in General

AJAX, latency and the web

On lastcraft’s blog, Marcus Baker argues that Ajax is not cool because of the lack of respect AJAX developers give to usability on web GUI form login’s, not allowing them to re-type their entry and validate it within enough time.

And recently on sitepoint, Harry Fuecks published his presentation PDF on ajax@localhost where he describes in detail the numerous problems with overusing AJAX for the web, because of latency, security and just poor common sense.

So, why the sudden change against AJAX? Are people just sick and tired of the buzz mentality of the web, or is it something different?

According the critics, Ajax latency issues is just one of the many issues surrounding the technology. Latency is one of those computer networking buzzwords which describes that a network of any size will have time out, connection and other associated problems. If the connection drops, XMLHttp acts like either nothing happened, or will return the data out of order/sequence.

Security within AJAX has also been widely criticised.

Tunnelling to GET or POST via Ajax can be hugely abused, but this isn’t restricted to AJAX. Indeed, PHP has its own security critics for the lack of good security protocols against session fixation or sql injection attacks, so what makes the abuse of GET/POST so special?

Well according to the critics, Ajax’s security issues arises from its direct link to the XMLHttpRequest object. Something that can be exploited via IE. In addition, Javascript injection, Cross domain requests, character encoding mismatching, memory leaks, and the concept that Javascript was designed for small-scale, simple websites and not to be used site-wide are highlighted as major issues for all ajax developers.

From reading blogs, articles and whitepapers on the subject, it appears that its bad coding, bad GUI design, and bad user experiences are the real problem rather than AJAX itself.

People writing complex AJAX to validate user login’s on the fly without giving the user the necessary time to enter in their information or making too many requests to the server when its not needed are all reasons why the technology isn’t the problem, but rather its usage.

Is Ajax cool? Sure it is, but I’m not 100% confident that AJAX has solved all of the numerous problems that I consider important; ie: accessibility for the disabled, browser security and other technical issues raised in this article.

Although I’ve not ventured into AJAX programming yet, I’m looking into using it for a basic record-navigation-paging display system with rapid sorting…

I believe even though AJAX may have its inital problems and obvious security issues that the technology should be used sparingly and most importantly, responsibily.

Resources;