News on Monday
more>>
SharePoint Tech Report
more>>

Download Current Issue
ISSUE 3/15/2010 PDF

Need Back Issues?
DOWNLOAD HERE

Receive the print Edition?

Google Code turns 5
Google Code Turns 5, and adds a Paxos Algorithm to make the system more stable and reliable.
03/17/2010 11:16 AM EST

Test your Visual Studio 2010 know-how
Microsoft is offering free beta certification exams for Visual Studio 2010.
03/17/2010 11:08 AM EST

Microsoft lifts the hood on IE9
Microsoft is previewing IE9.
03/16/2010 01:10 PM EST

3/22/2010 to 3/25/2010
Santa Clara, Calif.
The Eclipse Foundation

DevConnections

4/12/2010 to 4/14/2010
Las Vegas
Penton Media

MySQL Conf. and Expo

4/12/2010 to 4/15/2010
Santa Clara, Calif.
O'Reilly Media

High Performance Computing Linux Financial Markets

4/19/2010
New York City
Flagg Management

Informix User Conf.

4/25/2010 to 4/28/2010
Overland Park, Kans.
IIUG

HOME ALL STORIES LATEST NEWS COLUMNS OPINIONS EDITORIALS GUEST VIEWS SHORT TAKES DATA WATCH SPECIAL REPORTS ZEICHICK'S TAKE SD TIMES 100 EDITORS' BLOG

RSS FEEDS

FACEBOOK

TWITTER

WHITE PAPERS SPONSORED PROFILES JOB BOARD WEBINAR CENTER FREE SOFTWARE BZ RESEARCH ALMSHAREPOINT EVENTS CALENDAR PRINT/PDF EDITION PRINT/PDF BACK ISSUES

SUBSCRIBE TODAY CUSTOMER SERVICE EDITORIAL CALENDAR EDITORIAL BEATS GUEST VIEW GUIDE SD TIMES 100 GUIDE EVENTS CALENDAR ADVERTISING ARTICLE REPRINTS REPORT A BUG SITE MAP

ABOUT US BZ MEDIA NEWS BZ RESEARCH SYSMANNEWS SPTECHCON ESDC IPHONEDEVCON PRIVACY POLICY CONTACT US

Printable version

HOME >> SPECIAL REPORTS

All Sizzle and No Substance?

AJAX for the sake of AJAX accomplishes little, experts say

By Jennifer deJong

March 15, 2008 —

No wonder it has caught on like wildfire. AJAX—which stands for Asynchronous JavaScript and XML—promises to deliver a better experience for Web users and a more efficient way for developers to manage communication between the browser and the server. But, according AJAX experts, many early efforts that used the technology failed to accomplish either of those goals. Indeed, those early missteps led to a raft of Web sites that use AJAX as little more than window dressing, and often exhibit a drag, rather than a boost, in performance.

SD Times asked the experts to offer their best advice on when, where and how to use the development technique, which lets the Web browser retrieve information from the Web server without having to update the entire page. Here’s what they had to say:

Don’t use it just because everybody else does. The Web is awash with AJAX-enabled pop-up boxes that look nice but don’t add information, said Microsoft senior program manager Joe Stagner. Used that way, AJAX is a wasted investment, he said. “We jumped on the bandwagon, did a bunch of stuff, and later on we figured out a lot of that stuff wasn’t such a good idea.”

Some Web retailers in particular were guilty on that count, said Frank Spillers, co-founder of user interface design consultancy Experience Dynamics. “We see a lot of pop-up views right before you [click on] the product. It’s overkill.” Like a cook who has just discovered garlic, developers tend to overuse AJAX, added Patrick Hynds, president of application development consultancy CriticalSites. “They want to put it in everything, even a peanut-butter-and-jelly sandwich.”

Use AJAX to create business opportunities. AJAX lets the Web application update what the user sees, based on his or her actions, and this is a powerful capability when you apply business-savvy logic to it, Stagner said. For example, he cited a bank Web site that lets users fill out credit card applications, targeting advertising to applicants based on their date of birth. In the past, ads didn’t appear until the user had submitted the completed form, including date of birth. By that point, he explained, the applicant was already disengaged. Now the bank uses AJAX to grab that information before the application process is complete. As soon as the user types in the date of birth, the bank targets its ads accordingly, Stagner explained.

Don’t do user validation on the client. AJAX is all about implementing tasks on the client that traditionally have been carried out on the server. But bag that idea when it comes to security validation, said Hynds, whose consultancy specializes in security. “Client-side security validation is a big no-no. It’s too easy [for a hacker] to remove.” AJAX’s concept doesn’t introduce new threats, but it does elevate the risk level because it extends an application’s attack surface. That can make a site vulnerable to cross-site scripting, in which a hacker steals user data by inserting a malicious script designed to execute on a dynamic page, noted David Boloker, IBM’s CTO of emerging Internet technologies. “But this isn’t an AJAX problem,” he said. “It’s a Web problem, to be addressed with security best practices.”

Don’t get too chatty. AJAX is designed to retrieve information from the Web server without having to update the entire page. But many developers turn that virtue into a vice, creating applications that are “too chatty,” said Nicholas Zakas, co-author of “Professional AJAX” (Wrox, 2007), among other books. The application, he explained, is always going back to the server to “get something, to get something [again], to get something [one more time].” That leads to performance problems that could have been avoided by managing the data differently, he noted. “Go back to the server only when necessary. If you have requests going out three times in a 10-minute span and you have a million users on the site, there’s going to be a performance impact.”

Dedicate a server to each AJAX task. When you zero in on a task that’s well suited to AJAX, give the hardware enough juice to carry out the job, said Bill O’Donnell, chief architect for travel search engine Kayak.com. The site relies on AJAX to implement several key features, including a smart box that comes up with possible airport picks as soon the user starts typing. O’Donnell’s team dedicated a single server to that task. “We wanted very fast response time—zero latency,” he said. “The smart box [where a user types in airport names] gets a lot of hits.”

Keep in mind which PCs people are using. AJAX code can run superfast on an Intel Core 2 Duo, said O’Donnell, referring to a PC using a modern CPU. “But [Web site visitors with] older PCs are going to feel the pain of JavaScript, so you need to test code on older machines as well.” That way, you can get out your JavaScript debugger, figure out what the problem is and fix it, he said.

Use AJAX to keep Web shoppers engaged. There are plenty of examples in which AJAX is used as just window dressing. But it really shines at presenting a set of complex features and functions that help decision-making, said usability consultant Spillers. “It’s good at layering in information, tasks and sub-tasks.”

One case in point is Blue Nile, a Web retailer that sells diamonds. The site relies on AJAX for its Build Your Own Ring feature, which guides shoppers through the process of setting a price range, then selecting a diamond and setting for the ring. Along the way, shoppers get educated on everything from diamond shapes to the degree to which the stone has been polished.

“AJAX delivers nicely here to improve decision-making,” said Spillers. What Blue Nile is doing, no pun intended, is engaging the ring buyer. “A Web jeweler can lose people quickly,” but AJAX helps create a shopping experience compelling enough to keep the buyer on the site to make a purchase, he said.

Think in terms of progressive disclosure. That’s a fancy way of saying “give the user a little bit of information at a time,” said Spillers. Blue Nile’s ring-building feature exemplifies this interaction design technique, which sequences information and actions across several screens to keep the user from getting overwhelmed. “By disclosing information progressively, you help the user manage the complexity of feature-rich sites or applications,” he said.

Use AJAX to display dynamic information against a static background. This is another task in which AJAX excels, said Julian Payne, vice president of visualization research and development for ILOG, which sells graphical components for building AJAX-based user interfaces, among other offerings. The idea is to separate the static information (such as a map) from the dynamic data (such as an alert about a car accident or traffic jam), letting users click on the information they need. “With AJAX, you can get the information and display it, without refreshing” the entire map.

The easy way isn’t always the most appropriate. Tools make AJAX easy to implement, but to apply them intelligently, it’s crucial to understand what’s going on the behind the scenes, said Adam Calderon, a practice lead for .NET consultancy InterKnowlogy, and co-author with Joel Rumerman of the book “Advanced ASP.NET AJAX,” expected from Addison-Wesley later this year.

Nowhere is that more so than with the UpdatePanel control in ASP.NET. Microsoft developers are drawn to UpdatePanel, he explained, because it allows them to implement AJAX without any knowledge of JavaScript. But, because the control does a full-page postback instead of a partial-page postback, performance problems occur when developers overuse it. A better approach would be to employ a Web service to get the data, and client-side code to repopulate the page, said Calderon. A more focused communications channel is always preferable in larger deployments, he said, noting that UpdatePanel is not a bad approach for a small site to be used by 30 to 40 people.

Understand that client-side programming is new. Many developers that use AJAX haven’t wrapped their brains around the idea that programming for the browser is not the same as programming for the server. “You can’t build complex client-side code and expect the same performance you get with server-side code,” said Stagner. “There is an optimization that can take place on the server that just can’t happen on the client.”

To use AJAX effectively, sit down and think about the application in ways that weren’t necessary before, Calderon added. “How do I converse with the server in the most efficient way possible? How do I bring in what I know about client/server development, what I know about SOA development, to the process?” Those are the questions you have to ask, he said. “It’s more difficult than earlier Web programming approaches. But it brings greater benefits, in more situations” over time.

Share this link: http://www.sdtimes.com/link/31815

Embarcadero's all in with All Access licensing After its CodeGear acquisition, Embarcadero has come up with All Access licensing, making its database and software development tools available on-demand over several different programming platforms and databases.

Zeichick's Take: All iPhone, all the time The predictions were a bit off. Last week, we presented a list of 20 possible announcements that Steve Jobs might make at the Apple Worldwide Developers Conference. It looks like only four came true.

Adobe: Flex for All, and (It Hopes) All for Flex Flex for all. That’s what Adobe Systems is hoping for with last month’s announcement that the rich Internet application framework...

Add comment

Name*
Email*
Country

Comment
Preview

All Sizzle and No Substance?

AJAX for the sake of AJAX accomplishes little, experts say

By Jennifer deJong

Related Articles

Add comment