SlideShare a Scribd company logo

Stay Out Please

Download as PPTX, PDF
E
efim13

How to use postmessage to solve cross domain communication issues. How to use the postmessage protocol inside backbone models.

1 of 43
Stay Out Please Itai Koren | July 2013 Framework Frontend Team @LivePerson
Who am I? Itai Koren Tech-savvy Engineer @LivePerson A Programmer itaik@liveperson.com
Who am I? “Programmer - an organism that turns coffee into software.” - Author Unknown
Who am I? ~10 x Cups === feature
Who am I? LivePerson Framework Frontend Team
Today’s Web Applications Today’s web applications/platforms are more than just websites
Today’s Web Applications Javascript SDK’s/API’s
Today’s Web Applications
Today’s Web Applications
Today’s Web Applications
Today’s Web Applications
Today’s Web Applications Widgets
Today’s Web Applications
Today’s Web Applications
Today’s Web Applications “Learning JavaScript used to mean you weren't a serious software developer. Today, not learning Javascript means the same thing.” - Jens Ohlig
Stay Out Please XMLHttpRequest api.lpprod.net Backbone jQuery as transport
Stay Out Please S O Ptay ut leaseame rigin olicy
Same Origin Policy • Important security concept within modern browsers • Originally released with Netscape Navigator 2 (March 1996) • Permits script tags, images, css from any site (origin) • Permits XHR only from the same site (origin) • Prevents access to most methods and properties across different sites (origins)
Same Origin Policy So which solution can we use?
Today’s Web Applications “A good programmer is someone who always looks both ways before crossing a one-way street.” - Doug Linder
Same Origin Policy We can always use JSONP WOT?
JSONP • Stands for JSON with Padding • Script tags are exception to the Same Origin Policy • Just loading a script with JSON data cannot help us (will be lost in the global context) • The padding allows us to wrap the result with a global callback • The response will be evaluated by the JavaScript interpreter and invoked
JSONP So, we can always use JSONP BUT…
Why not use JSONP? • Only valid for GET requests • Limited payload size • Not flexible (no headers etc.) • Insecure • Causes IE to leak memory (most implementations)
Same Origin Policy What about CORS?
CORS • Stands for Cross Origin Resource Sharing • A W3C spec that allows cross-domain communication from the browser • Defines a way to determine whether or not to allow the cross-origin request • Works by adding new HTTP headers
CORS So what about CORS?
Why not use CORS? • Only IE9+ support it natively (IE8 only via XDomainRequest) • Requires “preflights” for requests other than GET or POST (with certain MIME types) and for JSON.
Same Origin Policy So, we will probably have to use proxy WAIT!!!
Stay Out Please S O Ptay riginal leaseame rigin olicy
lpAjax to the rescue • Developed in LivePerson • Self contained (Vanilla JS) • Easy to use • Used by entire LivePerson clients as a transport layer • Supports three main transport types: XHR, JSONP AND postMessage
Browser to server communications url.com api.liveperson.com api.liveperson.com/pm.html lpAjax postmessage client pm.html Postmessage server xhr
lpAjax postMessage • It works!!! • Almost as fast as JSONP • Can work with REST API’S • Very small latency for first API call (iframe creation) • Small latency for serialization of data for use with postMessage • Beware: 401 Response Codes & failed requests issues
Browser Support • Firefox >= 3 • Safari >= 4 • Chrome • Opera >= 9 • IE >= 8
lpAjax postMessage And there is even a shim/polyfill for IE7 window.name… (limited to 2MB only )
lpAjax postMessage Cool I am convinced BUT, how can I use it with Backbone
Backbone with lpAjax postMessage • Backbone utilizes jQuery as a transport • jQuery allows us to manipulate ajax transports at multiple levels • $.ajaxPrefilters - Handle custom options/modify existing options before request is processed by $.ajax() • $.ajaxTransport - Creates an object that handles the actual transmission of Ajax data and used by $.ajax() to issue requests • Converters – to manipulate and parse the data returned from the response
Our custom ajaxPrefilter // Register jQuery Ajax Prefilter that detects cross-domain requests and set the request data-type to "postmessage". $.ajaxPrefilter(function (options, originalOptions, jqXHR) { // Get our current origin var originBrowser = window.location; // Get the API url origin var originApi = document.createElement("a"); originApi.href = options.url; // Skip Same Origin API URL's if (originApi.hostname == originBrowser.hostname && originApi.port == originBrowser.port && originApi.protocol == originBrowser.protocol) { return; } // If the domains aren't the same and this isn't a jsonp request, force the data-type of the request to "postmessage". if ("jsonp" !== options.dataType.toLowerCase()) { // Redirect to our “postmessage” temporary transport type return "postmessage"; } });
Our ajaxTransport Implementation // Create the postmessage transport handler (which will proxy the request to lpAjax) and register it for handling postmessage // (the '+' forces overriding any existing implementations for a transport). $.ajaxTransport("+postmessage", function (options, originalOptions, jqXHR) { // Remove the temporary transport dataType options.dataTypes.shift(); return { send:function (requestHeaders, done) { // Build the request object based on what jQuery created for us so far var req = $.extend({}, lpTag.taglets.lpAjax_request); req.headers = requestHeaders; req.method = originalOptions.type; req.data = originalOptions.data; req.url = options.url; // Implement the success and error handlers req.success = function (data) { handlePostMessageResponse(data, done); }; req.error = function (data) { handlePostMessageResponse(data, done); }; // Issue the request using lpAjax postMessage. lpAjax.postmessage.issueCall(req); }, abort:function () {} }; }));
Implement the response handler // Create the response handler for lpAjax to call var handlePostMessageResponse = function (data, done) { // Do any parsing on the response if needed - Here I do nothing for simplicity // Now call the jQuery callback to return the response to jQuery handling done( data.code, // status, data.status, // nativeStatusText, data.body, // responses, data.headers // headers ); };
Backbone with lpAjax postMessage “If you can’t explain it simply, you don’t understand it well enough.” -Leonardo Da Vinci
Q&A itaik@liveperson.com Want to work on cool stuff like this? Questions?
Thank You

Recommended

The JSON REST API for WordPress
The JSON REST API for WordPressThe JSON REST API for WordPress
The JSON REST API for WordPress
Taylor Lovett
 
JSON REST API for WordPress
JSON REST API for WordPressJSON REST API for WordPress
JSON REST API for WordPress
Taylor Lovett
 
Apache Sling as an OSGi-powered REST middleware
Apache Sling as an OSGi-powered REST middlewareApache Sling as an OSGi-powered REST middleware
Apache Sling as an OSGi-powered REST middleware
Robert Munteanu
 
Building Your First App with MongoDB
Building Your First App with MongoDBBuilding Your First App with MongoDB
Building Your First App with MongoDB
MongoDB
 
Krug Fat Client
Krug Fat ClientKrug Fat Client
Krug Fat ClientPaul Klipp
 
Mojolicious and REST
Mojolicious and RESTMojolicious and REST
Mojolicious and REST
Jonas Brømsø
 
Spring Web Services: SOAP vs. REST
Spring Web Services: SOAP vs. RESTSpring Web Services: SOAP vs. REST
Spring Web Services: SOAP vs. REST
Sam Brannen
 
Day 9 - PostgreSQL Application Architecture
Day 9 - PostgreSQL Application ArchitectureDay 9 - PostgreSQL Application Architecture
Day 9 - PostgreSQL Application Architecture
Barry Jones
 

Recommended

The JSON REST API for WordPress
The JSON REST API for WordPressThe JSON REST API for WordPress
The JSON REST API for WordPress
Taylor Lovett
 
JSON REST API for WordPress
JSON REST API for WordPressJSON REST API for WordPress
JSON REST API for WordPress
Taylor Lovett
 
Apache Sling as an OSGi-powered REST middleware
Apache Sling as an OSGi-powered REST middlewareApache Sling as an OSGi-powered REST middleware
Apache Sling as an OSGi-powered REST middleware
Robert Munteanu
 
Building Your First App with MongoDB
Building Your First App with MongoDBBuilding Your First App with MongoDB
Building Your First App with MongoDB
MongoDB
 
Krug Fat Client
Krug Fat ClientKrug Fat Client
Krug Fat ClientPaul Klipp
 
Mojolicious and REST
Mojolicious and RESTMojolicious and REST
Mojolicious and REST
Jonas Brømsø
 
Spring Web Services: SOAP vs. REST
Spring Web Services: SOAP vs. RESTSpring Web Services: SOAP vs. REST
Spring Web Services: SOAP vs. REST
Sam Brannen
 
Day 9 - PostgreSQL Application Architecture
Day 9 - PostgreSQL Application ArchitectureDay 9 - PostgreSQL Application Architecture
Day 9 - PostgreSQL Application Architecture
Barry Jones
 
Real World Fun with ActiveResource
Real World Fun with ActiveResourceReal World Fun with ActiveResource
Real World Fun with ActiveResource
Rob C
 
Ancient To Modern: Upgrading nearly a decade of Plone in public radio
Ancient To Modern: Upgrading nearly a decade of Plone in public radioAncient To Modern: Upgrading nearly a decade of Plone in public radio
Ancient To Modern: Upgrading nearly a decade of Plone in public radio
Cristopher Ewing
 
Consuming REST services with ActiveResource
Consuming REST services with ActiveResourceConsuming REST services with ActiveResource
Consuming REST services with ActiveResource
Wolfram Arnold
 
I18nize Scala programs à la gettext
I18nize Scala programs à la gettextI18nize Scala programs à la gettext
I18nize Scala programs à la gettext
Ngoc Dao
 
Building an API with Django and Django REST Framework
Building an API with Django and Django REST FrameworkBuilding an API with Django and Django REST Framework
Building an API with Django and Django REST Framework
Christopher Foresman
 
REST and ASP.NET Web API (Milan)
REST and ASP.NET Web API (Milan)REST and ASP.NET Web API (Milan)
REST and ASP.NET Web API (Milan)Jef Claes
 
Skinny Framework Progress Situation
Skinny Framework Progress SituationSkinny Framework Progress Situation
Skinny Framework Progress Situation
Kazuhiro Sera
 
REST Easy - Building RESTful Services in Zend Framework
REST Easy - Building RESTful Services in Zend FrameworkREST Easy - Building RESTful Services in Zend Framework
REST Easy - Building RESTful Services in Zend Framework
Chris Weldon
 
Flickr Architecture Presentation
Flickr Architecture PresentationFlickr Architecture Presentation
Flickr Architecture Presentationeraz
 
REST Easy with AngularJS - ng-grid CRUD EXAMPLE
REST Easy with AngularJS - ng-grid CRUD EXAMPLEREST Easy with AngularJS - ng-grid CRUD EXAMPLE
REST Easy with AngularJS - ng-grid CRUD EXAMPLE
reneechemel
 
Introduction to RESTful Webservices in JAVA
Introduction to RESTful Webservices in JAVA Introduction to RESTful Webservices in JAVA
Introduction to RESTful Webservices in JAVA
psrpatnaik
 
RESTFul development with Apache sling
RESTFul development with Apache slingRESTFul development with Apache sling
RESTFul development with Apache sling
Sergii Fesenko
 
Automating Your Daily Tasks with Scripting - RubyConf 2015 Taiwan
Automating Your Daily Tasks with Scripting - RubyConf 2015 TaiwanAutomating Your Daily Tasks with Scripting - RubyConf 2015 Taiwan
Automating Your Daily Tasks with Scripting - RubyConf 2015 Taiwan
Adler Hsieh
 
Rest with Spring
Rest with SpringRest with Spring
Rest with SpringEugen Paraschiv
 
Dynamic content generation
Dynamic content generationDynamic content generation
Dynamic content generationEleonora Ciceri
 
Jinx - Malware 2.0
Jinx - Malware 2.0Jinx - Malware 2.0
Jinx - Malware 2.0
Itzik Kotler
 
Django rest framework
Django rest frameworkDjango rest framework
Django rest framework
Blank Chen
 
Angularjs & REST
Angularjs & RESTAngularjs & REST
Angularjs & REST
Corley S.r.l.
 
Developing OpenResty Framework
Developing OpenResty FrameworkDeveloping OpenResty Framework
Developing OpenResty Framework
OpenRestyCon
 
Designing REST services with Spring MVC
Designing REST services with Spring MVCDesigning REST services with Spring MVC
Designing REST services with Spring MVC
Serhii Kartashov
 
Most dangerous searchterm_us
Most dangerous searchterm_usMost dangerous searchterm_us
Most dangerous searchterm_usAngeline KH
 
IT103Microsoft Windows XP/OS Chap08
IT103Microsoft Windows XP/OS Chap08IT103Microsoft Windows XP/OS Chap08
IT103Microsoft Windows XP/OS Chap08blusmurfydot1
 

More Related Content

What's hot

Real World Fun with ActiveResource
Real World Fun with ActiveResourceReal World Fun with ActiveResource
Real World Fun with ActiveResource
Rob C
 
Ancient To Modern: Upgrading nearly a decade of Plone in public radio
Ancient To Modern: Upgrading nearly a decade of Plone in public radioAncient To Modern: Upgrading nearly a decade of Plone in public radio
Ancient To Modern: Upgrading nearly a decade of Plone in public radio
Cristopher Ewing
 
Consuming REST services with ActiveResource
Consuming REST services with ActiveResourceConsuming REST services with ActiveResource
Consuming REST services with ActiveResource
Wolfram Arnold
 
I18nize Scala programs à la gettext
I18nize Scala programs à la gettextI18nize Scala programs à la gettext
I18nize Scala programs à la gettext
Ngoc Dao
 
Building an API with Django and Django REST Framework
Building an API with Django and Django REST FrameworkBuilding an API with Django and Django REST Framework
Building an API with Django and Django REST Framework
Christopher Foresman
 
REST and ASP.NET Web API (Milan)
REST and ASP.NET Web API (Milan)REST and ASP.NET Web API (Milan)
REST and ASP.NET Web API (Milan)Jef Claes
 
Skinny Framework Progress Situation
Skinny Framework Progress SituationSkinny Framework Progress Situation
Skinny Framework Progress Situation
Kazuhiro Sera
 
REST Easy - Building RESTful Services in Zend Framework
REST Easy - Building RESTful Services in Zend FrameworkREST Easy - Building RESTful Services in Zend Framework
REST Easy - Building RESTful Services in Zend Framework
Chris Weldon
 
Flickr Architecture Presentation
Flickr Architecture PresentationFlickr Architecture Presentation
Flickr Architecture Presentationeraz
 
REST Easy with AngularJS - ng-grid CRUD EXAMPLE
REST Easy with AngularJS - ng-grid CRUD EXAMPLEREST Easy with AngularJS - ng-grid CRUD EXAMPLE
REST Easy with AngularJS - ng-grid CRUD EXAMPLE
reneechemel
 
Introduction to RESTful Webservices in JAVA
Introduction to RESTful Webservices in JAVA Introduction to RESTful Webservices in JAVA
Introduction to RESTful Webservices in JAVA
psrpatnaik
 
RESTFul development with Apache sling
RESTFul development with Apache slingRESTFul development with Apache sling
RESTFul development with Apache sling
Sergii Fesenko
 
Automating Your Daily Tasks with Scripting - RubyConf 2015 Taiwan
Automating Your Daily Tasks with Scripting - RubyConf 2015 TaiwanAutomating Your Daily Tasks with Scripting - RubyConf 2015 Taiwan
Automating Your Daily Tasks with Scripting - RubyConf 2015 Taiwan
Adler Hsieh
 
Dynamic content generation
Dynamic content generationDynamic content generation
Dynamic content generationEleonora Ciceri
 
Jinx - Malware 2.0
Jinx - Malware 2.0Jinx - Malware 2.0
Jinx - Malware 2.0
Itzik Kotler
 
Django rest framework
Django rest frameworkDjango rest framework
Django rest framework
Blank Chen
 
Angularjs & REST
Angularjs & RESTAngularjs & REST
Angularjs & REST
Corley S.r.l.
 
Developing OpenResty Framework
Developing OpenResty FrameworkDeveloping OpenResty Framework
Developing OpenResty Framework
OpenRestyCon
 
Designing REST services with Spring MVC
Designing REST services with Spring MVCDesigning REST services with Spring MVC
Designing REST services with Spring MVC
Serhii Kartashov
 

What's hot (20)

Real World Fun with ActiveResource
Real World Fun with ActiveResourceReal World Fun with ActiveResource
Real World Fun with ActiveResource
 
Ancient To Modern: Upgrading nearly a decade of Plone in public radio
Ancient To Modern: Upgrading nearly a decade of Plone in public radioAncient To Modern: Upgrading nearly a decade of Plone in public radio
Ancient To Modern: Upgrading nearly a decade of Plone in public radio
 
Consuming REST services with ActiveResource
Consuming REST services with ActiveResourceConsuming REST services with ActiveResource
Consuming REST services with ActiveResource
 
I18nize Scala programs à la gettext
I18nize Scala programs à la gettextI18nize Scala programs à la gettext
I18nize Scala programs à la gettext
 
Building an API with Django and Django REST Framework
Building an API with Django and Django REST FrameworkBuilding an API with Django and Django REST Framework
Building an API with Django and Django REST Framework
 
REST and ASP.NET Web API (Milan)
REST and ASP.NET Web API (Milan)REST and ASP.NET Web API (Milan)
REST and ASP.NET Web API (Milan)
 
Skinny Framework Progress Situation
Skinny Framework Progress SituationSkinny Framework Progress Situation
Skinny Framework Progress Situation
 
REST Easy - Building RESTful Services in Zend Framework
REST Easy - Building RESTful Services in Zend FrameworkREST Easy - Building RESTful Services in Zend Framework
REST Easy - Building RESTful Services in Zend Framework
 
Flickr Architecture Presentation
Flickr Architecture PresentationFlickr Architecture Presentation
Flickr Architecture Presentation
 
REST Easy with AngularJS - ng-grid CRUD EXAMPLE
REST Easy with AngularJS - ng-grid CRUD EXAMPLEREST Easy with AngularJS - ng-grid CRUD EXAMPLE
REST Easy with AngularJS - ng-grid CRUD EXAMPLE
 
Introduction to RESTful Webservices in JAVA
Introduction to RESTful Webservices in JAVA Introduction to RESTful Webservices in JAVA
Introduction to RESTful Webservices in JAVA
 
RESTFul development with Apache sling
RESTFul development with Apache slingRESTFul development with Apache sling
RESTFul development with Apache sling
 
Automating Your Daily Tasks with Scripting - RubyConf 2015 Taiwan
Automating Your Daily Tasks with Scripting - RubyConf 2015 TaiwanAutomating Your Daily Tasks with Scripting - RubyConf 2015 Taiwan
Automating Your Daily Tasks with Scripting - RubyConf 2015 Taiwan
 
Rest with Spring
Rest with SpringRest with Spring
Rest with Spring
 
Dynamic content generation
Dynamic content generationDynamic content generation
Dynamic content generation
 
Jinx - Malware 2.0
Jinx - Malware 2.0Jinx - Malware 2.0
Jinx - Malware 2.0
 
Django rest framework
Django rest frameworkDjango rest framework
Django rest framework
 
Angularjs & REST
Angularjs & RESTAngularjs & REST
Angularjs & REST
 
Developing OpenResty Framework
Developing OpenResty FrameworkDeveloping OpenResty Framework
Developing OpenResty Framework
 
Designing REST services with Spring MVC
Designing REST services with Spring MVCDesigning REST services with Spring MVC
Designing REST services with Spring MVC
 

Viewers also liked

Most dangerous searchterm_us
Most dangerous searchterm_usMost dangerous searchterm_us
Most dangerous searchterm_usAngeline KH
 
IT103Microsoft Windows XP/OS Chap08
IT103Microsoft Windows XP/OS Chap08IT103Microsoft Windows XP/OS Chap08
IT103Microsoft Windows XP/OS Chap08blusmurfydot1
 
IT103Microsoft Windows XP/OS Chap11
IT103Microsoft Windows XP/OS Chap11IT103Microsoft Windows XP/OS Chap11
IT103Microsoft Windows XP/OS Chap11blusmurfydot1
 
IT103Microsoft Windows XP/OS Chap13
IT103Microsoft Windows XP/OS Chap13IT103Microsoft Windows XP/OS Chap13
IT103Microsoft Windows XP/OS Chap13blusmurfydot1
 
DTA 2011 REV B
DTA 2011 REV BDTA 2011 REV B
DTA 2011 REV B
tynanderek
 
IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14blusmurfydot1
 
Aparato circulatorio
Aparato circulatorioAparato circulatorio
Aparato circulatorio
Euler Ruiz
 
La energia y la relacion con el desarrollo tecnologico
La energia y la relacion con el desarrollo tecnologicoLa energia y la relacion con el desarrollo tecnologico
La energia y la relacion con el desarrollo tecnologico
Euler Ruiz
 
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10blusmurfydot1
 
IT109 Microsoft Windows 7 Operating Systems Unit 06 lesson 07
IT109 Microsoft Windows 7 Operating Systems Unit 06 lesson 07IT109 Microsoft Windows 7 Operating Systems Unit 06 lesson 07
IT109 Microsoft Windows 7 Operating Systems Unit 06 lesson 07blusmurfydot1
 
Assistive technology
Assistive technologyAssistive technology
Assistive technologykturne10
 
El pensamiento positivo y la mente humana
El pensamiento positivo y la mente humanaEl pensamiento positivo y la mente humana
El pensamiento positivo y la mente humana
Euler Ruiz
 
La computadora
La computadoraLa computadora
La computadora
silovera
 
IT109 Microsoft Windows 7 Operating Systems Unit 06 lesson 08
IT109 Microsoft Windows 7 Operating Systems Unit 06 lesson 08IT109 Microsoft Windows 7 Operating Systems Unit 06 lesson 08
IT109 Microsoft Windows 7 Operating Systems Unit 06 lesson 08blusmurfydot1
 
Zonas erroneas y la salud mental
Zonas erroneas y la salud mentalZonas erroneas y la salud mental
Zonas erroneas y la salud mental
Euler Ruiz
 
Building Advanced Web UI in The Enterprise World
Building Advanced Web UI in The Enterprise WorldBuilding Advanced Web UI in The Enterprise World
Building Advanced Web UI in The Enterprise Worldefim13
 
Parking hormigon prefabricado
Parking hormigon prefabricadoParking hormigon prefabricado
Parking hormigon prefabricadoCAMPUS11
 
Itt operating systems unit 05 lesson 06
Itt operating systems unit 05 lesson 06Itt operating systems unit 05 lesson 06
Itt operating systems unit 05 lesson 06blusmurfydot1
 

Viewers also liked (20)

Most dangerous searchterm_us
Most dangerous searchterm_usMost dangerous searchterm_us
Most dangerous searchterm_us
 
IT103Microsoft Windows XP/OS Chap08
IT103Microsoft Windows XP/OS Chap08IT103Microsoft Windows XP/OS Chap08
IT103Microsoft Windows XP/OS Chap08
 
IT103Microsoft Windows XP/OS Chap11
IT103Microsoft Windows XP/OS Chap11IT103Microsoft Windows XP/OS Chap11
IT103Microsoft Windows XP/OS Chap11
 
IT103Microsoft Windows XP/OS Chap13
IT103Microsoft Windows XP/OS Chap13IT103Microsoft Windows XP/OS Chap13
IT103Microsoft Windows XP/OS Chap13
 
DTA 2011 REV B
DTA 2011 REV BDTA 2011 REV B
DTA 2011 REV B
 
IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14
 
Aparato circulatorio
Aparato circulatorioAparato circulatorio
Aparato circulatorio
 
La energia y la relacion con el desarrollo tecnologico
La energia y la relacion con el desarrollo tecnologicoLa energia y la relacion con el desarrollo tecnologico
La energia y la relacion con el desarrollo tecnologico
 
Organizadores
OrganizadoresOrganizadores
Organizadores
 
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
IT109 Microsoft Windows 7 Operating Systems Unit 07 lesson 10
 
Javascript for Wep Apps
Javascript for Wep AppsJavascript for Wep Apps
Javascript for Wep Apps
 
IT109 Microsoft Windows 7 Operating Systems Unit 06 lesson 07
IT109 Microsoft Windows 7 Operating Systems Unit 06 lesson 07IT109 Microsoft Windows 7 Operating Systems Unit 06 lesson 07
IT109 Microsoft Windows 7 Operating Systems Unit 06 lesson 07
 
Assistive technology
Assistive technologyAssistive technology
Assistive technology
 
El pensamiento positivo y la mente humana
El pensamiento positivo y la mente humanaEl pensamiento positivo y la mente humana
El pensamiento positivo y la mente humana
 
La computadora
La computadoraLa computadora
La computadora
 
IT109 Microsoft Windows 7 Operating Systems Unit 06 lesson 08
IT109 Microsoft Windows 7 Operating Systems Unit 06 lesson 08IT109 Microsoft Windows 7 Operating Systems Unit 06 lesson 08
IT109 Microsoft Windows 7 Operating Systems Unit 06 lesson 08
 
Zonas erroneas y la salud mental
Zonas erroneas y la salud mentalZonas erroneas y la salud mental
Zonas erroneas y la salud mental
 
Building Advanced Web UI in The Enterprise World
Building Advanced Web UI in The Enterprise WorldBuilding Advanced Web UI in The Enterprise World
Building Advanced Web UI in The Enterprise World
 
Parking hormigon prefabricado
Parking hormigon prefabricadoParking hormigon prefabricado
Parking hormigon prefabricado
 
Itt operating systems unit 05 lesson 06
Itt operating systems unit 05 lesson 06Itt operating systems unit 05 lesson 06
Itt operating systems unit 05 lesson 06
 

Similar to Stay Out Please

Isomorphic web application
Isomorphic web applicationIsomorphic web application
Isomorphic web application
Oliver N
 
PHP - Introduction to PHP AJAX
PHP - Introduction to PHP AJAXPHP - Introduction to PHP AJAX
PHP - Introduction to PHP AJAX
Vibrant Technologies & Computers
 
Developing Rich Internet Applications with Perl and JavaScript
Developing Rich Internet Applications with Perl and JavaScriptDeveloping Rich Internet Applications with Perl and JavaScript
Developing Rich Internet Applications with Perl and JavaScriptnohuhu
 
AJAX
AJAXAJAX
AJAXARJUN
 
JHipster Conf 2018 : Connect your JHipster apps to the world of APIs with Ope...
JHipster Conf 2018 : Connect your JHipster apps to the world of APIs with Ope...JHipster Conf 2018 : Connect your JHipster apps to the world of APIs with Ope...
JHipster Conf 2018 : Connect your JHipster apps to the world of APIs with Ope...
chbornet
 
Intro to node.js - Ran Mizrahi (27/8/2014)
Intro to node.js - Ran Mizrahi (27/8/2014)Intro to node.js - Ran Mizrahi (27/8/2014)
Intro to node.js - Ran Mizrahi (27/8/2014)
Ran Mizrahi
 
Intro to node.js - Ran Mizrahi (28/8/14)
Intro to node.js - Ran Mizrahi (28/8/14)Intro to node.js - Ran Mizrahi (28/8/14)
Intro to node.js - Ran Mizrahi (28/8/14)Ran Mizrahi
 
Arabidopsis Information Portal, Developer Workshop 2014, Introduction
Arabidopsis Information Portal, Developer Workshop 2014, IntroductionArabidopsis Information Portal, Developer Workshop 2014, Introduction
Arabidopsis Information Portal, Developer Workshop 2014, Introduction
JasonRafeMiller
 
PLAT-7 Spring Web Scripts and Spring Surf
PLAT-7 Spring Web Scripts and Spring SurfPLAT-7 Spring Web Scripts and Spring Surf
PLAT-7 Spring Web Scripts and Spring Surf
Alfresco Software
 
PLAT-7 Spring Web Scripts and Spring Surf
PLAT-7 Spring Web Scripts and Spring SurfPLAT-7 Spring Web Scripts and Spring Surf
PLAT-7 Spring Web Scripts and Spring Surf
Alfresco Software
 
Building Client-Side Attacks with HTML5 Features
Building Client-Side Attacks with HTML5 FeaturesBuilding Client-Side Attacks with HTML5 Features
Building Client-Side Attacks with HTML5 Features
Conviso Application Security
 
Building APIs in an easy way using API Platform
Building APIs in an easy way using API PlatformBuilding APIs in an easy way using API Platform
Building APIs in an easy way using API Platform
Antonio Peric-Mazar
 
ITT Flisol 2013
ITT Flisol 2013ITT Flisol 2013
ITT Flisol 2013
Domingo Suarez Torres
 
Angular jS Introduction by Google
Angular jS Introduction by GoogleAngular jS Introduction by Google
Angular jS Introduction by Google
ASG
 
Intro to CakePHP
Intro to CakePHPIntro to CakePHP
Intro to CakePHP
Walther Lalk
 
REST easy with API Platform
REST easy with API PlatformREST easy with API Platform
REST easy with API Platform
Antonio Peric-Mazar
 
RESTful API-centric Universe
RESTful API-centric UniverseRESTful API-centric Universe
RESTful API-centric Universe
Tihomir Opačić
 

Similar to Stay Out Please (20)

Isomorphic web application
Isomorphic web applicationIsomorphic web application
Isomorphic web application
 
PHP - Introduction to PHP AJAX
PHP - Introduction to PHP AJAXPHP - Introduction to PHP AJAX
PHP - Introduction to PHP AJAX
 
Developing Rich Internet Applications with Perl and JavaScript
Developing Rich Internet Applications with Perl and JavaScriptDeveloping Rich Internet Applications with Perl and JavaScript
Developing Rich Internet Applications with Perl and JavaScript
 
AJAX
AJAXAJAX
AJAX
 
JHipster Conf 2018 : Connect your JHipster apps to the world of APIs with Ope...
JHipster Conf 2018 : Connect your JHipster apps to the world of APIs with Ope...JHipster Conf 2018 : Connect your JHipster apps to the world of APIs with Ope...
JHipster Conf 2018 : Connect your JHipster apps to the world of APIs with Ope...
 
Intro to node.js - Ran Mizrahi (27/8/2014)
Intro to node.js - Ran Mizrahi (27/8/2014)Intro to node.js - Ran Mizrahi (27/8/2014)
Intro to node.js - Ran Mizrahi (27/8/2014)
 
Intro to node.js - Ran Mizrahi (28/8/14)
Intro to node.js - Ran Mizrahi (28/8/14)Intro to node.js - Ran Mizrahi (28/8/14)
Intro to node.js - Ran Mizrahi (28/8/14)
 
Ajax
AjaxAjax
Ajax
 
Arabidopsis Information Portal, Developer Workshop 2014, Introduction
Arabidopsis Information Portal, Developer Workshop 2014, IntroductionArabidopsis Information Portal, Developer Workshop 2014, Introduction
Arabidopsis Information Portal, Developer Workshop 2014, Introduction
 
PLAT-7 Spring Web Scripts and Spring Surf
PLAT-7 Spring Web Scripts and Spring SurfPLAT-7 Spring Web Scripts and Spring Surf
PLAT-7 Spring Web Scripts and Spring Surf
 
PLAT-7 Spring Web Scripts and Spring Surf
PLAT-7 Spring Web Scripts and Spring SurfPLAT-7 Spring Web Scripts and Spring Surf
PLAT-7 Spring Web Scripts and Spring Surf
 
Building Client-Side Attacks with HTML5 Features
Building Client-Side Attacks with HTML5 FeaturesBuilding Client-Side Attacks with HTML5 Features
Building Client-Side Attacks with HTML5 Features
 
Building APIs in an easy way using API Platform
Building APIs in an easy way using API PlatformBuilding APIs in an easy way using API Platform
Building APIs in an easy way using API Platform
 
ITT Flisol 2013
ITT Flisol 2013ITT Flisol 2013
ITT Flisol 2013
 
Varun-CV-J
Varun-CV-JVarun-CV-J
Varun-CV-J
 
Angular jS Introduction by Google
Angular jS Introduction by GoogleAngular jS Introduction by Google
Angular jS Introduction by Google
 
Intro to CakePHP
Intro to CakePHPIntro to CakePHP
Intro to CakePHP
 
Firefox OS Weekend
Firefox OS WeekendFirefox OS Weekend
Firefox OS Weekend
 
REST easy with API Platform
REST easy with API PlatformREST easy with API Platform
REST easy with API Platform
 
RESTful API-centric Universe
RESTful API-centric UniverseRESTful API-centric Universe
RESTful API-centric Universe
 

Recently uploaded

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 

Recently uploaded (20)

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 

Stay Out Please

  • 1. Stay Out Please Itai Koren | July 2013 Framework Frontend Team @LivePerson
  • 2. Who am I? Itai Koren Tech-savvy Engineer @LivePerson A Programmer itaik@liveperson.com
  • 3. Who am I? “Programmer - an organism that turns coffee into software.” - Author Unknown
  • 4. Who am I? ~10 x Cups === feature
  • 5. Who am I? LivePerson Framework Frontend Team
  • 6. Today’s Web Applications Today’s web applications/platforms are more than just websites
  • 15. Today’s Web Applications “Learning JavaScript used to mean you weren't a serious software developer. Today, not learning Javascript means the same thing.” - Jens Ohlig
  • 17. Stay Out Please S O Ptay ut leaseame rigin olicy
  • 18. Same Origin Policy • Important security concept within modern browsers • Originally released with Netscape Navigator 2 (March 1996) • Permits script tags, images, css from any site (origin) • Permits XHR only from the same site (origin) • Prevents access to most methods and properties across different sites (origins)
  • 19. Same Origin Policy So which solution can we use?
  • 20. Today’s Web Applications “A good programmer is someone who always looks both ways before crossing a one-way street.” - Doug Linder
  • 21. Same Origin Policy We can always use JSONP WOT?
  • 22. JSONP • Stands for JSON with Padding • Script tags are exception to the Same Origin Policy • Just loading a script with JSON data cannot help us (will be lost in the global context) • The padding allows us to wrap the result with a global callback • The response will be evaluated by the JavaScript interpreter and invoked
  • 23. JSONP So, we can always use JSONP BUT…
  • 24. Why not use JSONP? • Only valid for GET requests • Limited payload size • Not flexible (no headers etc.) • Insecure • Causes IE to leak memory (most implementations)
  • 25. Same Origin Policy What about CORS?
  • 26. CORS • Stands for Cross Origin Resource Sharing • A W3C spec that allows cross-domain communication from the browser • Defines a way to determine whether or not to allow the cross-origin request • Works by adding new HTTP headers
  • 28. Why not use CORS? • Only IE9+ support it natively (IE8 only via XDomainRequest) • Requires “preflights” for requests other than GET or POST (with certain MIME types) and for JSON.
  • 29. Same Origin Policy So, we will probably have to use proxy WAIT!!!
  • 30. Stay Out Please S O Ptay riginal leaseame rigin olicy
  • 31. lpAjax to the rescue • Developed in LivePerson • Self contained (Vanilla JS) • Easy to use • Used by entire LivePerson clients as a transport layer • Supports three main transport types: XHR, JSONP AND postMessage
  • 32. Browser to server communications url.com api.liveperson.com api.liveperson.com/pm.html lpAjax postmessage client pm.html Postmessage server xhr
  • 33. lpAjax postMessage • It works!!! • Almost as fast as JSONP • Can work with REST API’S • Very small latency for first API call (iframe creation) • Small latency for serialization of data for use with postMessage • Beware: 401 Response Codes & failed requests issues
  • 34. Browser Support • Firefox >= 3 • Safari >= 4 • Chrome • Opera >= 9 • IE >= 8
  • 35. lpAjax postMessage And there is even a shim/polyfill for IE7 window.name… (limited to 2MB only )
  • 36. lpAjax postMessage Cool I am convinced BUT, how can I use it with Backbone
  • 37. Backbone with lpAjax postMessage • Backbone utilizes jQuery as a transport • jQuery allows us to manipulate ajax transports at multiple levels • $.ajaxPrefilters - Handle custom options/modify existing options before request is processed by $.ajax() • $.ajaxTransport - Creates an object that handles the actual transmission of Ajax data and used by $.ajax() to issue requests • Converters – to manipulate and parse the data returned from the response
  • 38. Our custom ajaxPrefilter // Register jQuery Ajax Prefilter that detects cross-domain requests and set the request data-type to "postmessage". $.ajaxPrefilter(function (options, originalOptions, jqXHR) { // Get our current origin var originBrowser = window.location; // Get the API url origin var originApi = document.createElement("a"); originApi.href = options.url; // Skip Same Origin API URL's if (originApi.hostname == originBrowser.hostname && originApi.port == originBrowser.port && originApi.protocol == originBrowser.protocol) { return; } // If the domains aren't the same and this isn't a jsonp request, force the data-type of the request to "postmessage". if ("jsonp" !== options.dataType.toLowerCase()) { // Redirect to our “postmessage” temporary transport type return "postmessage"; } });
  • 39. Our ajaxTransport Implementation // Create the postmessage transport handler (which will proxy the request to lpAjax) and register it for handling postmessage // (the '+' forces overriding any existing implementations for a transport). $.ajaxTransport("+postmessage", function (options, originalOptions, jqXHR) { // Remove the temporary transport dataType options.dataTypes.shift(); return { send:function (requestHeaders, done) { // Build the request object based on what jQuery created for us so far var req = $.extend({}, lpTag.taglets.lpAjax_request); req.headers = requestHeaders; req.method = originalOptions.type; req.data = originalOptions.data; req.url = options.url; // Implement the success and error handlers req.success = function (data) { handlePostMessageResponse(data, done); }; req.error = function (data) { handlePostMessageResponse(data, done); }; // Issue the request using lpAjax postMessage. lpAjax.postmessage.issueCall(req); }, abort:function () {} }; }));
  • 40. Implement the response handler // Create the response handler for lpAjax to call var handlePostMessageResponse = function (data, done) { // Do any parsing on the response if needed - Here I do nothing for simplicity // Now call the jQuery callback to return the response to jQuery handling done( data.code, // status, data.status, // nativeStatusText, data.body, // responses, data.headers // headers ); };
  • 41. Backbone with lpAjax postMessage “If you can’t explain it simply, you don’t understand it well enough.” -Leonardo Da Vinci
  • 42. Q&A itaik@liveperson.com Want to work on cool stuff like this? Questions?

Editor's Notes

  1. Ido
  2. IE<=8 leaks 4kb each request
  3. IE<=8 leaks 4kb each request
  4. IE<=8 leaks 4kb each request
  5. Creates each domain iframe only onceThere are browsers which already support postMessage with objects (with no need for serialization)401 response code will cause the browser to pop up an authentication (can be fixed by overriding the default WWW-Authenticate: Basic realm=“xxx”header) 8 consecutive failed requests from the same iframe will abort the iframe usage
  6. Creates each domain iframe only onceThere are browsers which already support postMessage with objects (with no need for serialization)401 response code will cause the browser to pop up an authentication (can be fixed by overriding the default WWW-Authenticate: Basic realm=“xxx”header) 8 consecutive failed requests from the same iframe will abort the iframe usage
  7. Creates each domain iframe only onceThere are browsers which already support postMessage with objects (with no need for serialization)401 response code will cause the browser to pop up an authentication (can be fixed by overriding the default WWW-Authenticate: Basic realm=“xxx”header) 8 consecutive failed requests from the same iframe will abort the iframe usage
  8. Creates each domain iframe only onceThere are browsers which already support postMessage with objects (with no need for serialization)401 response code will cause the browser to pop up an authentication (can be fixed by overriding the default WWW-Authenticate: Basic realm=“xxx”header) 8 consecutive failed requests from the same iframe will abort the iframe usage
  9. Creates each domain iframe only onceThere are browsers which already support postMessage with objects (with no need for serialization)401 response code will cause the browser to pop up an authentication (can be fixed by overriding the default WWW-Authenticate: Basic realm=“xxx”header) 8 consecutive failed requests from the same iframe will abort the iframe usage