CSSHttpRequest: cross domain JavaScript solution

Who’d a thunk it: CSSHttpRequest is a way of doing cross-domain AJAX by using CSS’ @import method to fetch the data.

Browser-Based JSON Editors

JSONLint, a JSON validator, was the tool I needed a while ago to be able to play with JSON as format for exchanging data in some APIs I was working on a while ago. And now I like JSON well enough that I’m thinking of using it as an internal data format in one of [...]

Steve Souders On Website Performance

Steve Souders: 10% of the problem is server performance, 90% of problem is browser activity after the main html is downloaded. He wrote the book and developed YSlow, so he should know.
JavaScripts are downloaded serially and block other activity. Most JavaScript functions aren’t used at OnLoad. We could split the JS and only load essential [...]

Detecting Broken Images in JavaScript

We’ve become accustomed to link rot and broken images in nearly all corners of the web, but is there a way to keep things a bit cleaner?
K.T. Lam of Hong Kong University of Science and Technology came up with this sweet trick using jQuery and readyState to find and replace broken images:

jQuery(’span#gbs_’+info.bib_key).parents(’ul’).find(’img.bookjacket[@readyState*="uninitialized"]‘).replaceWith(’<img src="’+info.thumbnail_url+’" alt="’+strTitle+’" height="140" [...]

Sweet jQuery

Matty discovered jQuery at The Ajax Experience, and his enthusiasm has rubbed off on me.
jQuery makes coding JavaScript fun again. Well, at least it makes it possible to write code and content separately. And that means that sweet AJAXy pages can be made more easily, and it sort of forces designers to make them accessible [...]

Ryan Eby’s Pursuit of Live-Search

Ryan Eby gets excited over LiveSearch. And who can blame him? I mention the preceding because it explains the following: two links leading to some good examples of livesearch in the wild.
Inquisitor is a livesearch plugin for OS X’s Safari web browser. It gives the top few hits, spelling suggestions where appropriate, and links to [...]

50+ Ways Good HTML Can Go Bad

Via Brad Neuberg: RSnake’s XSS (Cross Site Scripting) Cheatsheet: Esp: for filter evasion.
Limitations on cross site scripting (XSS hereafter) have been troubling me as I try to write enhancements to our library catalog, but the reasons for the prohibition are sound. Without them I could snort your browser cookies (RSnake lists: “cookie/credential stealing/replay/session riding” among [...]

Plan C: Signed JavaScripts

The Mozilla docs on JavaScript security give a hint of hope that signed scripts will work around the cross-domain script exclusions that all good browsers enforce. But an item at DevArticles.com throws water on the idea:
Signed scripts are primarily useful in an intranet environment; they’re not so useful on the Web in general. To see [...]

Plan B: Remote Scripting With IFRAMEs

I have plans to apply AJAX to our library catalog but I’m running into a problem where I can’t do XMLHttpRequest events to servers other than the one I loaded the main webpage from. Mozilla calls it the “same origin policy,” everyone else calls it a cross-domain script exclusion, or something like that.
Some Mozilla folks [...]

Simple Bookmarklet Demo

Bookmarklets are interesting little bits of JavaScript stored as bookmarks. They’ve been around since about 1998 (earlier?), but I’ve never bothered to write one.
Here are a few examples:

This sort of creates a bookmark
Alexa Snapshot
Wayback

tags: bookmark, bookmarklet, browser, javascript, web, web browser