10 tips for deploying Ajax applications

Take the network mystery out of your Ajax apps

Ajax-based Web applications promise end users a rich interface that approaches what they are used to with desktop software. However, this promise comes with a price for the network. Here are some stepping stones on the road to Ajax enlightenment.

Understand the ideas behind Ajax

Ajax moves Web development from the world of post and wait while the full page refreshes to a world of incremental updates that lead to a richer user experience. There is more than just the choice of using XML and JavaScript with an asynchronous communication pattern. In fact, there are many ways to Ajax-ify a Web application.

Know that Ajax doesn?t care about data forma

Ajax,  in spite of its full name (Asynchronous JavaScript and XML), certainly doesn't require XML. There are many choices for passing data out there. JSON is clearly a very popular one, but the choice of data format is really limited only by your imagination. Be aware of these varied data formats and be sure that your network tools can inspect and monitor these payloads.

Take Ajax chattiness into account

With Ajax, Web applications move to more frequent and smaller requests. Take Google Suggest, for example, where every keystroke may trigger a small request. It is quite easy to build an overly chatty application, so you need to make sure your servers and network are ready to handle the increased traffic within your required response times.

Know your HTTP connection limits

The HTTP specification states that only two persistent connections are made per domain. Of course, in reality, browsers are a bit loose with this two connection limit, and Internet Explorer 8 promises to be much looser ( See IE 8 preview ). Depending on application design and network conditions, such a limit can help or hurt. This slide shows that requests timeout because of the bottleneck up front, but with more than two connections allowed, only the first two fail as they should ( Try it yourself . Educate your Ajax developers to the basics of HTTP and networking.

Getting Ajax responses out of order

Responses in an Ajax application can and do arrive out of order. With the way Ajax is often used, this isn't noticed much, but as more complex applications are built using Ajax, it will be. The sequencing demo here makes this point clear. Again, education is key. Ajax developers need to know the ways of the network lest the network be blamed for application problems.

Give end users insight into app problems

A well-designed interface must inform users as to the status of the situation. A simple loading screen doesn't tell the user much about what is going wrong with the application's or help to debug the situation. Ajax applications should provide more detail to application health both to user and administrator alike.

Keep security tight

If you already have a solid security posture and trust no inputs, having an Ajax application on the network won't pose any more of a security risk. But if in the rush to try out the exciting new technology, application inputs and outputs aren't watched and the posture is loose, trouble can ensue. The ideas that make scary demos showing your browser history or hijacking JavaScript objects using the languages inherent prototype style of coding aren't new with Ajax, they are just becoming more popular. Proceed with caution.

Don\'t disregard the same origin policy

A key to Ajax security is the same origin policy. Roughly speaking, this policy ensures that scripts cannot talk to domains outside of those from which they are issued. It really is there for your protection. While you can break it with Flash or even using the latest browsers like Firefox 3 and Internet Explorer 8 , should you?

On the author, Thomas A. Powell

Powell is the founder of PINT, a San Diego Web development and consulting firm. He is also the author of the recently published Ajax: The Complete Reference (McGraw-Hill Osborne Media). Powell can be reached at tpowell@pint.com .

We want to hear from YOU!

What kinds of issues have Ajax applications caused on your network? Join the discussion.

Copyright © 2008 IDG Communications, Inc.