SlideShare uma empresa Scribd logo

A Re-Introduction to Third-Party Scripting

B
benvinegar

Presentation delivered at TechTalksTO: Underground (Toronto, Canada) on August 6th, 2011.

Tecnologia
1 de 58
Baixar para ler offline
a re-introduction to third-party scripting techtalksTO Sunday, September 18, 2011
who invited this guy? • name’s ben • former torontonian • working at disqus in san francisco Sunday, September 18, 2011
DISQUS • dis·cuss • dĭ-skŭs' • third-party commenting platform • customers: CNN, MLB, IGN, and other exciting acronyms • 500 million visitors/month Sunday, September 18, 2011
third-party scripts Sunday, September 18, 2011
third-party scripts • js written by someone else • executing on your website • loaded from a remote server Sunday, September 18, 2011
third-party scripts Sunday, September 18, 2011
simple concept, powerful results Sunday, September 18, 2011
ad scripts Google AdSense (http://adsense.com) Sunday, September 18, 2011
analytics CrazyEgg (http://crazyegg.com) Sunday, September 18, 2011
embedded widgets Disqus (http://disqus.com) Sunday, September 18, 2011
widgets cont’d Guestlist (http://guestlistapp.com) Sunday, September 18, 2011
browser plugins Rapportive (http://rapportive.com) Sunday, September 18, 2011
js apis/sdks LinkedIn (http://developer.linkedin.com/javascript) Sunday, September 18, 2011
writing them != easy • operate in unknown, uncontrolled environment • shared DOM, globals • browser limitations • debugging remote sites is hard Sunday, September 18, 2011
the good news Sunday, September 18, 2011
it’s getting better • new browser features • newly discovered techniques (hacks) • powerful new open source libraries • published literature? Sunday, September 18, 2011
let’s take the tour Sunday, September 18, 2011
script loading Sunday, September 18, 2011
blocking includes • standard script includes block rendering • giving us a bad rep! • culprit: document.write Sunday, September 18, 2011
document.write Sunday, September 18, 2011
example: github gists Sunday, September 18, 2011
embedded gists Sunday, September 18, 2011
HTML5’s async attr Sunday, September 18, 2011
async-friendly insert Sunday, September 18, 2011
async browser support • Firefox 3.6+ • Chrome 7+ • Safari 5.0 • IE 10 (!) • Notably absent: Opera Sunday, September 18, 2011
dynamic script creation Sunday, September 18, 2011
first impressions count • hard to get website owners to update their script includes • people are still using blocking disqus include (deprecated mid-2009) • who still uses blocking GA include? Sunday, September 18, 2011
shared environment Sunday, September 18, 2011
global collisions • unknown scripts executing on same page • may introduce conflicting variables • DOM queries may inadvertently select your elements (or vice versa) Sunday, September 18, 2011
namespace your js! Sunday, September 18, 2011
bonus points: html • id=”dsq-comment-8” • class=”dsq-comment” • data-dsq-username=”jimbob” • Bad: class=”dsq-comment active” Sunday, September 18, 2011
js libs • you should use ‘em • what if they already exist on the page? Sunday, September 18, 2011
$.noConflict • utility method for assigning jQuery global ($) to a variable • great for namespacing • becoming a standard pattern Sunday, September 18, 2011
libs w/ noConflict • LABjs • Underscore.js • Backbone.js • Ender.js and its assoc. microlibs • easyXDM Sunday, September 18, 2011
destructive libs Sunday, September 18, 2011
sandboxing • run your code inside a src-less iframe • clean js environment • no global state leak Sunday, September 18, 2011
twitter @anywhere • twitter widget library • supports multiple lib versions/ instances per page • each version is sandboxed in a separate iframe Sunday, September 18, 2011
twitter @anywhere iframe A iframe B Sunday, September 18, 2011
hiro.js • QUnit-like js testing library • each test suite runs in a new iframe • optional: seed iframe environment Hiro (http://github.com/antonkovalyov/hiro) Sunday, September 18, 2011
ajax Sunday, September 18, 2011
cross-domain ajax • can’t initiate XmlHttpRequest from foo.com to bar.com • same-origin policy (host, port, protocol) • subdomains a ected too Sunday, September 18, 2011
w/o same-origin pol. • What if I hosted a page with the following ... Sunday, September 18, 2011
CORS • Cross-Origin Resource Sharing • special http headers that permit XD access to resources • W3C working draft • Firefox 3.5+, Chrome 3+, Safari 4+, IE8+ Sunday, September 18, 2011
CORS headers Cors Example (http://saltybeagle.com/cors) Sunday, September 18, 2011
JSONP • load JSON using <script> elements • script element bypasses same-origin policy • built-in helpers in most js frameworks Sunday, September 18, 2011
JSONP example Sunday, September 18, 2011
JSONP example Sunday, September 18, 2011
JSONP cont’d • only supports GET requests • script loading can’t detect 400, 500 errors (rely on timeouts) • caching complications when generating new response each time Sunday, September 18, 2011
postMessage • HTML5 API for cross-window communication • works with iframes, new windows • Firefox 3+, Safari 4+, Chrome (all), IE8+ Sunday, September 18, 2011
postMessage foo.com bar.com Sunday, September 18, 2011
iframe tunnels foo.com postMessage bar.com/ xhr tunnel.html bar.com/api Sunday, September 18, 2011
easyXDM • postMessage-like API for window objs • uses Flash, obscure transport protocols when postMessage is n/a • wider browser support • Disqus, Twitter, Scribd, LinkedIn ... easyXDM (http://easyxdm.net) Sunday, September 18, 2011
debugging Sunday, September 18, 2011
how do you debug this mess? Sunday, September 18, 2011
switches • serve unminified js for specific sites, users* Sunday, September 18, 2011
proxies • send all http tra c to a proxy server • rewrite production urls • from widget.com to ... • localhost • staging.widget.com • newfeature.staging.widget.com Sunday, September 18, 2011
wrapping up Sunday, September 18, 2011
thanks • @bentlegen • disqus is hiring js/python/django in san francisco • (canadians welcome) • book coming early 2018 Sunday, September 18, 2011

Recomendados

Modern iframe programming
Modern iframe programmingModern iframe programming
Modern iframe programmingbenvinegar
 
Re-Introduction to Third-party Scripting
Re-Introduction to Third-party ScriptingRe-Introduction to Third-party Scripting
Re-Introduction to Third-party Scriptingbenvinegar
 
Txjs
TxjsTxjs
TxjsBrian LeRoux
 
Modernizr, Yepnope, and Polyfills
Modernizr, Yepnope, and PolyfillsModernizr, Yepnope, and Polyfills
Modernizr, Yepnope, and PolyfillsAlex Sexton
 
Palm Developer Day PhoneGap
Palm Developer Day PhoneGap Palm Developer Day PhoneGap
Palm Developer Day PhoneGap Brian LeRoux
 
How to start developing apps for Firefox OS
How to start developing apps for Firefox OSHow to start developing apps for Firefox OS
How to start developing apps for Firefox OSbenko
 
Ruby is dying. What languages are cool now?
Ruby is dying. What languages are cool now?Ruby is dying. What languages are cool now?
Ruby is dying. What languages are cool now?Michał Konarski
 
Rails development environment talk
Rails development environment talkRails development environment talk
Rails development environment talkReuven Lerner
 

Recomendados

Modern iframe programming
Modern iframe programmingModern iframe programming
Modern iframe programmingbenvinegar
 
Re-Introduction to Third-party Scripting
Re-Introduction to Third-party ScriptingRe-Introduction to Third-party Scripting
Re-Introduction to Third-party Scriptingbenvinegar
 
Txjs
TxjsTxjs
TxjsBrian LeRoux
 
Modernizr, Yepnope, and Polyfills
Modernizr, Yepnope, and PolyfillsModernizr, Yepnope, and Polyfills
Modernizr, Yepnope, and PolyfillsAlex Sexton
 
Palm Developer Day PhoneGap
Palm Developer Day PhoneGap Palm Developer Day PhoneGap
Palm Developer Day PhoneGap Brian LeRoux
 
How to start developing apps for Firefox OS
How to start developing apps for Firefox OSHow to start developing apps for Firefox OS
How to start developing apps for Firefox OSbenko
 
Ruby is dying. What languages are cool now?
Ruby is dying. What languages are cool now?Ruby is dying. What languages are cool now?
Ruby is dying. What languages are cool now?Michał Konarski
 
Rails development environment talk
Rails development environment talkRails development environment talk
Rails development environment talkReuven Lerner
 
Selenium bootcamp slides
Selenium bootcamp slides Selenium bootcamp slides
Selenium bootcamp slides seleniumbootcamp
 
PLAT-7 Spring Web Scripts and Spring Surf
PLAT-7 Spring Web Scripts and Spring SurfPLAT-7 Spring Web Scripts and Spring Surf
PLAT-7 Spring Web Scripts and Spring SurfAlfresco Software
 
The Same-Origin Saga
The Same-Origin SagaThe Same-Origin Saga
The Same-Origin SagaBrendan Eich
 
Why Plone Will Die
Why Plone Will DieWhy Plone Will Die
Why Plone Will DieAndreas Jung
 
Finding Restfulness - Madrid.rb April 2014
Finding Restfulness - Madrid.rb April 2014Finding Restfulness - Madrid.rb April 2014
Finding Restfulness - Madrid.rb April 2014samlown
 
Code for Startup MVP (Ruby on Rails) Session 1
Code for Startup MVP (Ruby on Rails) Session 1Code for Startup MVP (Ruby on Rails) Session 1
Code for Startup MVP (Ruby on Rails) Session 1Henry S
 
Ruby Kansai #35 About RubyKaigi2009 ujihisa
Ruby Kansai #35 About RubyKaigi2009 ujihisaRuby Kansai #35 About RubyKaigi2009 ujihisa
Ruby Kansai #35 About RubyKaigi2009 ujihisaujihisa
 
Introduction to WebSockets
Introduction to WebSocketsIntroduction to WebSockets
Introduction to WebSocketsSteve Agalloco
 
ARTDM 171, Week 2: A Brief History + Web Basics
ARTDM 171, Week 2: A Brief History + Web BasicsARTDM 171, Week 2: A Brief History + Web Basics
ARTDM 171, Week 2: A Brief History + Web BasicsGilbert Guerrero
 
Python assignment help
Python assignment helpPython assignment help
Python assignment helpwww.myassignmenthelp.net
 
Node.js Patterns and Opinions
Node.js Patterns and OpinionsNode.js Patterns and Opinions
Node.js Patterns and OpinionsIsaacSchlueter
 
CSS 201
CSS 201CSS 201
CSS 201Jennifer Berk
 
Confessions of a java developer that fell in love with the groovy language
Confessions of a java developer that fell in love with the groovy languageConfessions of a java developer that fell in love with the groovy language
Confessions of a java developer that fell in love with the groovy languageVictor Trakhtenberg
 
Web technologies for desktop development @ berlinjs apps
Web technologies for desktop development @ berlinjs appsWeb technologies for desktop development @ berlinjs apps
Web technologies for desktop development @ berlinjs appsDarko Kukovec
 
Node and Azure
Node and AzureNode and Azure
Node and AzureJason Gerard
 
Lo4
Lo4Lo4
Lo4liankei
 
Ruby tutorial
Ruby tutorialRuby tutorial
Ruby tutorialÁnh Nguyễn
 
Using Javascript in today's world
Using Javascript in today's worldUsing Javascript in today's world
Using Javascript in today's worldSudar Muthu
 
The ideal module system and the harsh reality
The ideal module system and the harsh realityThe ideal module system and the harsh reality
The ideal module system and the harsh realityAdam Warski
 
Tomboy Web Sync Explained
Tomboy Web Sync ExplainedTomboy Web Sync Explained
Tomboy Web Sync ExplainedMohan Krishnan
 
2011 june-kuala-lumpur-gtug-hackathon
2011 june-kuala-lumpur-gtug-hackathon2011 june-kuala-lumpur-gtug-hackathon
2011 june-kuala-lumpur-gtug-hackathonikailan
 
Capitol js
Capitol jsCapitol js
Capitol jsBrendan Eich
 

Mais conteúdo relacionado

Mais procurados

PLAT-7 Spring Web Scripts and Spring Surf
PLAT-7 Spring Web Scripts and Spring SurfPLAT-7 Spring Web Scripts and Spring Surf
PLAT-7 Spring Web Scripts and Spring SurfAlfresco Software
 
The Same-Origin Saga
The Same-Origin SagaThe Same-Origin Saga
The Same-Origin SagaBrendan Eich
 
Why Plone Will Die
Why Plone Will DieWhy Plone Will Die
Why Plone Will DieAndreas Jung
 
Finding Restfulness - Madrid.rb April 2014
Finding Restfulness - Madrid.rb April 2014Finding Restfulness - Madrid.rb April 2014
Finding Restfulness - Madrid.rb April 2014samlown
 
Code for Startup MVP (Ruby on Rails) Session 1
Code for Startup MVP (Ruby on Rails) Session 1Code for Startup MVP (Ruby on Rails) Session 1
Code for Startup MVP (Ruby on Rails) Session 1Henry S
 
Ruby Kansai #35 About RubyKaigi2009 ujihisa
Ruby Kansai #35 About RubyKaigi2009 ujihisaRuby Kansai #35 About RubyKaigi2009 ujihisa
Ruby Kansai #35 About RubyKaigi2009 ujihisaujihisa
 
Introduction to WebSockets
Introduction to WebSocketsIntroduction to WebSockets
Introduction to WebSocketsSteve Agalloco
 
ARTDM 171, Week 2: A Brief History + Web Basics
ARTDM 171, Week 2: A Brief History + Web BasicsARTDM 171, Week 2: A Brief History + Web Basics
ARTDM 171, Week 2: A Brief History + Web BasicsGilbert Guerrero
 
Node.js Patterns and Opinions
Node.js Patterns and OpinionsNode.js Patterns and Opinions
Node.js Patterns and OpinionsIsaacSchlueter
 
Confessions of a java developer that fell in love with the groovy language
Confessions of a java developer that fell in love with the groovy languageConfessions of a java developer that fell in love with the groovy language
Confessions of a java developer that fell in love with the groovy languageVictor Trakhtenberg
 
Web technologies for desktop development @ berlinjs apps
Web technologies for desktop development @ berlinjs appsWeb technologies for desktop development @ berlinjs apps
Web technologies for desktop development @ berlinjs appsDarko Kukovec
 
Using Javascript in today's world
Using Javascript in today's worldUsing Javascript in today's world
Using Javascript in today's worldSudar Muthu
 
The ideal module system and the harsh reality
The ideal module system and the harsh realityThe ideal module system and the harsh reality
The ideal module system and the harsh realityAdam Warski
 
Tomboy Web Sync Explained
Tomboy Web Sync ExplainedTomboy Web Sync Explained
Tomboy Web Sync ExplainedMohan Krishnan
 

Mais procurados (20)

Selenium bootcamp slides
Selenium bootcamp slides Selenium bootcamp slides
Selenium bootcamp slides
 
PLAT-7 Spring Web Scripts and Spring Surf
PLAT-7 Spring Web Scripts and Spring SurfPLAT-7 Spring Web Scripts and Spring Surf
PLAT-7 Spring Web Scripts and Spring Surf
 
The Same-Origin Saga
The Same-Origin SagaThe Same-Origin Saga
The Same-Origin Saga
 
Why Plone Will Die
Why Plone Will DieWhy Plone Will Die
Why Plone Will Die
 
Finding Restfulness - Madrid.rb April 2014
Finding Restfulness - Madrid.rb April 2014Finding Restfulness - Madrid.rb April 2014
Finding Restfulness - Madrid.rb April 2014
 
Code for Startup MVP (Ruby on Rails) Session 1
Code for Startup MVP (Ruby on Rails) Session 1Code for Startup MVP (Ruby on Rails) Session 1
Code for Startup MVP (Ruby on Rails) Session 1
 
Ruby Kansai #35 About RubyKaigi2009 ujihisa
Ruby Kansai #35 About RubyKaigi2009 ujihisaRuby Kansai #35 About RubyKaigi2009 ujihisa
Ruby Kansai #35 About RubyKaigi2009 ujihisa
 
Introduction to WebSockets
Introduction to WebSocketsIntroduction to WebSockets
Introduction to WebSockets
 
ARTDM 171, Week 2: A Brief History + Web Basics
ARTDM 171, Week 2: A Brief History + Web BasicsARTDM 171, Week 2: A Brief History + Web Basics
ARTDM 171, Week 2: A Brief History + Web Basics
 
Python assignment help
Python assignment helpPython assignment help
Python assignment help
 
Node.js Patterns and Opinions
Node.js Patterns and OpinionsNode.js Patterns and Opinions
Node.js Patterns and Opinions
 
CSS 201
CSS 201CSS 201
CSS 201
 
Confessions of a java developer that fell in love with the groovy language
Confessions of a java developer that fell in love with the groovy languageConfessions of a java developer that fell in love with the groovy language
Confessions of a java developer that fell in love with the groovy language
 
Web technologies for desktop development @ berlinjs apps
Web technologies for desktop development @ berlinjs appsWeb technologies for desktop development @ berlinjs apps
Web technologies for desktop development @ berlinjs apps
 
Node and Azure
Node and AzureNode and Azure
Node and Azure
 
Lo4
Lo4Lo4
Lo4
 
Ruby tutorial
Ruby tutorialRuby tutorial
Ruby tutorial
 
Using Javascript in today's world
Using Javascript in today's worldUsing Javascript in today's world
Using Javascript in today's world
 
The ideal module system and the harsh reality
The ideal module system and the harsh realityThe ideal module system and the harsh reality
The ideal module system and the harsh reality
 
Tomboy Web Sync Explained
Tomboy Web Sync ExplainedTomboy Web Sync Explained
Tomboy Web Sync Explained
 

Semelhante a A Re-Introduction to Third-Party Scripting

2011 june-kuala-lumpur-gtug-hackathon
2011 june-kuala-lumpur-gtug-hackathon2011 june-kuala-lumpur-gtug-hackathon
2011 june-kuala-lumpur-gtug-hackathonikailan
 
Symfony2: Get your project started
Symfony2: Get your project startedSymfony2: Get your project started
Symfony2: Get your project startedRyan Weaver
 
AFNetworking
AFNetworking AFNetworking
AFNetworking joaopmaia
 
Intro to HTML5 Game Programming
Intro to HTML5 Game ProgrammingIntro to HTML5 Game Programming
Intro to HTML5 Game ProgrammingJames Williams
 
Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012
Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012
Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012kennethaliu
 
Sean coates fifty things and tricks, confoo 2011
Sean coates fifty things and tricks, confoo 2011Sean coates fifty things and tricks, confoo 2011
Sean coates fifty things and tricks, confoo 2011Bachkoutou Toutou
 
Front end for back end developers
Front end for back end developersFront end for back end developers
Front end for back end developersWojciech Bednarski
 
Apcug 2011 07-17-intro_to_drupal_jeff_schuler
Apcug 2011 07-17-intro_to_drupal_jeff_schulerApcug 2011 07-17-intro_to_drupal_jeff_schuler
Apcug 2011 07-17-intro_to_drupal_jeff_schulerhewie
 
Intridea & open source
Intridea & open sourceIntridea & open source
Intridea & open sourceDaniel Lv
 
Toolset of Beansmile
Toolset of BeansmileToolset of Beansmile
Toolset of Beansmileleondu
 
Creating a Global E-Commerce Website With E-Business Suite and Fusion Middleware
Creating a Global E-Commerce Website With E-Business Suite and Fusion MiddlewareCreating a Global E-Commerce Website With E-Business Suite and Fusion Middleware
Creating a Global E-Commerce Website With E-Business Suite and Fusion MiddlewareBrian Huff
 
WordPress Gallery Themes & Plugins
WordPress Gallery Themes & PluginsWordPress Gallery Themes & Plugins
WordPress Gallery Themes & PluginsNoel Saw
 

Semelhante a A Re-Introduction to Third-Party Scripting (20)

2011 june-kuala-lumpur-gtug-hackathon
2011 june-kuala-lumpur-gtug-hackathon2011 june-kuala-lumpur-gtug-hackathon
2011 june-kuala-lumpur-gtug-hackathon
 
Capitol js
Capitol jsCapitol js
Capitol js
 
Symfony2: Get your project started
Symfony2: Get your project startedSymfony2: Get your project started
Symfony2: Get your project started
 
AFNetworking
AFNetworking AFNetworking
AFNetworking
 
Pocket Knife JS
Pocket Knife JSPocket Knife JS
Pocket Knife JS
 
Intro to HTML5 Game Programming
Intro to HTML5 Game ProgrammingIntro to HTML5 Game Programming
Intro to HTML5 Game Programming
 
Iwmn architecture
Iwmn architectureIwmn architecture
Iwmn architecture
 
Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012
Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012
Modularizing your Grails Application with Private Plugins - SpringOne 2GX 2012
 
HTML5, are we there yet?
HTML5, are we there yet?HTML5, are we there yet?
HTML5, are we there yet?
 
Sean coates fifty things and tricks, confoo 2011
Sean coates fifty things and tricks, confoo 2011Sean coates fifty things and tricks, confoo 2011
Sean coates fifty things and tricks, confoo 2011
 
eZ Publish nextgen
eZ Publish nextgeneZ Publish nextgen
eZ Publish nextgen
 
Front end for back end developers
Front end for back end developersFront end for back end developers
Front end for back end developers
 
Apcug 2011 07-17-intro_to_drupal_jeff_schuler
Apcug 2011 07-17-intro_to_drupal_jeff_schulerApcug 2011 07-17-intro_to_drupal_jeff_schuler
Apcug 2011 07-17-intro_to_drupal_jeff_schuler
 
Intridea & open source
Intridea & open sourceIntridea & open source
Intridea & open source
 
HTML5 and Sencha Touch
HTML5 and Sencha TouchHTML5 and Sencha Touch
HTML5 and Sencha Touch
 
DjangoSki
DjangoSkiDjangoSki
DjangoSki
 
Toolset of Beansmile
Toolset of BeansmileToolset of Beansmile
Toolset of Beansmile
 
Web API's World
Web API's WorldWeb API's World
Web API's World
 
Creating a Global E-Commerce Website With E-Business Suite and Fusion Middleware
Creating a Global E-Commerce Website With E-Business Suite and Fusion MiddlewareCreating a Global E-Commerce Website With E-Business Suite and Fusion Middleware
Creating a Global E-Commerce Website With E-Business Suite and Fusion Middleware
 
WordPress Gallery Themes & Plugins
WordPress Gallery Themes & PluginsWordPress Gallery Themes & Plugins
WordPress Gallery Themes & Plugins
 

Último

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 

Último (20)

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 

A Re-Introduction to Third-Party Scripting

  • 1. a re-introduction to third-party scripting techtalksTO Sunday, September 18, 2011
  • 2. who invited this guy? • name’s ben • former torontonian • working at disqus in san francisco Sunday, September 18, 2011
  • 3. DISQUS • dis·cuss • dĭ-skŭs' • third-party commenting platform • customers: CNN, MLB, IGN, and other exciting acronyms • 500 million visitors/month Sunday, September 18, 2011
  • 5. third-party scripts • js written by someone else • executing on your website • loaded from a remote server Sunday, September 18, 2011
  • 7. simple concept, powerful results Sunday, September 18, 2011
  • 8. ad scripts Google AdSense (http://adsense.com) Sunday, September 18, 2011
  • 9. analytics CrazyEgg (http://crazyegg.com) Sunday, September 18, 2011
  • 10. embedded widgets Disqus (http://disqus.com) Sunday, September 18, 2011
  • 11. widgets cont’d Guestlist (http://guestlistapp.com) Sunday, September 18, 2011
  • 12. browser plugins Rapportive (http://rapportive.com) Sunday, September 18, 2011
  • 13. js apis/sdks LinkedIn (http://developer.linkedin.com/javascript) Sunday, September 18, 2011
  • 14. writing them != easy • operate in unknown, uncontrolled environment • shared DOM, globals • browser limitations • debugging remote sites is hard Sunday, September 18, 2011
  • 15. the good news Sunday, September 18, 2011
  • 16. it’s getting better • new browser features • newly discovered techniques (hacks) • powerful new open source libraries • published literature? Sunday, September 18, 2011
  • 17. let’s take the tour Sunday, September 18, 2011
  • 19. blocking includes • standard script includes block rendering • giving us a bad rep! • culprit: document.write Sunday, September 18, 2011
  • 21. example: github gists Sunday, September 18, 2011
  • 23. HTML5’s async attr Sunday, September 18, 2011
  • 25. async browser support • Firefox 3.6+ • Chrome 7+ • Safari 5.0 • IE 10 (!) • Notably absent: Opera Sunday, September 18, 2011
  • 26. dynamic script creation Sunday, September 18, 2011
  • 27. first impressions count • hard to get website owners to update their script includes • people are still using blocking disqus include (deprecated mid-2009) • who still uses blocking GA include? Sunday, September 18, 2011
  • 29. global collisions • unknown scripts executing on same page • may introduce conflicting variables • DOM queries may inadvertently select your elements (or vice versa) Sunday, September 18, 2011
  • 30. namespace your js! Sunday, September 18, 2011
  • 31. bonus points: html • id=”dsq-comment-8” • class=”dsq-comment” • data-dsq-username=”jimbob” • Bad: class=”dsq-comment active” Sunday, September 18, 2011
  • 32. js libs • you should use ‘em • what if they already exist on the page? Sunday, September 18, 2011
  • 33. $.noConflict • utility method for assigning jQuery global ($) to a variable • great for namespacing • becoming a standard pattern Sunday, September 18, 2011
  • 34. libs w/ noConflict • LABjs • Underscore.js • Backbone.js • Ender.js and its assoc. microlibs • easyXDM Sunday, September 18, 2011
  • 36. sandboxing • run your code inside a src-less iframe • clean js environment • no global state leak Sunday, September 18, 2011
  • 37. twitter @anywhere • twitter widget library • supports multiple lib versions/ instances per page • each version is sandboxed in a separate iframe Sunday, September 18, 2011
  • 38. twitter @anywhere iframe A iframe B Sunday, September 18, 2011
  • 39. hiro.js • QUnit-like js testing library • each test suite runs in a new iframe • optional: seed iframe environment Hiro (http://github.com/antonkovalyov/hiro) Sunday, September 18, 2011
  • 41. cross-domain ajax • can’t initiate XmlHttpRequest from foo.com to bar.com • same-origin policy (host, port, protocol) • subdomains a ected too Sunday, September 18, 2011
  • 42. w/o same-origin pol. • What if I hosted a page with the following ... Sunday, September 18, 2011
  • 43. CORS • Cross-Origin Resource Sharing • special http headers that permit XD access to resources • W3C working draft • Firefox 3.5+, Chrome 3+, Safari 4+, IE8+ Sunday, September 18, 2011
  • 44. CORS headers Cors Example (http://saltybeagle.com/cors) Sunday, September 18, 2011
  • 45. JSONP • load JSON using <script> elements • script element bypasses same-origin policy • built-in helpers in most js frameworks Sunday, September 18, 2011
  • 48. JSONP cont’d • only supports GET requests • script loading can’t detect 400, 500 errors (rely on timeouts) • caching complications when generating new response each time Sunday, September 18, 2011
  • 49. postMessage • HTML5 API for cross-window communication • works with iframes, new windows • Firefox 3+, Safari 4+, Chrome (all), IE8+ Sunday, September 18, 2011
  • 50. postMessage foo.com bar.com Sunday, September 18, 2011
  • 51. iframe tunnels foo.com postMessage bar.com/ xhr tunnel.html bar.com/api Sunday, September 18, 2011
  • 52. easyXDM • postMessage-like API for window objs • uses Flash, obscure transport protocols when postMessage is n/a • wider browser support • Disqus, Twitter, Scribd, LinkedIn ... easyXDM (http://easyxdm.net) Sunday, September 18, 2011
  • 54. how do you debug this mess? Sunday, September 18, 2011
  • 55. switches • serve unminified js for specific sites, users* Sunday, September 18, 2011
  • 56. proxies • send all http tra c to a proxy server • rewrite production urls • from widget.com to ... • localhost • staging.widget.com • newfeature.staging.widget.com Sunday, September 18, 2011
  • 58. thanks • @bentlegen • disqus is hiring js/python/django in san francisco • (canadians welcome) • book coming early 2018 Sunday, September 18, 2011