Sun's comments of the future of AJAX

Greg Murray wrote an interesting article a few days ago about AJAX and some of the issues with writing AJAX websites. The article makes the following points about AJAX websites:

Complexity: Server-side developers will need to understand that presentation logic will be required in the HTML client pages as well as in the server-side logic to generate the XML content needed by the client HTML pages. HTML page developers must have JavaScript technology skills. Creating AJAX-enabled applications will become easier as new frameworks are created and existing frameworks evolve to support the interaction model.

And those frameworks are arriving. DWR has just reached version 1.0RC1 and clearly having written most of DWR, I think it's the best Java and Ajax solution out there. It looks like Google agrees with me, but if you want options there is always Echo2 or JSON-RPC-Java.

Standardization of the XMLHttpRequest Object: The XMLHttpRequestobject is not yet part of the JavaScript technology specification, which means that the behavior may vary depending on the client.

This is one of the best reasons for using a tool like DWR. You don't need to get bogged down in discovering that Safari doesn't support XHR/POST or that various versions of IE have all sorts of quirks that you need to tak into account.

JavaScript Technology Implementations: AJAX interactions depend heavily on JavaScript technology, which has subtle differences depending on the client. See for more details on browser-specific differences.

This is why DWR comes with its DWRUtil.js function that help you take data returned from the server and put it on your web page. DWRUtil.js is not a full-blown widget framework like Dojo - It is a set of easy to understand functions that create tables, lists and manipulate text and form fields.

Debugging: AJAX applications are also difficult to debug because the processing logic is embedded both in the client and on the server.

Tell me about it! There are now a number of tools like greasemonkey scripts that help with this issue. But if you use DWR you should not need them at all. DWR has been debugged so you don't need to.

Viewable Source: The client-side JavaScript technology may be viewed simply by selecting View Source from an AJAX-enabled HTML page. A poorly designed AJAX-based application could open itself up to hackers or plagiarism.

DWR takes security very seriously; using J2EE authentication and role based authorization, along with other security measures. I believe this makes the process of auditing what is allowed and what is dis-allowed easier than it was before the days of AJAX.


Comments have been turned off on old posts