Jaxer + Persevere via Dojo’s JsonRestStore

September 29th, 2008 – by Kris Zyp

With the increasing popularity of JavaScript, and rising usage of JavaScript in the browser, it is becoming very effective to use JavaScript on the server to have a single end-to-end language for both client and server-side development. Options for server-side JavaScript are also increasing.

Jaxer is a new server that uses server-side JavaScript for HTML generation, using the standard browser DOM model (it is actually running Mozilla’s engine on the server) as the API. Persevere is a JavaScript based database system, that integrates a JavaScript based object model with object persistence. Dojo‘s new PersevereStore, which is built on the JsonRestStore, allows code running in Jaxer to easily query, manipulate, and interact with data in Persevere by running Dojo on Jaxer’s server-side JavaScript environment. These two JavaScript servers can complement each other, with Jaxer providing HTML presentation/generation and Persevere providing the data object model and persistence, with JsonRestStore as the bridge.

Posted in Dojo, JavaScript, Persevere, ajax | 2 Comments

CouchDBRestStore

September 26th, 2008 – by Kris Zyp

One of the stores built on JsonRestStore and included in Dojo 1.2 is the new CouchDBRestStore. CouchDB server is a JSON-based schema-free database with clustering and fault-tolerance. This new module utilizes the JsonRestStore RESTful capabilities to interact with a CouchDB server. CouchDB has a standards-based REST interface that integrates well with JsonRestStore via a few adaptions from the CouchDBRestStore modules.

Posted in Dojo, ajax | 12 Comments

Security in Ajax

September 25th, 2008 – by Kris Zyp

Security in Ajax web applications is of growing importance. While the client-server model is very useful for architecting web applications, the web security is model is not client-server, but rather a client-deputy-server model. Understanding this security model is important for building secure web applications, and it is becoming even more important as we build mashups and web applications that utilize cross-site resources.

In a client-server model, the client acts on behalf of the user, and the server trusts the client to the degree that a user is authorized. In the client-deputy-server model, the deputy (the browser) acts on behalf of the user, with suspicion of the client (web page/JavaScript), taking responsibility for some aspects of security, limiting client to client interaction. By understanding the mechanisms for the deputy boundaries, servers can appropriately participate in the security model with proper trust for the browser to act on behalf of the user. We will look at how to secure resources from being accessed from the wrong clients and protect clients from malicious server code.

Tags: cross-domain, dojo secure, json, security
Posted in DWR, Dojo, ajax | 6 Comments

Effortless Offline with OfflineRest

September 23rd, 2008 – by Kris Zyp

There is growing support in browsers for offline capabilities with the HTML 5 specification for local storage, offline notifications, and offline application cache, but adapting an application to store changes locally and do synchronization when connectivity is restored remains a major challenge for developers. Dojo 1.2′s new dojox.rpc.OfflineRest module automates the local storage of data and synchronization by leveraging the Dojo Data and REST abstractions. The OfflineRest module augments the JsonRest service in Dojo such that requests are cached in local storage for offline access, and modification requests (put, post, and delete) modify the cache and are recorded for delivery to the server; immediately if online, otherwise when connectivity is restored. Furthermore, JsonRest is the core engine used by JsonRestStore. Consequently, you can simply use the standard Dojo Data API with the JsonRestStore and effortlessly add offline capability with no modifications to your data interaction code. The underlying Rest service automates the handling of caching, storing data locally, and syncing changes. In addition the new OfflineRest module has no dependency on plugins, but rather progressively utilizes offline features that are available, while still operating properly on legacy browsers without offline support.

Tags: jsonrest, offline, rest
Posted in Dojo, Dojo Grid, Dojo Offline, JavaScript | 11 Comments

Dojo at ZendCon

September 19th, 2008 – by Alex

I gave a talk on Dojo Wednesday at ZendCon, and when I walked into the room for the talk, there was some disorder as the conference center staff were taking out the tables to fit more chairs in. Even with the extra space, the room was totally packed, thanks in large part to the amazing Dojo integration work that the Zend team has done.

Posted in Conferences, Dojo | No Comments

The State of File Uploaders

September 11th, 2008 – by mwilcox

Recently, using the Deft project, I created a multi-file uploader Flash component for DojoX. It uses a typical design pattern—embed a hidden SWF in the web page, and with the ExternalInterface, trigger the FileReference’s browse() method to open a system dialog.

Shortly thereafter, it came to my attention that this functionality is to be crippled in version 10 of the Flash player. Due to security concerns, a dialog can only be opened upon a user interaction—in this case, the user must click on a button, preventing malicious code from opening the dialog. This change has caused quite an uproar on the Adobe forum, and the SWFUpload forum.

Posted in Dojo, JavaScript, ajax, browsers | 6 Comments

Inside the Dojo Toolbox

September 9th, 2008 – by Kevin Dangoor

Building the Dojo Toolbox allowed us to dive into Adobe® AIR™, and to create a blended toolchain of JavaScript, PHP, Python and Rhino (JavaScript on the Java Virtual Machine) for developing an amazing desktop application using open web technologies. Read about how we built the Toolbox and what we really think of AIR.

The Initial Whirlwind

We started in late May with zero experience developing an Adobe AIR application and a goal of getting a great application developed in about one month. We had to figure out what exactly we wanted the Toolbox to do and what it could do. We also had to begin figuring out how to make it all happen. Just about all software projects start out that way, right?

Tags: adobe air, dojo toolbox
Posted in Dojo, Open Source, ajax, browsers | 16 Comments

Custom fonts with dojox.gfx

September 8th, 2008 – by Tom Trenka

Recently, there’s been a spat of editorials regarding custom fonts for the web—with two competing proposals (Microsoft’s EOT and embedding a TrueType font directly with the @font-face directive), as well as the well known Fahrner Image Replacement technique, and the related sIFR (Scalable Inman Flash Replacement) technique.

I’m pleased to announce yet another technique: rendering SVG font definitions using dojox.gfx, coming in the Dojo Toolkit 1.2 release!

Tags: dojox.gfx, fonts, open web, SVG
Posted in Dojo, Vector Graphics | 21 Comments

Developers Rest Easier with JavaScript Reversal

September 4th, 2008 – by canderson

The programmers in the trenches of Web development can breathe a bit easier now that a major committee planning the future of the JavaScript standard has decided to focus on small, incremental changes that will improve the performance in Web browsers. Some members of the ECMA International standards committee still have bigger dreams to enhance the language, known more formally as ECMAScript, to tackle more complicated projects, but these plans receded as the group focused on clearer and more present needs.

Kris Zyp, a researcher at SitePen and the Dojo Foundation’s representative on the committee, said, “Our interest is empowering the Web developers, not seeing ECMAScript as a pure research language.”

Posted in press | No Comments