CSSHttpRequest: cross domain JavaScript solution
Who’d a thunk it: CSSHttpRequest is a way of doing cross-domain AJAX by using CSS’ @import method to fetch the data.
photo: reference information
Who’d a thunk it: CSSHttpRequest is a way of doing cross-domain AJAX by using CSS’ @import method to fetch the data.
JSONLint, a JSON validator, was the tool I needed a while ago to be able to play with JSON as format for exchanging data in some APIs I was working on a while ago. And now I like JSON well enough that I’m thinking of using it as an internal data format in one of [...]
Steve Souders: 10% of the problem is server performance, 90% of problem is browser activity after the main html is downloaded. He wrote the book and developed YSlow, so he should know.
JavaScripts are downloaded serially and block other activity. Most JavaScript functions aren’t used at OnLoad. We could split the JS and only load essential [...]
We’ve become accustomed to link rot and broken images in nearly all corners of the web, but is there a way to keep things a bit cleaner?
K.T. Lam of Hong Kong University of Science and Technology came up with this sweet trick using jQuery and readyState to find and replace broken images:
jQuery(’span#gbs_’+info.bib_key).parents(’ul’).find(’img.bookjacket[@readyState*="uninitialized"]‘).replaceWith(’<img src="’+info.thumbnail_url+’" alt="’+strTitle+’" height="140" [...]
Matty discovered jQuery at The Ajax Experience, and his enthusiasm has rubbed off on me.
jQuery makes coding JavaScript fun again. Well, at least it makes it possible to write code and content separately. And that means that sweet AJAXy pages can be made more easily, and it sort of forces designers to make them accessible [...]
Ryan Eby gets excited over LiveSearch. And who can blame him? I mention the preceding because it explains the following: two links leading to some good examples of livesearch in the wild.
Inquisitor is a livesearch plugin for OS X’s Safari web browser. It gives the top few hits, spelling suggestions where appropriate, and links to [...]
Via Brad Neuberg: RSnake’s XSS (Cross Site Scripting) Cheatsheet: Esp: for filter evasion.
Limitations on cross site scripting (XSS hereafter) have been troubling me as I try to write enhancements to our library catalog, but the reasons for the prohibition are sound. Without them I could snort your browser cookies (RSnake lists: “cookie/credential stealing/replay/session riding” among [...]
The Mozilla docs on JavaScript security give a hint of hope that signed scripts will work around the cross-domain script exclusions that all good browsers enforce. But an item at DevArticles.com throws water on the idea:
Signed scripts are primarily useful in an intranet environment; they’re not so useful on the Web in general. To see [...]
I have plans to apply AJAX to our library catalog but I’m running into a problem where I can’t do XMLHttpRequest events to servers other than the one I loaded the main webpage from. Mozilla calls it the “same origin policy,” everyone else calls it a cross-domain script exclusion, or something like that.
Some Mozilla folks [...]
Bookmarklets are interesting little bits of JavaScript stored as bookmarks. They’ve been around since about 1998 (earlier?), but I’ve never bothered to write one.
Here are a few examples:
This sort of creates a bookmark
Alexa Snapshot
Wayback
tags: bookmark, bookmarklet, browser, javascript, web, web browser
