SlideShare uma empresa Scribd logo

Enterprise JavaScript Error Handling (Ajax Experience 2008)

Nicholas Zakas
Nicholas Zakas

My presentation at Ajax Experience 2008 about error handling strategies for JavaScript.

TecnologiaEsportes
1 de 52
Baixar para ler offline
E nterpris e JavaS cript E rror Handling Nicholas C . Zakas P rincipal Front E nd E ngineer, Yahoo!
Who's this g uy? • P rincipal Front E nd E ngineer, Yahoo! Front P age • YUI C ontributor • Author
Ques tion: What do us ers s ee when there's a JavaS cript error on a web pag e?
Ans wer: Nothing !*
“If an error is possible, someone will make it. The designer must assume that all possible errors will occur and design so as to minimize the chance of the error in the first place, or its effects once it gets made. E rrors should be easy to detect, they should have minimal consequences, and, if possible, their effects should be reversible.” -D onald A. Norman The D esign of E veryday Things
R ule #1: As s ume your code will fail
My code is beautiful and never fails
As s umption? • What if destination is null? • What if source is null?
R ule #2: Log errors to the s erver
S imple Log g ing
R ule #3: You, not the brows er, handle errors
try-catch • Thrown errors contain extra information • E rrors that are caught are considered to have been handled
window.onerror • Last stop before browser responds • R eturn true to indicate not to respond • O nly supported in Internet E xplorer and Firefox
E rror Lifecycle Browser Error window.onerror try-catch Error
R ule #4: Identify where errors mig ht occur
Types of E rrors • Type coercion errors
Type C oercion E rrors
Types of E rrors • Type coercion errors • D ata type errors
Data Type E rrors • O ften occurs with function arguments • Typically a symptom of insufficient value checking
Data Type E rrors
Data Type E rrors
Data Type E rrors - Fixed
Data Type E rrors - Fixed
Types of E rrors • Type coercion errors • D ata type errors • C ommunication errors
C ommunication E rrors • Invalid UR L/post data • S erver response status • No network connection • S erver response content
Invalid UR L/Pos t Data • Typically long string concatenations • D on't forget to use encodeUR IC omponent() on each part – Not encodeUR I() • M ake sure parameters are named correctly
S erver R es pons e S tatus • 200 is not the only valid status that may be returned – Beware of 304 • Any other status means you didn't get data
S erver R es pons e S tatus
No Network C onnection • Internet E xplorer throws an error when calling open() but then goes through normal lifecycle • Firefox fails silently but throws an error if you try to access any response property (status, statusText, responseText)
No Network C onnection
S erver R es pons e C ontent • A status of 200/ 304 is not enough • S erver errors often return HTM L • If possible, set status to 500
R ule #5: Throw your own errors
Throw Your Own E rrors
B rows er R es ponds
Throw or Try-C atch? • E rrors should be thrown in the low-level parts of the application – Utilities, core libraries, etc. • Use try-catch blocks in higher level parts – Application-specific – C lient-side business logic
R ule #6: Dis ting uis h fatal vers us non- fatal
Non-Fatal E rrors • Won't interfere with user's main tasks • Affects only a portion of the page – E asily disabled/ignored • R ecovery is possible • A repeat of the action may result in the appropriate result • D on't tell the user it isn't working unless absolutely necessary
Fatal E rrors • The application absolutely cannot continue • S ignificantly interferes with user's ability to be productive • O ther errors will occur if the application continues • M essage the user immediately! • R eload
Fatal or Non-Fatal? • D on't allow your code to determine what is and is not fatal – Watch out for loops • The user's experience comes first
Fatal or Non-Fatal?
R ule #7: Provide a debug mode
Debug Mode • Assign a variable that is globally available • try-catch should re-throw the error • window.onerror should return false • Allow the browser to handle the error
Debug Mode
Debug Mode
S ummary
R ules 1.Assume your code will fail 2.Log errors to the server 3.You, not the browser, handle errors 4.Identify where errors might occur 5.Throw your own errors 6.D istinguish fatal versus non-fatal 7.P rovide a debug mode
Ques tions ?
E tcetera • M y blog: www.nczonline.net • M y email: nzakas@ yahoo-inc.com
Happy debug g ing !
C reative C ommons Imag es Us edcrazytales562/25148 • http:/www.flickr.com/ / photos/ 43252/ • http:/flickr.com/ / photos/waldoj/126354436/ • http:/flickr.com/ / photos/markhillary/289294549/ • http:/flickr.com/ / photos/3fold/437853495/ • http:/flickr.com/ / photos/ianhampton/ 65178598/ • http:/flickr.com/ / photos/joshlewis/1596018210/ • http:/flickr.com/ / photos/oberazzi/318947873/ • http:/flickr.com/ / photos/ 27061495/ mc/

Recomendados

Simplified Security Code Review Process
Simplified Security Code Review ProcessSimplified Security Code Review Process
Simplified Security Code Review ProcessSherif Koussa
 
OWASP Top 10 - The Ten Most Critical Web Application Security Risks
OWASP Top 10 - The Ten Most Critical Web Application Security RisksOWASP Top 10 - The Ten Most Critical Web Application Security Risks
OWASP Top 10 - The Ten Most Critical Web Application Security RisksAll Things Open
 
Practical Malware Analysis Ch13
Practical Malware Analysis Ch13Practical Malware Analysis Ch13
Practical Malware Analysis Ch13Sam Bowne
 
OWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application VulnerabilitiesOWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application VulnerabilitiesSoftware Guru
 
"15 Technique to Exploit File Upload Pages", Ebrahim Hegazy
"15 Technique to Exploit File Upload Pages", Ebrahim Hegazy"15 Technique to Exploit File Upload Pages", Ebrahim Hegazy
"15 Technique to Exploit File Upload Pages", Ebrahim HegazyHackIT Ukraine
 
Implementing Vulnerability Management
Implementing Vulnerability Management Implementing Vulnerability Management
Implementing Vulnerability Management Argyle Executive Forum
 
Software Development with PHP & Laravel
Software Development with PHP & LaravelSoftware Development with PHP & Laravel
Software Development with PHP & LaravelJuan Victor Minaya León
 
Owasp zap
Owasp zapOwasp zap
Owasp zapColdFusionConference
 

Recomendados

Simplified Security Code Review Process
Simplified Security Code Review ProcessSimplified Security Code Review Process
Simplified Security Code Review ProcessSherif Koussa
 
OWASP Top 10 - The Ten Most Critical Web Application Security Risks
OWASP Top 10 - The Ten Most Critical Web Application Security RisksOWASP Top 10 - The Ten Most Critical Web Application Security Risks
OWASP Top 10 - The Ten Most Critical Web Application Security RisksAll Things Open
 
Practical Malware Analysis Ch13
Practical Malware Analysis Ch13Practical Malware Analysis Ch13
Practical Malware Analysis Ch13Sam Bowne
 
OWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application VulnerabilitiesOWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application VulnerabilitiesSoftware Guru
 
"15 Technique to Exploit File Upload Pages", Ebrahim Hegazy
"15 Technique to Exploit File Upload Pages", Ebrahim Hegazy"15 Technique to Exploit File Upload Pages", Ebrahim Hegazy
"15 Technique to Exploit File Upload Pages", Ebrahim HegazyHackIT Ukraine
 
Implementing Vulnerability Management
Implementing Vulnerability Management Implementing Vulnerability Management
Implementing Vulnerability Management Argyle Executive Forum
 
Software Development with PHP & Laravel
Software Development with PHP & LaravelSoftware Development with PHP & Laravel
Software Development with PHP & LaravelJuan Victor Minaya León
 
Owasp zap
Owasp zapOwasp zap
Owasp zapColdFusionConference
 
Intro to Pentesting Jenkins
Intro to Pentesting JenkinsIntro to Pentesting Jenkins
Intro to Pentesting JenkinsBrian Hysell
 
Golang Vs Rust
Golang Vs Rust Golang Vs Rust
Golang Vs Rust Simplilearn
 
What should a hacker know about WebDav?
What should a hacker know about WebDav?What should a hacker know about WebDav?
What should a hacker know about WebDav?Mikhail Egorov
 
OSI Layer Security
OSI Layer SecurityOSI Layer Security
OSI Layer SecurityNurkholish Halim
 
Neat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protectionNeat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protectionMikhail Egorov
 
A story of the passive aggressive sysadmin of AEM
A story of the passive aggressive sysadmin of AEMA story of the passive aggressive sysadmin of AEM
A story of the passive aggressive sysadmin of AEMFrans Rosén
 
Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020Moataz Kamel
 
Threat Modelling
Threat ModellingThreat Modelling
Threat Modellingn|u - The Open Security Community
 
CI integración continua
CI integración continuaCI integración continua
CI integración continuaMariano German Egui
 
Exploratory Testing
Exploratory TestingExploratory Testing
Exploratory Testingsriks7
 
OWASP Top Ten
OWASP Top TenOWASP Top Ten
OWASP Top TenChristian Heinrich
 
Zap vs burp
Zap vs burpZap vs burp
Zap vs burpTomasz Fajks
 
Introduction to threat_modeling
Introduction to threat_modelingIntroduction to threat_modeling
Introduction to threat_modelingPrabath Siriwardena
 
44CON 2014 - Meterpreter Internals, OJ Reeves
44CON 2014 - Meterpreter Internals, OJ Reeves44CON 2014 - Meterpreter Internals, OJ Reeves
44CON 2014 - Meterpreter Internals, OJ Reeves44CON
 
Spring test mvc 발표자료
Spring test mvc 발표자료Spring test mvc 발표자료
Spring test mvc 발표자료수홍 이
 
5 Important Secure Coding Practices
5 Important Secure Coding Practices5 Important Secure Coding Practices
5 Important Secure Coding PracticesThomas Kurian Ambattu,CRISC,ISLA-2011 (ISC)²
 
OWASP Secure Coding Practices - Quick Reference Guide
OWASP Secure Coding Practices - Quick Reference GuideOWASP Secure Coding Practices - Quick Reference Guide
OWASP Secure Coding Practices - Quick Reference GuideLudovic Petit
 
Cucumber ppt
Cucumber pptCucumber ppt
Cucumber pptQwinix Technologies
 
OWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewOWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewMichael Furman
 
Copy & Pest - A case-study on the clipboard, blind trust and invisible cross-...
Copy & Pest - A case-study on the clipboard, blind trust and invisible cross-...Copy & Pest - A case-study on the clipboard, blind trust and invisible cross-...
Copy & Pest - A case-study on the clipboard, blind trust and invisible cross-...Mario Heiderich
 
How Not To Code Flex Applications
How Not To Code Flex ApplicationsHow Not To Code Flex Applications
How Not To Code Flex Applicationsjeff tapper
 
Variables & Expressions
Variables & ExpressionsVariables & Expressions
Variables & ExpressionsRich Price
 

Mais conteúdo relacionado

Mais procurados

Intro to Pentesting Jenkins
Intro to Pentesting JenkinsIntro to Pentesting Jenkins
Intro to Pentesting JenkinsBrian Hysell
 
What should a hacker know about WebDav?
What should a hacker know about WebDav?What should a hacker know about WebDav?
What should a hacker know about WebDav?Mikhail Egorov
 
Neat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protectionNeat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protectionMikhail Egorov
 
A story of the passive aggressive sysadmin of AEM
A story of the passive aggressive sysadmin of AEMA story of the passive aggressive sysadmin of AEM
A story of the passive aggressive sysadmin of AEMFrans Rosén
 
Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020Moataz Kamel
 
Exploratory Testing
Exploratory TestingExploratory Testing
Exploratory Testingsriks7
 
44CON 2014 - Meterpreter Internals, OJ Reeves
44CON 2014 - Meterpreter Internals, OJ Reeves44CON 2014 - Meterpreter Internals, OJ Reeves
44CON 2014 - Meterpreter Internals, OJ Reeves44CON
 
Spring test mvc 발표자료
Spring test mvc 발표자료Spring test mvc 발표자료
Spring test mvc 발표자료수홍 이
 
OWASP Secure Coding Practices - Quick Reference Guide
OWASP Secure Coding Practices - Quick Reference GuideOWASP Secure Coding Practices - Quick Reference Guide
OWASP Secure Coding Practices - Quick Reference GuideLudovic Petit
 
OWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewOWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewMichael Furman
 
Copy & Pest - A case-study on the clipboard, blind trust and invisible cross-...
Copy & Pest - A case-study on the clipboard, blind trust and invisible cross-...Copy & Pest - A case-study on the clipboard, blind trust and invisible cross-...
Copy & Pest - A case-study on the clipboard, blind trust and invisible cross-...Mario Heiderich
 

Mais procurados (20)

Intro to Pentesting Jenkins
Intro to Pentesting JenkinsIntro to Pentesting Jenkins
Intro to Pentesting Jenkins
 
Golang Vs Rust
Golang Vs Rust Golang Vs Rust
Golang Vs Rust
 
What should a hacker know about WebDav?
What should a hacker know about WebDav?What should a hacker know about WebDav?
What should a hacker know about WebDav?
 
OSI Layer Security
OSI Layer SecurityOSI Layer Security
OSI Layer Security
 
Neat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protectionNeat tricks to bypass CSRF-protection
Neat tricks to bypass CSRF-protection
 
A story of the passive aggressive sysadmin of AEM
A story of the passive aggressive sysadmin of AEMA story of the passive aggressive sysadmin of AEM
A story of the passive aggressive sysadmin of AEM
 
Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020
 
Threat Modelling
Threat ModellingThreat Modelling
Threat Modelling
 
CI integración continua
CI integración continuaCI integración continua
CI integración continua
 
Exploratory Testing
Exploratory TestingExploratory Testing
Exploratory Testing
 
OWASP Top Ten
OWASP Top TenOWASP Top Ten
OWASP Top Ten
 
Zap vs burp
Zap vs burpZap vs burp
Zap vs burp
 
Introduction to threat_modeling
Introduction to threat_modelingIntroduction to threat_modeling
Introduction to threat_modeling
 
44CON 2014 - Meterpreter Internals, OJ Reeves
44CON 2014 - Meterpreter Internals, OJ Reeves44CON 2014 - Meterpreter Internals, OJ Reeves
44CON 2014 - Meterpreter Internals, OJ Reeves
 
Spring test mvc 발표자료
Spring test mvc 발표자료Spring test mvc 발표자료
Spring test mvc 발표자료
 
5 Important Secure Coding Practices
5 Important Secure Coding Practices5 Important Secure Coding Practices
5 Important Secure Coding Practices
 
OWASP Secure Coding Practices - Quick Reference Guide
OWASP Secure Coding Practices - Quick Reference GuideOWASP Secure Coding Practices - Quick Reference Guide
OWASP Secure Coding Practices - Quick Reference Guide
 
Cucumber ppt
Cucumber pptCucumber ppt
Cucumber ppt
 
OWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewOWASP Top 10 2021 What's New
OWASP Top 10 2021 What's New
 
Copy & Pest - A case-study on the clipboard, blind trust and invisible cross-...
Copy & Pest - A case-study on the clipboard, blind trust and invisible cross-...Copy & Pest - A case-study on the clipboard, blind trust and invisible cross-...
Copy & Pest - A case-study on the clipboard, blind trust and invisible cross-...
 

Semelhante a Enterprise JavaScript Error Handling (Ajax Experience 2008)

How Not To Code Flex Applications
How Not To Code Flex ApplicationsHow Not To Code Flex Applications
How Not To Code Flex Applicationsjeff tapper
 
Variables & Expressions
Variables & ExpressionsVariables & Expressions
Variables & ExpressionsRich Price
 
Scripting Recipes for Testers
Scripting Recipes for TestersScripting Recipes for Testers
Scripting Recipes for TestersAdam Goucher
 
Presentations Unusual Java Bugs And Detecting Them Using Foss Tools
Presentations Unusual Java Bugs And Detecting Them Using Foss ToolsPresentations Unusual Java Bugs And Detecting Them Using Foss Tools
Presentations Unusual Java Bugs And Detecting Them Using Foss ToolsGanesh Samarthyam
 
The 7 Sins of Software Engineers in HEP
The 7 Sins of Software Engineers in HEPThe 7 Sins of Software Engineers in HEP
The 7 Sins of Software Engineers in HEPIoannis Baltopoulos
 
Fighting Software Inefficiency Through Automated Bug Detection
Fighting Software Inefficiency Through Automated Bug Detection Fighting Software Inefficiency Through Automated Bug Detection
Fighting Software Inefficiency Through Automated Bug DetectionMd E. Haque
 
So you want to be a red teamer
So you want to be a red teamerSo you want to be a red teamer
So you want to be a red teamerJorge Orchilles
 
7 Things People Do To Endanger Their Networks
7 Things People Do To Endanger Their Networks7 Things People Do To Endanger Their Networks
7 Things People Do To Endanger Their Networksjaymemcree
 
Webspam (English Version)
Webspam (English Version)Webspam (English Version)
Webspam (English Version)Dirk Haun
 
The Most Important Thing: How Mozilla Does Security and What You Can Steal
The Most Important Thing: How Mozilla Does Security and What You Can StealThe Most Important Thing: How Mozilla Does Security and What You Can Steal
The Most Important Thing: How Mozilla Does Security and What You Can Stealmozilla.presentations
 
Pownce Lessons Learned
Pownce Lessons LearnedPownce Lessons Learned
Pownce Lessons Learnedleahculver
 
Chat Smarter At Penn State
Chat Smarter At Penn StateChat Smarter At Penn State
Chat Smarter At Penn StateJohn Meier
 
Selected Sessions from RailsConf 2007
Selected Sessions from RailsConf 2007Selected Sessions from RailsConf 2007
Selected Sessions from RailsConf 2007Jerry Richardson
 
The Current State of Asynchronous Processing With Ruby
The Current State of Asynchronous Processing With RubyThe Current State of Asynchronous Processing With Ruby
The Current State of Asynchronous Processing With Rubymattmatt
 
A/B Testing That Matters
A/B Testing That MattersA/B Testing That Matters
A/B Testing That MattersBlake Commagere
 

Semelhante a Enterprise JavaScript Error Handling (Ajax Experience 2008) (20)

How Not To Code Flex Applications
How Not To Code Flex ApplicationsHow Not To Code Flex Applications
How Not To Code Flex Applications
 
Variables & Expressions
Variables & ExpressionsVariables & Expressions
Variables & Expressions
 
Scripting Recipes for Testers
Scripting Recipes for TestersScripting Recipes for Testers
Scripting Recipes for Testers
 
Presentations Unusual Java Bugs And Detecting Them Using Foss Tools
Presentations Unusual Java Bugs And Detecting Them Using Foss ToolsPresentations Unusual Java Bugs And Detecting Them Using Foss Tools
Presentations Unusual Java Bugs And Detecting Them Using Foss Tools
 
The 7 Sins of Software Engineers in HEP
The 7 Sins of Software Engineers in HEPThe 7 Sins of Software Engineers in HEP
The 7 Sins of Software Engineers in HEP
 
Fighting Software Inefficiency Through Automated Bug Detection
Fighting Software Inefficiency Through Automated Bug Detection Fighting Software Inefficiency Through Automated Bug Detection
Fighting Software Inefficiency Through Automated Bug Detection
 
So you want to be a red teamer
So you want to be a red teamerSo you want to be a red teamer
So you want to be a red teamer
 
7 Things People Do To Endanger Their Networks
7 Things People Do To Endanger Their Networks7 Things People Do To Endanger Their Networks
7 Things People Do To Endanger Their Networks
 
PHP - Introduction to PHP Bugs - Debugging
PHP - Introduction to PHP Bugs - DebuggingPHP - Introduction to PHP Bugs - Debugging
PHP - Introduction to PHP Bugs - Debugging
 
Webspam (English Version)
Webspam (English Version)Webspam (English Version)
Webspam (English Version)
 
Week8
Week8Week8
Week8
 
The Most Important Thing: How Mozilla Does Security and What You Can Steal
The Most Important Thing: How Mozilla Does Security and What You Can StealThe Most Important Thing: How Mozilla Does Security and What You Can Steal
The Most Important Thing: How Mozilla Does Security and What You Can Steal
 
Revisited
RevisitedRevisited
Revisited
 
Pownce Lessons Learned
Pownce Lessons LearnedPownce Lessons Learned
Pownce Lessons Learned
 
Handle the error
Handle the errorHandle the error
Handle the error
 
Chat Smarter At Penn State
Chat Smarter At Penn StateChat Smarter At Penn State
Chat Smarter At Penn State
 
Cheesecake
CheesecakeCheesecake
Cheesecake
 
Selected Sessions from RailsConf 2007
Selected Sessions from RailsConf 2007Selected Sessions from RailsConf 2007
Selected Sessions from RailsConf 2007
 
The Current State of Asynchronous Processing With Ruby
The Current State of Asynchronous Processing With RubyThe Current State of Asynchronous Processing With Ruby
The Current State of Asynchronous Processing With Ruby
 
A/B Testing That Matters
A/B Testing That MattersA/B Testing That Matters
A/B Testing That Matters
 

Mais de Nicholas Zakas

Browser Wars Episode 1: The Phantom Menace
Browser Wars Episode 1: The Phantom MenaceBrowser Wars Episode 1: The Phantom Menace
Browser Wars Episode 1: The Phantom MenaceNicholas Zakas
 
Enough with the JavaScript already!
Enough with the JavaScript already!Enough with the JavaScript already!
Enough with the JavaScript already!Nicholas Zakas
 
JavaScript APIs you’ve never heard of (and some you have)
JavaScript APIs you’ve never heard of (and some you have)JavaScript APIs you’ve never heard of (and some you have)
JavaScript APIs you’ve never heard of (and some you have)Nicholas Zakas
 
JavaScript Timers, Power Consumption, and Performance
JavaScript Timers, Power Consumption, and PerformanceJavaScript Timers, Power Consumption, and Performance
JavaScript Timers, Power Consumption, and PerformanceNicholas Zakas
 
Scalable JavaScript Application Architecture 2012
Scalable JavaScript Application Architecture 2012Scalable JavaScript Application Architecture 2012
Scalable JavaScript Application Architecture 2012Nicholas Zakas
 
Maintainable JavaScript 2012
Maintainable JavaScript 2012Maintainable JavaScript 2012
Maintainable JavaScript 2012Nicholas Zakas
 
High Performance JavaScript (CapitolJS 2011)
High Performance JavaScript (CapitolJS 2011)High Performance JavaScript (CapitolJS 2011)
High Performance JavaScript (CapitolJS 2011)Nicholas Zakas
 
Maintainable JavaScript 2011
Maintainable JavaScript 2011Maintainable JavaScript 2011
Maintainable JavaScript 2011Nicholas Zakas
 
High Performance JavaScript 2011
High Performance JavaScript 2011High Performance JavaScript 2011
High Performance JavaScript 2011Nicholas Zakas
 
Mobile Web Speed Bumps
Mobile Web Speed BumpsMobile Web Speed Bumps
Mobile Web Speed BumpsNicholas Zakas
 
High Performance JavaScript (Amazon DevCon 2011)
High Performance JavaScript (Amazon DevCon 2011)High Performance JavaScript (Amazon DevCon 2011)
High Performance JavaScript (Amazon DevCon 2011)Nicholas Zakas
 
Progressive Enhancement 2.0 (Conference Agnostic)
Progressive Enhancement 2.0 (Conference Agnostic)Progressive Enhancement 2.0 (Conference Agnostic)
Progressive Enhancement 2.0 (Conference Agnostic)Nicholas Zakas
 
Progressive Enhancement 2.0 (jQuery Conference SF Bay Area 2011)
Progressive Enhancement 2.0 (jQuery Conference SF Bay Area 2011)Progressive Enhancement 2.0 (jQuery Conference SF Bay Area 2011)
Progressive Enhancement 2.0 (jQuery Conference SF Bay Area 2011)Nicholas Zakas
 
YUI Test The Next Generation (YUIConf 2010)
YUI Test The Next Generation (YUIConf 2010)YUI Test The Next Generation (YUIConf 2010)
YUI Test The Next Generation (YUIConf 2010)Nicholas Zakas
 
High Performance JavaScript (YUIConf 2010)
High Performance JavaScript (YUIConf 2010)High Performance JavaScript (YUIConf 2010)
High Performance JavaScript (YUIConf 2010)Nicholas Zakas
 
High Performance JavaScript - Fronteers 2010
High Performance JavaScript - Fronteers 2010High Performance JavaScript - Fronteers 2010
High Performance JavaScript - Fronteers 2010Nicholas Zakas
 
Nicholas' Performance Talk at Google
Nicholas' Performance Talk at GoogleNicholas' Performance Talk at Google
Nicholas' Performance Talk at GoogleNicholas Zakas
 
High Performance JavaScript - WebDirections USA 2010
High Performance JavaScript - WebDirections USA 2010High Performance JavaScript - WebDirections USA 2010
High Performance JavaScript - WebDirections USA 2010Nicholas Zakas
 
Performance on the Yahoo! Homepage
Performance on the Yahoo! HomepagePerformance on the Yahoo! Homepage
Performance on the Yahoo! HomepageNicholas Zakas
 

Mais de Nicholas Zakas (20)

Browser Wars Episode 1: The Phantom Menace
Browser Wars Episode 1: The Phantom MenaceBrowser Wars Episode 1: The Phantom Menace
Browser Wars Episode 1: The Phantom Menace
 
Enough with the JavaScript already!
Enough with the JavaScript already!Enough with the JavaScript already!
Enough with the JavaScript already!
 
The Pointerless Web
The Pointerless WebThe Pointerless Web
The Pointerless Web
 
JavaScript APIs you’ve never heard of (and some you have)
JavaScript APIs you’ve never heard of (and some you have)JavaScript APIs you’ve never heard of (and some you have)
JavaScript APIs you’ve never heard of (and some you have)
 
JavaScript Timers, Power Consumption, and Performance
JavaScript Timers, Power Consumption, and PerformanceJavaScript Timers, Power Consumption, and Performance
JavaScript Timers, Power Consumption, and Performance
 
Scalable JavaScript Application Architecture 2012
Scalable JavaScript Application Architecture 2012Scalable JavaScript Application Architecture 2012
Scalable JavaScript Application Architecture 2012
 
Maintainable JavaScript 2012
Maintainable JavaScript 2012Maintainable JavaScript 2012
Maintainable JavaScript 2012
 
High Performance JavaScript (CapitolJS 2011)
High Performance JavaScript (CapitolJS 2011)High Performance JavaScript (CapitolJS 2011)
High Performance JavaScript (CapitolJS 2011)
 
Maintainable JavaScript 2011
Maintainable JavaScript 2011Maintainable JavaScript 2011
Maintainable JavaScript 2011
 
High Performance JavaScript 2011
High Performance JavaScript 2011High Performance JavaScript 2011
High Performance JavaScript 2011
 
Mobile Web Speed Bumps
Mobile Web Speed BumpsMobile Web Speed Bumps
Mobile Web Speed Bumps
 
High Performance JavaScript (Amazon DevCon 2011)
High Performance JavaScript (Amazon DevCon 2011)High Performance JavaScript (Amazon DevCon 2011)
High Performance JavaScript (Amazon DevCon 2011)
 
Progressive Enhancement 2.0 (Conference Agnostic)
Progressive Enhancement 2.0 (Conference Agnostic)Progressive Enhancement 2.0 (Conference Agnostic)
Progressive Enhancement 2.0 (Conference Agnostic)
 
Progressive Enhancement 2.0 (jQuery Conference SF Bay Area 2011)
Progressive Enhancement 2.0 (jQuery Conference SF Bay Area 2011)Progressive Enhancement 2.0 (jQuery Conference SF Bay Area 2011)
Progressive Enhancement 2.0 (jQuery Conference SF Bay Area 2011)
 
YUI Test The Next Generation (YUIConf 2010)
YUI Test The Next Generation (YUIConf 2010)YUI Test The Next Generation (YUIConf 2010)
YUI Test The Next Generation (YUIConf 2010)
 
High Performance JavaScript (YUIConf 2010)
High Performance JavaScript (YUIConf 2010)High Performance JavaScript (YUIConf 2010)
High Performance JavaScript (YUIConf 2010)
 
High Performance JavaScript - Fronteers 2010
High Performance JavaScript - Fronteers 2010High Performance JavaScript - Fronteers 2010
High Performance JavaScript - Fronteers 2010
 
Nicholas' Performance Talk at Google
Nicholas' Performance Talk at GoogleNicholas' Performance Talk at Google
Nicholas' Performance Talk at Google
 
High Performance JavaScript - WebDirections USA 2010
High Performance JavaScript - WebDirections USA 2010High Performance JavaScript - WebDirections USA 2010
High Performance JavaScript - WebDirections USA 2010
 
Performance on the Yahoo! Homepage
Performance on the Yahoo! HomepagePerformance on the Yahoo! Homepage
Performance on the Yahoo! Homepage
 

Último

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 

Último (20)

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 

Enterprise JavaScript Error Handling (Ajax Experience 2008)

  • 1. E nterpris e JavaS cript E rror Handling Nicholas C . Zakas P rincipal Front E nd E ngineer, Yahoo!
  • 2. Who's this g uy? • P rincipal Front E nd E ngineer, Yahoo! Front P age • YUI C ontributor • Author
  • 3. Ques tion: What do us ers s ee when there's a JavaS cript error on a web pag e?
  • 5. “If an error is possible, someone will make it. The designer must assume that all possible errors will occur and design so as to minimize the chance of the error in the first place, or its effects once it gets made. E rrors should be easy to detect, they should have minimal consequences, and, if possible, their effects should be reversible.” -D onald A. Norman The D esign of E veryday Things
  • 6. R ule #1: As s ume your code will fail
  • 7. My code is beautiful and never fails
  • 8. As s umption? • What if destination is null? • What if source is null?
  • 9. R ule #2: Log errors to the s erver
  • 10. S imple Log g ing
  • 11. R ule #3: You, not the brows er, handle errors
  • 12. try-catch • Thrown errors contain extra information • E rrors that are caught are considered to have been handled
  • 13. window.onerror • Last stop before browser responds • R eturn true to indicate not to respond • O nly supported in Internet E xplorer and Firefox
  • 14. E rror Lifecycle Browser Error window.onerror try-catch Error
  • 15. R ule #4: Identify where errors mig ht occur
  • 16. Types of E rrors • Type coercion errors
  • 17. Type C oercion E rrors
  • 18. Types of E rrors • Type coercion errors • D ata type errors
  • 19. Data Type E rrors • O ften occurs with function arguments • Typically a symptom of insufficient value checking
  • 20. Data Type E rrors
  • 21. Data Type E rrors
  • 22. Data Type E rrors - Fixed
  • 23. Data Type E rrors - Fixed
  • 24. Types of E rrors • Type coercion errors • D ata type errors • C ommunication errors
  • 25. C ommunication E rrors • Invalid UR L/post data • S erver response status • No network connection • S erver response content
  • 26. Invalid UR L/Pos t Data • Typically long string concatenations • D on't forget to use encodeUR IC omponent() on each part – Not encodeUR I() • M ake sure parameters are named correctly
  • 27. S erver R es pons e S tatus • 200 is not the only valid status that may be returned – Beware of 304 • Any other status means you didn't get data
  • 28. S erver R es pons e S tatus
  • 29. No Network C onnection • Internet E xplorer throws an error when calling open() but then goes through normal lifecycle • Firefox fails silently but throws an error if you try to access any response property (status, statusText, responseText)
  • 30. No Network C onnection
  • 31. S erver R es pons e C ontent • A status of 200/ 304 is not enough • S erver errors often return HTM L • If possible, set status to 500
  • 32. R ule #5: Throw your own errors
  • 33. Throw Your Own E rrors
  • 34. B rows er R es ponds
  • 35. Throw or Try-C atch? • E rrors should be thrown in the low-level parts of the application – Utilities, core libraries, etc. • Use try-catch blocks in higher level parts – Application-specific – C lient-side business logic
  • 36. R ule #6: Dis ting uis h fatal vers us non- fatal
  • 37. Non-Fatal E rrors • Won't interfere with user's main tasks • Affects only a portion of the page – E asily disabled/ignored • R ecovery is possible • A repeat of the action may result in the appropriate result • D on't tell the user it isn't working unless absolutely necessary
  • 38.
  • 39. Fatal E rrors • The application absolutely cannot continue • S ignificantly interferes with user's ability to be productive • O ther errors will occur if the application continues • M essage the user immediately! • R eload
  • 40.
  • 41. Fatal or Non-Fatal? • D on't allow your code to determine what is and is not fatal – Watch out for loops • The user's experience comes first
  • 43. R ule #7: Provide a debug mode
  • 44. Debug Mode • Assign a variable that is globally available • try-catch should re-throw the error • window.onerror should return false • Allow the browser to handle the error
  • 48. R ules 1.Assume your code will fail 2.Log errors to the server 3.You, not the browser, handle errors 4.Identify where errors might occur 5.Throw your own errors 6.D istinguish fatal versus non-fatal 7.P rovide a debug mode
  • 50. E tcetera • M y blog: www.nczonline.net • M y email: nzakas@ yahoo-inc.com
  • 51. Happy debug g ing !
  • 52. C reative C ommons Imag es Us edcrazytales562/25148 • http:/www.flickr.com/ / photos/ 43252/ • http:/flickr.com/ / photos/waldoj/126354436/ • http:/flickr.com/ / photos/markhillary/289294549/ • http:/flickr.com/ / photos/3fold/437853495/ • http:/flickr.com/ / photos/ianhampton/ 65178598/ • http:/flickr.com/ / photos/joshlewis/1596018210/ • http:/flickr.com/ / photos/oberazzi/318947873/ • http:/flickr.com/ / photos/ 27061495/ mc/