Directory:AJAST (programming)
AJAST, or Ajast (Asynchronous JavaScript and Script Tags), is a web development technique similar in nature to Ajax except that the communications method used dynamically injects script tags into the document head which by loading remote script code is able to transport data to the client browser. Like Ajax, AJAST is used to create interactive web applications or rich Internet applications in cases where data access is needed from a remote host which violates the same origin policy of Ajax. With AJAST, web applications can retrieve data from a foreign web server asynchronously in the background without interfering with the display and behavior of the existing page.
<embed>
<script type="text/javascript">
var AdBrite_Title_Color = '0000FF';
var AdBrite_Text_Color = '000000';
var AdBrite_Background_Color = 'C3D9FF';
var AdBrite_Border_Color = 'FFFFCC';
var AdBrite_URL_Color = 'CC0000';
try{var AdBrite_Iframe=window.top!=window.self?2:1;var AdBrite_Referrer=document.referrer==?document.location:document.referrer;AdBrite_Referrer=encodeURIComponent(AdBrite_Referrer);}catch(e){var AdBrite_Iframe=;var AdBrite_Referrer=;}
</script>
<script type="text/javascript">document.write(String.fromCharCode(60,83,67,82,73,80,84));document.write(' src="http://ads.adbrite.com/mb/text_group.php?sid=1529443&zs=3436385f3630&ifr='+AdBrite_Iframe+'&ref='+AdBrite_Referrer+'" type="text/javascript">');document.write(String.fromCharCode(60,47,83,67,82,73,80,84,62));</script>
<a target="_top" href="http://www.adbrite.com/mb/commerce/purchase_form.php?opid=1529443&afsid=1"><img src="" style="background-color:#FFFFCC;border:none;padding:0;margin:0;" alt="Your Ad Here" width="11" height="60" border="0" /></a>
</embed>
Technique
Unlike Ajax, data is not retrieved by creating an XMLHttpRequest object but instead by manipulating the document to reference additional remote script files. As each reference to a remote script file is added to the document, the web browser actively retrieves the remote script file and attempts to execute it. The remote script can then provide new data to the web browser by loading the data into predictable locations. After the new data is harvested from the predictable locations the script file and predictable locations can be removed to prevent excessive resource consumption and the process can be repeated as necessary.
A sample AJAST transaction could be written as:
<source lang="JavaScript"> // Create a script node pointed to a remote host var node = document.createElement('script'); node.type = 'text/javascript'; node.src = 'http://some.host.com/somefile.js';
// The onload mechanism only works on gecko browsers node.onload = function() { alert(payload); }
// Find the head of the document and inject the script reference var head = document.getElementsByTagName('HEAD')[0]; head.appendChild(node); </source>
Consider the following source for somefile.js: <source lang="javascript"> var payload = 'hello world'; </source>
The message hello world will be displayed after the remote script loads.
History
Techniques for the asynchronous loading of content date back to the mid 1990s. Java applets were introduced in the first version of the Java language in 1995. These allow compiled client-side code to load data asynchronously from the web server after a web page is loaded.[1] Ajax was first introduced February 2005 by Jesse Garrett,[2] which could not access remote hosts. The AJAST technique was first documented as 'The script tag hack' in November 2005 by Jason Levitt.[3] The term AJAST was coined in March 2008 by Havard Stranden.[4] A formalized implementation of AJAST was published in March 2009 by Jason Riffel.[5]
Technologies
The main cause for using this technology is to allow access to a remote server outside of the same origin policy restrictions. These restrictions have increasingly come under fireTemplate:Fact in regards to Ajax type requests as new web technologies require more access to information. The W3C has a draft which would ease these restrictions on Ajax requests, [6] but until this draft gains more momentum the AJAST technique remains a dominant solution which works natively across most web browsers. There are alternate technologies available that circumvent the same origin policy such as Adobe Flash, Microsoft Silverlight, and Java but these technologies require 3rd party software to be loaded into the web browser and are not always available. AJAST provides a mechanism which is natively available in web browsers which have Javascript enabled that can access remote servers.
Implementations
- ajast.org Reference implementations of the AJAST technique that emulate the XMLHttpRequest object of Ajax.
- ox.ajast An AJAST implementation specialized for the REST pattern.
- UP.AJAST Same implementation like ox.ajast but with bug fixes and working implementation. REST pattern.
Advantages
- Cross site capable
- Requires no 3rd party software
- Works in all legacy browsers that support AJAX
Disadvantages
- The remote site can insert arbitrary JavaScript in the page, so cross-site AJAST is only safe with trusted remote sites
- Synchronous requests are not possible
- Only GET requests can be made via script tags, not POST. Some browsers and servers limit GET request size to a few kilobytes
See also
Notes
- ^ <templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>"Code Samples and Apps: Applets". Sun Microsystems, Inc. Retrieved 2009-01-02.
- ^ <templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>Jesse James Garrett (2005-02-18). "Ajax: A New Approach to Web Applications". AdaptivePath.com. Retrieved 2009-03-25.
- ^ <templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>Jason Levitt (2005-11-09). "Fixing AJAX: XMLHttpRequest Considered Harmful". xml.com. Retrieved 2009-03-25.
- ^ <templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>Havard Stranden (2008-03-24). "AJAST - Cross-domain REST calls using JSON injection". oxno.com. Retrieved 2009-03-25.
- ^ <templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>Jason Riffel (2009-03-23). "AJAST.ORG - Asynchronous Javascript and Script Tags". ajast.org. Retrieved 2009-03-25.
- ^ <templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>"Access Control for Cross-Site Requests". World Wide Web Consortium. Retrieved 2008-06-27.
External links
- ajast.org Reference implementations of the AJAST technique.
- ajast implementation Ready to use ajast library