Tough on Grease but Easy on Web Servers

Linux Journal talks with Ben Galbraith about Asynchronous JavaScript And XML, more commonly known as Ajax.

LJ: For our readers who are unfamiliar with Ajax, can you describe what it is and what need it's filling?

BG: Ever use Google Maps? If not, visit maps.google.com and play around with it for a few minutes. It should blow your mind. That's Ajax—wicked cool Web applications that work on any browser without any browser plugins, just ordinary HTML and JavaScript.

Technically, Ajax refers to a specific technique: allowing a Web page to spawn a background thread to send a request to a server, receive a response and update the Web page dynamically without ever refreshing the page. In other words, with Ajax, you don't have to click on Form Submit and wait for the browser to come back with a new page to interact with a Web application. Instead, the Web app can be sending and receiving data constantly while you interact with a Web page.

A great example of how this changes the game is www.tadalist.com. That Web site offers a simple service: creating your own personal to-do list. But, if you use it, you'll quickly see that instead of the traditional clunky Web interface for marking to-do items as completed and adding new items and so on, you get this rich interface that lets you do things like add, complete and modify items, all without reloading the page.

For years, Web applications have had this awful reputation for sucky interfaces. We've all wished we could do better, and Ajax makes that possible.

LJ: A lot of people are using the phrase Web 2.0 now. What is Web 2.0, and what role is Ajax playing in building it?

BG: It turns out that the changes wrought on conventional Web applications by Ajax are so great that many folks are claiming it represents a rebirth of the Web—Web 2.0, as it were. Some people hate the meme, and others love it; I'm indifferent. But what is clear is that as of 2005, we're seeing a new wave of exciting Web applications, and Ajaxian techniques are at the heart of them.

For years, the de facto Web e-mail experience sucked. Sure, there was the odd browser-specific offering, such as Oddpost, but most of us were stuck with this crap interface that paled in comparison to a desktop app. Now, Google, Yahoo and others are offering these rich, cross-browser mail apps that rival and in some ways trump desktop offerings.

The Web computer store has followed the same UI that Dell pioneered in the late 1990s all this time—scroll down to the bottom of the screen and click on the refresh price button to figure out costs and so on—up until Ajax. Recently, Apple introduced a 2.0 revision of their Web store, and they finally got it right, introducing a live page that refreshes the price of the computer live as you change new options.

Amazon used to have this annoying little rating page—they had it for years—where you'd go and fill out this tedious Web form to rank your products. This year, using Ajax, they introduced a live rating system that lets you rank your stuff without leaving to go to a separate page or filling out a form—and reportedly the number of items being rated has increased by an order of magnitude.

On Ajaxian.com, the Web site I co-founded with Dion Almaer to track Ajax, we see new ventures based on new Ajax-powered Web applications springing up all the time. There's investment capital behind a lot of these concerns. It feels a little like the 1990s again.

So that's Web 2.0—a new energy in the Web, leading to exciting changes to some of our favorite sites, and a bunch of new sites we'll see over the next few months and years. This new energy is directly caused by Ajax—by the realization that this tired old Web medium has a bunch of new tricks in it after all.

Some might say, “Wait a minute—this Ajax stuff isn't new! It's been around for ages.” And indeed, that's true. Ajax is pretty much exactly what Microsoft called DHTML in 1997 (actually, it's a subset). Why has it caused all kinds of excitement in 2005? Well, it turns out that with the release of Mozilla 1.0, the key Ajax technologies become cross-browser. There wasn't a big press release or announcement—I think the Moz folks just did it to increase their compatibility with IE-specific sites—but as people discovered that DHTML was possible and easy in a cross-browser way, the Web lit up.

LJ: One of the biggest roadblocks to the deployment of Linux on the desktop is the requirement to run in-house developed applications, because in many companies these applications are written using Microsoft technologies that require Windows to be on the desktop. In those companies, this keeps Linux off the desktop. Is it realistic to think that Ajax could provide a way to build business applications that are truly OS-independent?

BG: Absolutely. The excitement of Ajax is what happens when you free developers from the Microsoft cage. All of the techniques that are lumped under the Ajax bandwagon were generally available on Internet Explorer first—some of them as long as eight years ago. These technologies—the ability to send a request from a Web page without refreshing, the ability to interact easily with the Web page DOM and so forth—were ignored by most developers until they become available in Mozilla/Firefox and Safari. Even though during this period IE enjoyed a ridiculously dominant share, the community just wasn't interested in cutting minority players out of the loop.

So I think that Ajax is all about platform independence, and the Web 2.0 meme took off only once the Ajaxian technologies were truly cross-platform.

Is Ajax powerful enough to build full-on business apps that are competitive with desktop offerings? That's hard to say. Certainly, the folks at zimbra.com think it is. Like many before them, they've created a Web-based PIM using Ajaxian techniques, but unlike many of their predecessors, they're openly gunning for Microsoft market share. Having seen the eye candy coming in Office 12, I wish them luck.

In fact, that leads me to an interesting point. Ajax means dramatically better Web applications than we've ever had before. But at the same time, we're seeing desktop technologies poised to take a quantum leap. Apple pioneered the revolution, introducing their beautiful OpenGL-based Quartz-rendering engine years ago. But now Microsoft, with their version (Direct3D-based Avalon), is taking gorgeous graphics mainstream, and they're going beyond Apple by making it easier to develop such applications than it is with Apple's tools.

And of course, the Linux community is keeping right up, offering the same type of effects on top of the Cairo-rendering library.

It will be very interesting to see what happens. Ajax takes the Web to the types of UIs that we've been doing in desktop applications for the past ten years, but just as this is happening, desktop applications are literally blasting off to the next level, and who knows when cross-browser techniques will catch up. Some might say it's all about meaningless eye candy, but man, sex sells.

Still, there's hope for Ajax. Firefox 1.5 and Safari .next introduce SVG support, meaning that Web applications will be able to render high-quality, interactive vector graphics live in the browser, and drive these graphics using Ajax techniques (SVG can be modified on the fly using the same DOM API that we use to modify HTML). That may make up some of the difference, but it's entirely unclear how well IE will support SVG (there may be a way to do it by bridging SVG to Microsoft-specific stuff, but it's unlikely IE will provide seamless native support).

Further complicating the mix is Java. Java hasn't had a good reputation for desktop applications in the past, but there are some major innovations in the desktop space coming in Java 6 (the next version, due out sometime in 2006), and they've got some exciting things on the drawing board for Java 7. With Quartz, Cairo, and D3D/Avalon, each of the major OS platforms has a really high-quality graphics rendering engine, able to power cool applications. If the Java folks can successfully bridge all of those engines into a meaningful common denominator—that would be amazing for the industry. I'm not holding my breath, but it's a real opportunity.

I got off on a tangent there, but yes—Ajax will power some exciting new cross-browser business applications, but at the same time, we're going to see desktop applications get jaw-dropping amazing. Time will tell which versions the market prefers.

LJ: I'm seeing the emergence of IDEs supporting Ajax development. Which of these do you see gaining traction? Or is everybody still just using vi and emacs?

BG: I see most folks using their traditional editors. There are some interesting Web-based editor tools out there, but nothing that I've seen anyone actually use.

LJ: As Ajax is really a client/browser-side technology, are you seeing server-side developers pick it up?

BG: Yes, without a doubt. I'm seeing folks that know nothing about JavaScript learning about how to do Ajax because it offers such a compelling upgrade to the UI that they really don't have a choice. The good news is that all of this Web 2.0/Ajax excitement has led to the creation of incredibly easy-to-use frameworks that make Ajax easy.

Prototype, Scriptaculous, dojo, DWR for Java folks, JSON for pretty much any language and many other tools can make it so easy to do all kinds of great Ajax effects.

And, the server-side frameworks have already started to build Ajax right in, and will continue to do so. In the coming years, server-side developers will probably do some pretty amazing Ajax without writing much of any JavaScript at all.

LJ: Are there new security risks associated with Ajax development?

BG: Nothing fundamental, though there are a few exploits here and there that arise as we push the browsers in a new direction. However, I should mention Greasemonkey.

I hate Microsoft Money, and any other personal finance packages I've used. On the surface, they seem to have all of the right features, but the interface never quite works the way I want it to, and I'm constantly stuck doing these stupid manual tasks and jumping through hoops. What I really want is the ability to tweak the way the program's interface works.

With Greasemonkey, you can do that—to Web applications. Greasemonkey is a Firefox plugin that lets you inject JavaScript code into a Web page. So, if you don't like something about Amazon.com's UI, change it! You have full access to the page's DOM, so you can do whatever you like. Furthermore, Greasemonkey is a community for people to share their custom features. For example, there's a great plugin for making Amazon show you the price of its items on other Web sites.

While we've all known for ages that anything you send in HTML can be hacked and that our server endpoints need to be prepared to receive all kinds of malformed requests, as Ajax pushes more logic to the client, some of us may forget that lesson, and tools like Greasemonkey make it trivial for people to take advantage of poorly written applications.

Talk about exciting—finally, the ability for a community to take a commercial, off-the-shelf app and modify it easily to do all kinds of new things. You might argue that open source has empowered that for years, but the Greasemonkey concept takes that to a whole new level—a whole new audience that doesn't know how to use CVS, gcc, C++ and so on.

Ajax doesn't introduce new security risks, but it may facilitate the creation of insecure Web sites.

LJ: For many of our readers to get permission to use Ajax, they'll need reference sites to show their management. What are some good reference sites for Ajax development?

BG: Google Maps remains the flagship app. Of course, you should visit ajaxian.com, where we constantly showcase new Ajax applications. Check out zimbra.com to see the latest attempt at emulating a desktop app in a browser; Gmail is an example of a more Webish attempt at Ajax-style rich interaction. See some of the demos at script.aculo.us to see what's possible (easy drag and drop, transition effects and so on). Backbase.com (www.backbase.com) also offers some great demos of how Ajax can change specific vertical application types.

LJ: What are some good resources for our readers who are interested in learning?

BG: Some folks have said favorable things about our own site, Ajaxian.com, being a good resource. Dion Almaer—my Ajaxian partner and the site's editor—does a really good job of putting new information on the site daily. You'll definitely keep up with what's happening!

For the Ajax newbie, there are some great books coming out from all of the publishing houses, such as Ajax in Action from Manning, Ajax Foundations from Apress and more. Dion and I have got one coming out too: Pragmatic Ajax, published by the Pragmatic Press. My favorite bit in that book is a chapter where we walk you through building your own version of Google Maps from scratch.

LJ: Thanks for the opportunity to talk with you!

______________________

-- Kevin Bedell Editor in Chief, Linux Journal "Imagination is more important than knowledge" - Albert Einstein http://www.kbedell.com

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

ToughOnGrease

D.Crutcher's picture

ToughOnGrease.com is for sale This is a very common term used with grease cutting products.Advertise it and if the buyer tells us he saw it through you I'll give you 10%. The sale price is $3,700,000 u.s
Have a lot more a couple are MobileTransfers.com RapidFTP.com Have about 200 names for sale right now but need promoting.

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix