party scripts Sunday, September 18, 2011
third-party scripts • js written by someone else • executing on your website • loaded from a remote server Sunday, September 18, 2011
third-party scripts Sunday, September 18, 2011
simple concept, powerful results Sunday, September 18, 2011
ad scripts Google AdSense (http://adsense.com) Sunday, September 18, 2011
analytics CrazyEgg (http://crazyegg.com) Sunday, September 18, 2011
embedded widgets Disqus (http://disqus.com) Sunday, September 18, 2011
widgets cont’d Guestlist (http://guestlistapp.com) Sunday, September 18, 2011
browser plugins Rapportive (http://rapportive.com) Sunday, September 18, 2011
js apis/sdks LinkedIn (http://developer.linkedin.com/javascript) Sunday, September 18, 2011
writing them != easy • operate in unknown, uncontrolled environment • shared DOM, globals • browser limitations • debugging remote sites is hard Sunday, September 18, 2011
the good news Sunday, September 18, 2011
it’s getting better • new browser features • newly discovered techniques (hacks) • powerful new open source libraries • published literature? Sunday, September 18, 2011
let’s take the tour Sunday, September 18, 2011
script loading Sunday, September 18, 2011
blocking includes • standard script includes block rendering • giving us a bad rep! • culprit: document.write Sunday, September 18, 2011
document.write Sunday, September 18, 2011
example: github gists Sunday, September 18, 2011
embedded gists Sunday, September 18, 2011
HTML5’s async attr Sunday, September 18, 2011
async-friendly insert Sunday, September 18, 2011
async browser support • Firefox 3.6+ • Chrome 7+ • Safari 5.0 • IE 10 (!) • Notably absent: Opera Sunday, September 18, 2011
dynamic script creation Sunday, September 18, 2011
first impressions count • hard to get website owners to update their script includes • people are still using blocking disqus include (deprecated mid-2009) • who still uses blocking GA include? Sunday, September 18, 2011
shared environment Sunday, September 18, 2011
global collisions • unknown scripts executing on same page • may introduce conflicting variables • DOM queries may inadvertently select your elements (or vice versa) Sunday, September 18, 2011
namespace your js! Sunday, September 18, 2011
bonus points: html • id=”dsq-comment-8” • class=”dsq-comment” • data-dsq-username=”jimbob” • Bad: class=”dsq-comment active” Sunday, September 18, 2011
js libs • you should use ‘em • what if they already exist on the page? Sunday, September 18, 2011
$.noConflict • utility method for assigning jQuery global ($) to a variable • great for namespacing • becoming a standard pattern Sunday, September 18, 2011
libs w/ noConflict • LABjs • Underscore.js • Backbone.js • Ender.js and its assoc. microlibs • easyXDM Sunday, September 18, 2011
destructive libs Sunday, September 18, 2011
sandboxing • run your code inside a src-less iframe • clean js environment • no global state leak Sunday, September 18, 2011
twitter @anywhere • twitter widget library • supports multiple lib versions/ instances per page • each version is sandboxed in a separate iframe Sunday, September 18, 2011
twitter @anywhere iframe A iframe B Sunday, September 18, 2011
hiro.js • QUnit-like js testing library • each test suite runs in a new iframe • optional: seed iframe environment Hiro (http://github.com/antonkovalyov/hiro) Sunday, September 18, 2011
ajax Sunday, September 18, 2011
cross-domain ajax • can’t initiate XmlHttpRequest from foo.com to bar.com • same-origin policy (host, port, protocol) • subdomains a ected too Sunday, September 18, 2011
w/o same-origin pol. • What if I hosted a page with the following ... Sunday, September 18, 2011
CORS • Cross-Origin Resource Sharing • special http headers that permit XD access to resources • W3C working draft • Firefox 3.5+, Chrome 3+, Safari 4+, IE8+ Sunday, September 18, 2011
CORS headers Cors Example (http://saltybeagle.com/cors) Sunday, September 18, 2011
JSONP • load JSON using <script> elements • script element bypasses same-origin policy • built-in helpers in most js frameworks Sunday, September 18, 2011
JSONP example Sunday, September 18, 2011
JSONP example Sunday, September 18, 2011
JSONP cont’d • only supports GET requests • script loading can’t detect 400, 500 errors (rely on timeouts) • caching complications when generating new response each time Sunday, September 18, 2011
postMessage • HTML5 API for cross-window communication • works with iframes, new windows • Firefox 3+, Safari 4+, Chrome (all), IE8+ Sunday, September 18, 2011
postMessage foo.com bar.com Sunday, September 18, 2011
iframe tunnels foo.com postMessage bar.com/ xhr tunnel.html bar.com/api Sunday, September 18, 2011
easyXDM • postMessage-like API for window objs • uses Flash, obscure transport protocols when postMessage is n/a • wider browser support • Disqus, Twitter, Scribd, LinkedIn ... easyXDM (http://easyxdm.net) Sunday, September 18, 2011
debugging Sunday, September 18, 2011
how do you debug this mess? Sunday, September 18, 2011
switches • serve unminified js for specific sites, users* Sunday, September 18, 2011
proxies • send all http tra c to a proxy server • rewrite production urls • from widget.com to ... • localhost • staging.widget.com • newfeature.staging.widget.com Sunday, September 18, 2011
wrapping up Sunday, September 18, 2011
thanks • @bentlegen • disqus is hiring js/python/django in san francisco • (canadians welcome) • book coming early 2018 Sunday, September 18, 2011

Recommended

Modern iframe programming
Modern iframe programmingModern iframe programming
Modern iframe programmingbenvinegar
 
Apcug 2011 07-17-intro_to_drupal_jeff_schuler
Apcug 2011 07-17-intro_to_drupal_jeff_schulerApcug 2011 07-17-intro_to_drupal_jeff_schuler
Apcug 2011 07-17-intro_to_drupal_jeff_schulerhewie
 
Happiness vs. Riches
Happiness vs. RichesHappiness vs. Riches
Happiness vs. Richesbostonsteamer
 
Keller module13
Keller module13Keller module13
Keller module13erikkaa
 
Borrador m.c sp
Borrador m.c spBorrador m.c sp
Borrador m.c spJuan Francisco Alvarez Illanes
 
A Re-Introduction to Third-Party Scripting
A Re-Introduction to Third-Party ScriptingA Re-Introduction to Third-Party Scripting
A Re-Introduction to Third-Party Scriptingbenvinegar
 
Building Distributed JavaScript Widgets with jQuery
Building Distributed JavaScript Widgets with jQueryBuilding Distributed JavaScript Widgets with jQuery
Building Distributed JavaScript Widgets with jQuerybenvinegar
 
2011 june-kuala-lumpur-gtug-hackathon
2011 june-kuala-lumpur-gtug-hackathon2011 june-kuala-lumpur-gtug-hackathon
2011 june-kuala-lumpur-gtug-hackathonikailan
 

Recommended

Modern iframe programming
Modern iframe programmingModern iframe programming
Modern iframe programmingbenvinegar
 
Apcug 2011 07-17-intro_to_drupal_jeff_schuler
Apcug 2011 07-17-intro_to_drupal_jeff_schulerApcug 2011 07-17-intro_to_drupal_jeff_schuler
Apcug 2011 07-17-intro_to_drupal_jeff_schulerhewie
 
Happiness vs. Riches
Happiness vs. RichesHappiness vs. Riches
Happiness vs. Richesbostonsteamer
 
Keller module13
Keller module13Keller module13
Keller module13erikkaa
 
Borrador m.c sp
Borrador m.c spBorrador m.c sp
Borrador m.c spJuan Francisco Alvarez Illanes
 
A Re-Introduction to Third-Party Scripting
A Re-Introduction to Third-Party ScriptingA Re-Introduction to Third-Party Scripting
A Re-Introduction to Third-Party Scriptingbenvinegar
 
Building Distributed JavaScript Widgets with jQuery
Building Distributed JavaScript Widgets with jQueryBuilding Distributed JavaScript Widgets with jQuery
Building Distributed JavaScript Widgets with jQuerybenvinegar
 
2011 june-kuala-lumpur-gtug-hackathon
2011 june-kuala-lumpur-gtug-hackathon2011 june-kuala-lumpur-gtug-hackathon
2011 june-kuala-lumpur-gtug-hackathonikailan
 
Capitol js
Capitol jsCapitol js
Capitol jsBrendan Eich
 
Symfony2: Get your project started
Symfony2: Get your project startedSymfony2: Get your project started
Symfony2: Get your project startedRyan Weaver
 
AFNetworking
AFNetworking AFNetworking
AFNetworking joaopmaia
 
Pocket Knife JS
Pocket Knife JSPocket Knife JS
Pocket Knife JSDiogo Antunes
 
Intro to HTML5 Game Programming
Intro to HTML5 Game ProgrammingIntro to HTML5 Game Programming
Intro to HTML5 Game ProgrammingJames Williams
 
Iwmn architecture
Iwmn architectureIwmn architecture
Iwmn architectureLenz Gschwendtner
 
Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012
Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012
Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012kennethaliu
 
HTML5, are we there yet?
HTML5, are we there yet?HTML5, are we there yet?
HTML5, are we there yet?Ovidiu Dimulescu
 
Sean coates fifty things and tricks, confoo 2011
Sean coates fifty things and tricks, confoo 2011Sean coates fifty things and tricks, confoo 2011
Sean coates fifty things and tricks, confoo 2011Bachkoutou Toutou
 
eZ Publish nextgen
eZ Publish nextgeneZ Publish nextgen
eZ Publish nextgenJérôme Vieilledent
 
Front end for back end developers
Front end for back end developersFront end for back end developers
Front end for back end developersWojciech Bednarski
 
Intridea & open source
Intridea & open sourceIntridea & open source
Intridea & open sourceDaniel Lv
 
HTML5 and Sencha Touch
HTML5 and Sencha TouchHTML5 and Sencha Touch
HTML5 and Sencha TouchPatrick Sheridan
 
DjangoSki
DjangoSkiDjangoSki
DjangoSkiBrian LeRoux
 
Toolset of Beansmile
Toolset of BeansmileToolset of Beansmile
Toolset of Beansmileleondu
 
Web API's World
Web API's WorldWeb API's World
Web API's WorldMichele Zonca
 
Creating a Global E-Commerce Website With E-Business Suite and Fusion Middleware
Creating a Global E-Commerce Website With E-Business Suite and Fusion MiddlewareCreating a Global E-Commerce Website With E-Business Suite and Fusion Middleware
Creating a Global E-Commerce Website With E-Business Suite and Fusion MiddlewareBrian Huff
 
WordPress Gallery Themes & Plugins
WordPress Gallery Themes & PluginsWordPress Gallery Themes & Plugins
WordPress Gallery Themes & PluginsNoel Saw
 
KubeSecOps
KubeSecOpsKubeSecOps
KubeSecOpsKarthik Gaekwad
 
Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...
Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...
Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...Brian Huff
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 

More Related Content

Similar to Re-Introduction to Third-party Scripting

Symfony2: Get your project started
Symfony2: Get your project startedSymfony2: Get your project started
Symfony2: Get your project startedRyan Weaver
 
AFNetworking
AFNetworking AFNetworking
AFNetworking joaopmaia
 
Intro to HTML5 Game Programming
Intro to HTML5 Game ProgrammingIntro to HTML5 Game Programming
Intro to HTML5 Game ProgrammingJames Williams
 
Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012
Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012
Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012kennethaliu
 
Sean coates fifty things and tricks, confoo 2011
Sean coates fifty things and tricks, confoo 2011Sean coates fifty things and tricks, confoo 2011
Sean coates fifty things and tricks, confoo 2011Bachkoutou Toutou
 
Front end for back end developers
Front end for back end developersFront end for back end developers
Front end for back end developersWojciech Bednarski
 
Intridea & open source
Intridea & open sourceIntridea & open source
Intridea & open sourceDaniel Lv
 
Toolset of Beansmile
Toolset of BeansmileToolset of Beansmile
Toolset of Beansmileleondu
 
Creating a Global E-Commerce Website With E-Business Suite and Fusion Middleware
Creating a Global E-Commerce Website With E-Business Suite and Fusion MiddlewareCreating a Global E-Commerce Website With E-Business Suite and Fusion Middleware
Creating a Global E-Commerce Website With E-Business Suite and Fusion MiddlewareBrian Huff
 
WordPress Gallery Themes & Plugins
WordPress Gallery Themes & PluginsWordPress Gallery Themes & Plugins
WordPress Gallery Themes & PluginsNoel Saw
 
Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...
Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...
Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...Brian Huff
 

Similar to Re-Introduction to Third-party Scripting (20)

Capitol js
Capitol jsCapitol js
Capitol js
 
Symfony2: Get your project started
Symfony2: Get your project startedSymfony2: Get your project started
Symfony2: Get your project started
 
AFNetworking
AFNetworking AFNetworking
AFNetworking
 
Pocket Knife JS
Pocket Knife JSPocket Knife JS
Pocket Knife JS
 
Intro to HTML5 Game Programming
Intro to HTML5 Game ProgrammingIntro to HTML5 Game Programming
Intro to HTML5 Game Programming
 
Iwmn architecture
Iwmn architectureIwmn architecture
Iwmn architecture
 
Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012
Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012
Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012
 
HTML5, are we there yet?
HTML5, are we there yet?HTML5, are we there yet?
HTML5, are we there yet?
 
Sean coates fifty things and tricks, confoo 2011
Sean coates fifty things and tricks, confoo 2011Sean coates fifty things and tricks, confoo 2011
Sean coates fifty things and tricks, confoo 2011
 
eZ Publish nextgen
eZ Publish nextgeneZ Publish nextgen
eZ Publish nextgen
 
Front end for back end developers
Front end for back end developersFront end for back end developers
Front end for back end developers
 
Intridea & open source
Intridea & open sourceIntridea & open source
Intridea & open source
 
HTML5 and Sencha Touch
HTML5 and Sencha TouchHTML5 and Sencha Touch
HTML5 and Sencha Touch
 
DjangoSki
DjangoSkiDjangoSki
DjangoSki
 
Toolset of Beansmile
Toolset of BeansmileToolset of Beansmile
Toolset of Beansmile
 
Web API's World
Web API's WorldWeb API's World
Web API's World
 
Creating a Global E-Commerce Website With E-Business Suite and Fusion Middleware
Creating a Global E-Commerce Website With E-Business Suite and Fusion MiddlewareCreating a Global E-Commerce Website With E-Business Suite and Fusion Middleware
Creating a Global E-Commerce Website With E-Business Suite and Fusion Middleware
 
WordPress Gallery Themes & Plugins
WordPress Gallery Themes & PluginsWordPress Gallery Themes & Plugins
WordPress Gallery Themes & Plugins
 
KubeSecOps
KubeSecOpsKubeSecOps
KubeSecOps
 
Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...
Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...
Integrating ECM (WebCenter Content) with your Enterprise! 5 Tips to Try, 5 Tr...
 

Recently uploaded

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 

Recently uploaded (20)

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 

Re-Introduction to Third-party Scripting

  • 1. a re-introduction to third-party scripting techtalksTO Sunday, September 18, 2011
  • 2. who invited this guy? • name’s ben • former torontonian • working at disqus in san francisco Sunday, September 18, 2011
  • 3. DISQUS • dis·cuss • dĭ-skŭs' • third-party commenting platform • customers: CNN, MLB, IGN, and other exciting acronyms • 500 million visitors/month Sunday, September 18, 2011
  • 5. third-party scripts • js written by someone else • executing on your website • loaded from a remote server Sunday, September 18, 2011
  • 7. simple concept, powerful results Sunday, September 18, 2011
  • 8. ad scripts Google AdSense (http://adsense.com) Sunday, September 18, 2011
  • 9. analytics CrazyEgg (http://crazyegg.com) Sunday, September 18, 2011
  • 10. embedded widgets Disqus (http://disqus.com) Sunday, September 18, 2011
  • 11. widgets cont’d Guestlist (http://guestlistapp.com) Sunday, September 18, 2011
  • 12. browser plugins Rapportive (http://rapportive.com) Sunday, September 18, 2011
  • 13. js apis/sdks LinkedIn (http://developer.linkedin.com/javascript) Sunday, September 18, 2011
  • 14. writing them != easy • operate in unknown, uncontrolled environment • shared DOM, globals • browser limitations • debugging remote sites is hard Sunday, September 18, 2011
  • 15. the good news Sunday, September 18, 2011
  • 16. it’s getting better • new browser features • newly discovered techniques (hacks) • powerful new open source libraries • published literature? Sunday, September 18, 2011
  • 17. let’s take the tour Sunday, September 18, 2011
  • 19. blocking includes • standard script includes block rendering • giving us a bad rep! • culprit: document.write Sunday, September 18, 2011
  • 21. example: github gists Sunday, September 18, 2011
  • 23. HTML5’s async attr Sunday, September 18, 2011
  • 25. async browser support • Firefox 3.6+ • Chrome 7+ • Safari 5.0 • IE 10 (!) • Notably absent: Opera Sunday, September 18, 2011
  • 26. dynamic script creation Sunday, September 18, 2011
  • 27. first impressions count • hard to get website owners to update their script includes • people are still using blocking disqus include (deprecated mid-2009) • who still uses blocking GA include? Sunday, September 18, 2011
  • 29. global collisions • unknown scripts executing on same page • may introduce conflicting variables • DOM queries may inadvertently select your elements (or vice versa) Sunday, September 18, 2011
  • 30. namespace your js! Sunday, September 18, 2011
  • 31. bonus points: html • id=”dsq-comment-8” • class=”dsq-comment” • data-dsq-username=”jimbob” • Bad: class=”dsq-comment active” Sunday, September 18, 2011
  • 32. js libs • you should use ‘em • what if they already exist on the page? Sunday, September 18, 2011
  • 33. $.noConflict • utility method for assigning jQuery global ($) to a variable • great for namespacing • becoming a standard pattern Sunday, September 18, 2011
  • 34. libs w/ noConflict • LABjs • Underscore.js • Backbone.js • Ender.js and its assoc. microlibs • easyXDM Sunday, September 18, 2011
  • 36. sandboxing • run your code inside a src-less iframe • clean js environment • no global state leak Sunday, September 18, 2011
  • 37. twitter @anywhere • twitter widget library • supports multiple lib versions/ instances per page • each version is sandboxed in a separate iframe Sunday, September 18, 2011
  • 38. twitter @anywhere iframe A iframe B Sunday, September 18, 2011
  • 39. hiro.js • QUnit-like js testing library • each test suite runs in a new iframe • optional: seed iframe environment Hiro (http://github.com/antonkovalyov/hiro) Sunday, September 18, 2011
  • 41. cross-domain ajax • can’t initiate XmlHttpRequest from foo.com to bar.com • same-origin policy (host, port, protocol) • subdomains a ected too Sunday, September 18, 2011
  • 42. w/o same-origin pol. • What if I hosted a page with the following ... Sunday, September 18, 2011
  • 43. CORS • Cross-Origin Resource Sharing • special http headers that permit XD access to resources • W3C working draft • Firefox 3.5+, Chrome 3+, Safari 4+, IE8+ Sunday, September 18, 2011
  • 44. CORS headers Cors Example (http://saltybeagle.com/cors) Sunday, September 18, 2011
  • 45. JSONP • load JSON using <script> elements • script element bypasses same-origin policy • built-in helpers in most js frameworks Sunday, September 18, 2011
  • 48. JSONP cont’d • only supports GET requests • script loading can’t detect 400, 500 errors (rely on timeouts) • caching complications when generating new response each time Sunday, September 18, 2011
  • 49. postMessage • HTML5 API for cross-window communication • works with iframes, new windows • Firefox 3+, Safari 4+, Chrome (all), IE8+ Sunday, September 18, 2011
  • 50. postMessage foo.com bar.com Sunday, September 18, 2011
  • 51. iframe tunnels foo.com postMessage bar.com/ xhr tunnel.html bar.com/api Sunday, September 18, 2011
  • 52. easyXDM • postMessage-like API for window objs • uses Flash, obscure transport protocols when postMessage is n/a • wider browser support • Disqus, Twitter, Scribd, LinkedIn ... easyXDM (http://easyxdm.net) Sunday, September 18, 2011
  • 54. how do you debug this mess? Sunday, September 18, 2011
  • 55. switches • serve unminified js for specific sites, users* Sunday, September 18, 2011
  • 56. proxies • send all http tra c to a proxy server • rewrite production urls • from widget.com to ... • localhost • staging.widget.com • newfeature.staging.widget.com Sunday, September 18, 2011
  • 58. thanks • @bentlegen • disqus is hiring js/python/django in san francisco • (canadians welcome) • book coming early 2018 Sunday, September 18, 2011