1. Explain Some Common Security Issues with Ajax.

An Ajax call acts as a conduit between the user and the server. All data collected by the Ajax
call is transmitted to the server in plain text. This data may often contain sensitive
information such as usernames, passwords, email addresses, etc. Since the data is sent in
plain text, it is extremely vulnerable to hacker attacks.
Hackers can also use Ajax to insert malicious scripts in a webpage and monitor user activity.
Further, Ajax fundamentally encourages developers to create more than one server-side
pages. The larger the number of server-side pages, the more entry points hackers have to
gain access to secure data.
2. Which Side Controls an Ajax Interaction Server Side or Client Side?
Establishing control in any Ajax interaction is not a black and white process. Control can
either be server-side, or use a mix of server-side and client-side controllers.
Client + Server-Side Control: In this structure, one may use allocate all presentation
related control to JavaScript on the client side. This includes manipulating pages,
rendering data, processing events, etc. The server-side, meanwhile, handles things
such as updating model data and delivering it to the client. This is a more secure
architecture as the server does not have in-depth knowledge of data being presented
on the client-side.
Central Server-Side Control: In this architecture, control stays with the server-side
which pushes updates to the client DOM through JavaScript. It is important to ensure
that the server-side stays in sync with the client side when using this control method.
Learn how to become a complete web developer with this course from Udemy!
3. If You Had to Create Your Own Ajax Functionality from Scratch, What Technologies
Would You Use?
This question is essentially asking us about the technologies that make up Ajax. Knowing what
we know about Ajax, if we had to build Ajax functionality from scratch, we would have to
learn the following technologies/languages:
JavaScript: JavaScript is used to present all data on the client-side. It is an essential
component of any Ajax functionality. JavaScript is used to record events such as a
mouse click, a key press, etc. and display data pulled from the server-side. Mastering
JavaScript is essential to mastering Ajax.
DOM: DOM or Document Object Model, is a cross-platform convention or API used for
interacting with an object in a XML or HTML page.
CSS: CSS or Cascading Style Sheets is a web standard used for styling and presenting
data on a web page.
DHTML: DHTML refers to the combination of JavaScript, DOM and CSS. This is the
technology that is used to interact with web pages in real-time and is the foundation
of Ajax.
Besides these technologies, a strong understanding of how HTTP requests work, especially
XMLHttpRequests, is also crucial for building your own Ajax functionality. You can learn how
to use Ajax with this course on building a fast loading, SEO friendly Ajax website.
4. What Are Some Disadvantages of Using Ajax on a Web Page?
Security: As mentioned above, Ajax transmits data from the client to the server-side
in plain text. This makes Ajax applications vulnerable to hackers.
Search Engine Indexing: All Ajax interactions utilize JavaScript. However, Googles web
crawlers cannot execute JavaScript code. This means that any Ajax app cannot be
indexed by Googles bots, negatively affecting a websites search engine visibility.
Development Time: Since Ajax basically involves learning and using a number of
different technologies, development time for an Ajax application can be much longer
than for an app written in a comparable language.
User-Experience: In an Ajax application, data is loaded asynchronously from the server
to the client. Since there is no page-refresh, there is no browsing history. This means
that the back/forward buttons in a browser are rendered useless, which can affect
user-experience. It is possible to mitigate this problem using the Really Simple History
library.
Accessibility Issues: As mentioned above, Ajax essentially disables the back/forward
buttons. This can affect a websites accessibility. It also cannot work on browsers with
JavaScript disabled (~5% of browsers). Some mobile/tablet browsers also have trouble
dealing with Ajax.
5. List Some Common Ajax Frameworks.
A framework or library is a set of technologies that make it easier to develop Ajax
applications. Ajax frameworks are essentially JavaScript libraries that speed up development
time. Some of the more common frameworks are:
Dojo Toolkit: Dojo Toolkit is a modular JavaScript toolkit distributed under an open-
source license. This toolkit has been in development since 2004 and includes a variety
of UI effects, widget APIs, drag and drop AISs etc. Dojo is the most popular Ajax
framework and is used in a huge number of applications.
MooTools: The MooTools framework is one of the more popular JavaScript toolkits
that is used primarily for creating visual effects such as sliders, slideshows, etc.
Prototype: The Prototype toolkit emphasizes visuals effects, animations and
interactions. Its a lightweight toolkit that is great for rapid iteration. It also supports
Rico and Script.aculo.us which add additional visual effects capabilities.
YUI: YUI or Yahoo User Interface library is an open source JavaScript framework that is
used to make interactive applications.
Spry: The Spry framework was developed by Adobe and is distributed under the BSD
license. It consists of animation and visual effects components (Spry Effects), a data
binding component (Spry Data), and a framework to crate widgets (Spry Widgets).
Google Web Toolkit (GWT): The GWT enables developers to create rich Ajax
applications using Java. GWT takes all the Java code and compiles it to JavaScript. It
also has an exhaustive set of debugging tools, making it perfect for testing
applications.