AJAX benefits, issues cited by Zimbra exec

Scott Dietzen, CTO, charts and champions his company's use of JavaScript as base of its open source Web 2.0 platform
  • (InfoWorld)
  • — 04 December, 2007 10:48

While AJAX (Asynchronous JavaScript and XML) may have issues with security and performance, Zimbra still sees AJAX as the best way to deliver experiences on the Web and has based its open source Web 2.0 platform on 200,000 lines of JavaScript, a company executive said Monday.

At the Web Builder 2.0 conference in Las Vegas, Zimbra president and CTO Scott Dietzen, former CTO of BEA Systems, emphasized a variety of AJAX and Web 2.0 technologies for developers and users, including the extension of AJAX to offline usage.

Despite its problems, Dietzen said he favors AJAX over other technologies such as Flash when it comes to the Web.

"There's no other way to deliver a richly interactive experience on the Web," he said. "If you want the Web look and feel and the ability to mash up all sorts of other Web technologies, I think AJAX is the best fit."

Zimbra, which was acquired by Yahoo earlier this year for US$350 million, offers collaboration and messaging software.

Dietzen did cite AJAX security issues such as cross-site scripting attacks, in which user data can get interpreted in the browser, creating a breach. Also noted as a security concern was use of source code in the browser.

"The goal for rich Internet applications at least ought to be to deliver the same level of security that we've delivered for Web applications because to deliver less undermines user confidence in various ways," he said. This is a goal that is close to being achieved, Dietzen said.

Blocking execution of user JavaScript inside of the application is important to combat server-side scripting attacks, according to Dietzen. Obfuscation and minimization technologies to remove white space can be used as security measures, he said. On the positive side, there is no caching of user data on the desktop with AJAX. Dietzen also advised that sensitive code not be put in the browser.

Browsers, meanwhile, also present challenges. They render the same HTML differently and were not designed for the load presented by AJAX; browsers have memory leaks and performance gaps, Dietzen said. But browsers are getting better, Dietzen said.

"Safari 3 is dramatically better," he said. Internet Explorer 7 offers a two to four times improvement in JavaScript execution for Zimbra over Internet Explorer 6, Dietzen said.

Toolkits also have been a problem but that, too, has been getting better. Toolkits now are available from organizations such as Eclipse, Adobe, and Microsoft. "I'm happy to say no more Zimbra developers are using text editors or vi to craft their JavaScript," said Dietzen.

Offline AJAX usage is a "hot topic," Dietzen said. Zimbra now can be used offline, he said.

"The answer for occasionally connected apps is to provide a cache on the client side that allows the application to interact locally with a data set, and synchronize over the network when the network is available," said Dietzen.

Offline AJAX systems can be developed by using a set of caching APIs in JavaScript that enable this. These are accessible via offerings such as Google Gears and Dojo offline toolkit.

Also, developers can program the client in something other than JavaScript, using technologies such Adobe AIR (Adobe Integrated Runtime). Developers build full programs on the client integrated with the browser, like what Microsoft is doing with its Silverlight platform.

But Zimbra used another approach. "What we did at Zimba is we actually took Zimbra server code, which was written in Java, and we created a microserver that runs on my local client," said Dietzen.

Dietzen mentioned the AJAX technique of AJAX Linking and Embedding (ALE), in which one document can be embedded inside another. This expands content-sharing.

Also cited was a technique called "lazy loading," which cuts down loading time for Web pages. With lazy loading, the page loads but other parts of the application, such as calendaring, are loaded only as needed.

Dietzen noted Zimbra's platform enables use of mashups; these feature quickly assembled task-based applications deriving data from other, larger systems. Mashups get Dietzen's vote as the killer app for Web 2.0.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Paul Krill

InfoWorld
Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Compare & Save

Deals powered by WhistleOut
WhistleOut

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?