WebSocket

16 results back to index


pages: 210 words: 42,271

Programming HTML5 Applications by Zachary Kessin

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

barriers to entry, continuous integration, fault tolerance, Firefox, Google Chrome, mandelbrot fractal, QWERTY keyboard, web application, WebSocket

As of this writing (August 2011), web sockets are supported by Chrome version 8 and later and Safari version 5. As of Firefox version 6, web sockets are available, but the constructor is MozWebSockets. Opera has implemented the web sockets spec but leaves it turned off by default, pending work on security issues. For browsers that do not support web sockets, fallbacks using classic HTTP or Flash can work. There are also some libraries such as socket.io that will provide a constant interface for web sockets and the fallback to older-style HTTP communications for browsers that may not support web sockets. It is also possible to emulate web sockets via Flash for browsers that support Flash but not web sockets. The Web Sockets specification document also appears to be a work in progress. While web sockets have been deployed in several browsers, there is still very little documentation on how to implement them.

In recent years it has moved into the web space because all of the traits that make it useful in phone switches are very useful in a web server. The Erlang Yaws web server also supports web sockets right out of the box. The documentation can be found at the Web Sockets in Yaws web page, along with code for a simple echo server. Example 9-5. Erlang Yaws web socket handler out(A) -> case get_upgrade_header(A#arg.headers) of undefined -> {content, "text/plain", "You're not a web sockets client! Go away!"}; "WebSocket" -> WebSocketOwner = spawn(fun() -> websocket_owner() end), {websocket, WebSocketOwner, passive} end. websocket_owner() -> receive {ok, WebSocket} -> %% This is how we read messages (plural!!) from websockets on passive mode case yaws_api:websocket_receive(WebSocket) of {error,closed} -> io:format("The websocket got disconnected right from the start. " "This wasn't supposed to happen!!

While web sockets have been deployed in several browsers, there is still very little documentation on how to implement them. There have also been several earlier versions of the web sockets standard that are not always compatible. The Web Sockets Interface To use a web socket, start by creating a WebSocket object. As a parameter, pass a web socket URL. Unlike an HTTP URL, a web socket URL will start with ws or wss. The latter is a secure web socket that will use SSL, similar to HTTPS under Ajax: var socket = new WebSocket("ws://example.com/socket"); Once a socket connection is opened, the socket’s socket.onopen() callback will be called to let the program know that everything is ready. When the socket closes, the socket.onclose() method will be called. If the browser wishes to close the socket, it should call socket.close(). To send data over the socket, use the socket.send("data") method.

 

pages: 136 words: 20,501

Introduction to Tornado by Michael Dory, Adam Parrish, Brendan Berg

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Firefox, social web, web application, WebSocket

The HTML 5 spec not only describes the communication protocol itself, but also the browser APIs that are required to write client-side code that use WebSockets. Since WebSocket support is already supported in some of the latest browsers and since Tornado helpfully provides a module for it, it’s worth seeing how to implement applications that use WebSockets. Tornado’s WebSocket Module Tornado provides a WebSocketHandler class as part of the websocket module. The class provides hooks for WebSocket events and methods to communicate with the connected client. The open method is called when a new WebSocket connection is opened, and the on_message and on_close methods are called when the connection receives a new message or is closed by the client. Additionally, the WebSocketHandler class provides the write_message method to send messages to the client and the close method to close the connection.

Since we’re still using the HTTP API calls in the CartHandler class, we don’t listen for new messages on the WebSocket connection, so the on_message implementation is empty. (We override the default implementation of on_message to prevent Tornado from raising a NotImplementedError if we happen to receive a message.) Finally, the callback method writes the message contents to the WebSocket connection when the inventory changes. The JavaScript code in this version is virtually identical. We just need to change the requestInventory function. Instead of making an AJAX request for the long polling resource, we use the HTML 5 WebSocket API. See Example 5-8. Example 5-8. Web Sockets: The new requestInventory function from inventory.js function requestInventory() { var host = 'ws://localhost:8000/cart/status'; var websocket = new WebSocket(host); websocket.onopen = function (evt) { }; websocket.onmessage = function(evt) { $('#count').html($.parseJSON(evt.data)['inventoryCount']); }; websocket.onerror = function (evt) { }; } After creating a new WebSocket connection to the URL ws://localhost:8000/cart/status, we add handler functions for each of the events we want to respond to.

class EchoHandler(tornado.websocket.WebSocketHandler): def on_open(self): self.write_message('connected!') def on_message(self, message): self.write_message(message) As you can see in our EchoHandler implementation, the on_open method simply sends the string “connected!” back to the client using the write_message method provided by the WebSocketHandler base class. The on_message method is invoked every time the handler receives a new message from the client, and our implementation echoes the same message back to the client. That’s all there is to it! Let’s take a look at a complete example to see how easy this protocol is to implement. Example: Live Inventory with WebSockets In this section, we will see how easy it is to update the HTTP long polling example we saw previously to use WebSockets. Keep in mind, however, that WebSockets are a new standard and are only supported by the very latest browser versions.

 

pages: 435 words: 62,013

HTML5 Cookbook by Christopher Schmitt, Kyle Simpson

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Firefox, Internet Archive, security theater, web application, WebSocket

This would be useful if, for instance, you wanted to have a worker running in the background every so often, notifying the page each time it runs: self.onmessage = function(evt) { setInterval(function(){ self.postMessage(Math.random()); // send a random number back }, 60*60*1000); // execute once per hour }; See Also The W3C specification for Web Workers at http://dev.w3.org/html5/workers/. 10.5. Web Sockets Problem You want to create persistent, two-way communication between your web application and the server, so that both the browser and the server can send and receive data to and from each other as needed. Solution Most browsers now have the native ability to establish a bidirectional socket connection between themselves and the server, using the WebSocket API. This means that both sides (browser and server) can send and receive data. Common use cases for Web Sockets are live online games, stock tickers, chat clients, etc. To test if the browser supports Web Sockets, use the following feature-detect for the WebSocket API: var websockets_support = !!window.WebSocket; Now, let’s build a simple application with chat room–type functionality, where a user may read the current list of messages and add her own message to the room.

It’s similarly undesirable to instantiate a memory-heavy Flash instance to use socket communication. So, Web Sockets are understandably a welcomed addition to the “HTML5 & Friends” family of technologies. The message sending and receiving in Web Sockets is like a sensible mix between XHR and Web Workers, which we looked at in the previous recipe. Note Web Sockets require both the browser and the server to speak a standardized and agreed-upon protocol (much like HTTP is for normal web pages). However, this protocol has undergone quite a lot of experimentation and change as it has developed over the last couple of years. While things are beginning to stabilize, Web Sockets are still quite volatile, and you have to make sure that your server is speaking the most up-to-date version of the protocol so that the browser can communicate properly with it. The WebSocket object instance has, similar to XHR, a readyState property that lets you examine the state of the connection.

If Web Sockets are not supported, you’ll need to provide some fallback functionality for your application, or at least gracefully notify the user that his browser doesn’t support the required functionality. Fortunately, there’s a very easy way to do that. Because consistent browser support for Web Sockets has been elusive, the best practice suggestion for using Web Sockets is to use a library like Socket.io (http://socket.io), which attempts to use Web Sockets if available, and falls back to a variety of other techniques for communication if Web Sockets are not present. You should also be aware of how Web Sockets usage scales in terms of server resources. Traditional web requests only take up dedicated resources from the server for a split second at a time, which means you can serve a lot of web traffic from your server without having too much overlap and thus running out of resources. Sockets, on the other hand, tend to be more dedicated, so there can be issues with resource availability under high load.

 

pages: 325 words: 85,599

Professional Node.js: Building Javascript Based Scalable Software by Pedro Teixeira

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

en.wikipedia.org, Firefox, Google Chrome, node package manager, platform as a service, web application, WebSocket

To do this, the browser sends a special HTTP/1.1 request to the server, asking it to turn the connection of this request into a WebSockets connection: GET /chat HTTP/1.1 Host: server.example.com Upgrade: websocket Connection: Upgrade Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ== Origin: http://example.com Sec-WebSocket-Protocol: chat, superchat Sec-WebSocket-Version: 13 Although this starts out as a regular HTTP connection, the client asks to “upgrade” this connection to a WebSocket connection. If the server supports the WebSocket protocol, it answers like this: HTTP/1.1 101 Switching Protocols Upgrade: websocket Connection: Upgrade Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo= Sec-WebSocket-Protocol: chat This marks the end of the handshake, and the connection switches to data transfer mode. Both sides can now send messages back and forth without any HTTP overhead or additional handshakes, making it a bi-directional full-duplex communication connection in which both client and server can send messages to one another at any time without having to wait for one another.

USING SOCKET.IO TO BUILD WEBSOCKET APPLICATIONS Although implementing your own WebSocket server for Node.js is possible, it’s not necessary. Many low-level details need to be taken care of before you can implement an actual application on top of it, which makes using a library a lot more practical. The de facto standard library for building WebSocket Node.js applications is Socket.IO. Not only is it a wrapper library that makes building WebSocket servers very convenient, it also provides transparent fallback mechanisms like long polling for clients that don’t support the WebSocket protocol. Furthermore, it ships with a client-side library that provides a convenient API for developing the browser part of the application. Using Socket.IO, you never need to grapple with the low-level implementation details of a WebSocket server or client. You get a clean and expressive API on both sides, which allows writing real-time applications with ease.

As you can see, both sides use a similar vocabulary. On the server, the first step is to bind to a TCP port, 4000 in this case. As soon as the server is running, it listens to incoming WebSocket connections. The connection event is triggered as soon as a new client connects. The server then listens for incoming messages on this connection, logging the content of any message it receives. NOTE As you can see, Socket.IO provides a message-oriented communication mechanism. This is an improvement over the underlying WebSockets protocol, which doesn’t provide message framing. You can also see that Socket.IO does not distinguish between a client that is connected using WebSockets or any other type of mechanism: It provides a unified API that abstracts away those implementation details. The event name my event is arbitrary – it’s just a label the client gives the messages it sends, and it is used to distinguish among different types of messages within an application.

 

pages: 1,038 words: 137,468

JavaScript Cookbook by Shelley Powers

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Firefox, Google Chrome, hypertext link, p-value, semantic web, web application, WebSocket

Demonstration of updates from polled Ajax calls new JavaScript API called WebSockets. Currently only implemented in Chrome, Web- Sockets enables bidirectional communication between server and client by using the send method on the WebSocket object for communicating to the server, and then at- taching a function to WebSocket’s onmessage event handler to get messages back from the server, as demonstrated in the following code from the Chromium Blog: if ("WebSocket" in window) { var ws = new WebSocket("ws://example.com/service"); ws.onopen = function() { // Web Socket is connected. You can send data by send() method. ws.send("message to send"); .... }; ws.onmessage = function (evt) { var received_msg = evt.data; ... }; ws.onclose = function() { // websocket is closed. }; } else { // the browser doesn't support WebSocket. } Another approach is a concept known as long polling.

Instead, it holds the connection open and does not respond until it has the requested data, or until a waiting time is exceeded. See Also See Recipe 14.8 for a demonstration of using this same functionality with an ARIA live region to ensure the application is accessible for those using screen readers. The W3C WebSockets API specification is located at http://dev.w3.org/html5/websockets/, and the 18.9 Using a Timer to Automatically Update the Page with Fresh Data | 429 Chrome introduction of support for WebSockets is at http://blog.chromium.org/2009/ 12/web-sockets-now-available-in-google.html. 18.10 Communicating Across Windows with PostMessage Problem Your application needs to communicate with a widget that’s located in an iFrame. However, you don’t want to have to send the communication through the network. Solution Use the new HTML5 postMessage to enable back-and-forth communication with the iFrame widget, bypassing network communication altogether.

This new function- ality originated with HTML5, though it has since split off to its own specification. It’s an uncomplicated functionality that allows for easy communication between a parent and child window, even if the child window is located in another domain. There are two other new communication APIs in work: Cross Origin Resource Sharing (CORS) and the Web Sockets API. Both are being developed in the W3C, and both are currently in Working Draft state: CORS at http://www.w3.org/TR/access-control/ and Web Sockets at http://dev.w3.org/html5/websockets/. CORS is a way of doing cross-domain Ajax calls, and is currently im- plemented in Firefox 3.5 and up, and Safari 4.x and up. The Web Sock- ets API is a bidirectional communication mechanism, implemented only in Chrome at this time. 413 18.1 Accessing the XMLHttpRequest Object Problem You want to access an instance of the XMLHttpRequest object.

 

pages: 266 words: 38,397

Mastering Ember.js by Mitchel Kelonye

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

Firefox, MVC pattern, single page application, web application, WebRTC, WebSocket

Ensure that you also attempt the given exercises in order to understand the following: Making Ajax requests Understanding Ember-data Creating data stores Defining models Declaring model relations Creating records Updating records Deleting records Persisting data Finding records Defining a store's adapter Creating REST APIs Customizing a store's serializer Making Ajax requests Most web applications communicate with backend services through either of the following technologies: Web sockets Ajax This chapter will mainly deal with Ajax, which enables client applications to send asynchronous requests to remote services through the use of XMLHttpRequests. Web sockets will be handled in a later chapter, but we'll find that many concepts used will be related. Here's an example of a POST request to a music catalog endpoint: var data = JSON.stringify({ album: 'Folie A Deux', artiste: 'Fall Out Boy' }); function onreadystatechange(event){ if (event.target.readyState != 4) return; console.log('POST /albums %s', event.target.status); } var xhr = new XMLHttpRequest(); xhr.onreadystatechange = onreadystatechange; xhr.open('POST', '/albums'); xhr.setRequestHeader('Content-type', 'application/json'); xhr.send(data); This is obviously boilerplate code, and jQuery makes this as simple as: $ .post('/albums', data) .then(function(albut){ console.log('POST /albums 200'); }); There are numerous ways we could integrate this into an Ember.js application.

For example, the first sample defines its adapter as follows: App.ApplicationAdapter = DS.FixtureAdapter; All adapters need to implement the following methods: find findAll findQuery createRecord updateRecord deleteRecord These adapters enable applications to stay in sync with various data stores such as: Local caches A browser's local storage or indexdb Remote databases through REST Remote databases through RPC Remote databases through WebSockets These adapters are, therefore, swappable in case applications need to use different data providers. Ember-data comes with two built-in adapters: the fixtures-adapter and the rest-adapter. The fixtures adapter uses an in-browser cache to store the application's records. This adapter is especially useful when the backend service of the project is either inaccessible for testing or is still being developed.

We have learned how to create records from defined models as well as updating and deleting them. We have also learned the different customizations we would need to make in order to consume existing APIs as much as possible. We should, therefore, be comfortable enough to start writing any client-side applications backed by REST APIs. As we proceed to the other exciting chapters, we should start thinking of how web sockets, JSONP, and RPC can be integrated with Ember-data seamlessly. Chapter 9. Logging, Debugging, and Error Management Until now, we have learned the basics of architecting and building Ember.js applications. In this chapter, we will learn how to debug these applications in order to not only reduce development time, but also to make development more fun. We will, therefore, cover the following topics: Logging Tracing events Debugging errors Using the Ember.js inspector Logging and debugging Ember.js can be downloaded in two formats that are meant to be used in development and production environments accordingly.

 

Exploring ES6 - Upgrade to the next version of JavaScript by Axel Rauschmayer

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

anti-pattern, domain-specific language, en.wikipedia.org, Firefox, Google Chrome, MVC pattern, web application, WebSocket

The following code demonstrates how to download the content pointed to by url as an ArrayBuffer: fetch(url) .then(request => request.arrayBuffer()) .then(arrayBuffer => ···); 20.6.4 Canvas Quoting the HTML5 specification¹²: ¹⁰http://www.w3.org/TR/XMLHttpRequest/ ¹¹https://fetch.spec.whatwg.org/ ¹²http://www.w3.org/TR/html5/scripting-1.html#the-canvas-element Typed Arrays 324 The canvas element provides scripts with a resolution-dependent bitmap canvas, which can be used for rendering graphs, game graphics, art, or other visual images on the fly. The 2D Context of canvas¹³ lets you retrieve the bitmap data as an instance of Uint8ClampedArray: let let let let canvas = document.getElementById('my_canvas'); context = canvas.getContext('2d'); imageData = context.getImageData(0, 0, canvas.width, canvas.height); uint8ClampedArray = imageData.data; 20.6.5 WebSockets WebSockets¹⁴ let you send and receive binary data via ArrayBuffers: let socket = new WebSocket('ws://127.0.0.1:8081'); socket.binaryType = 'arraybuffer'; // Wait until socket is open socket.addEventListener('open', function (event) { // Send binary data let typedArray = new Uint8Array(4); socket.send(typedArray.buffer); }); // Receive binary data socket.addEventListener('message', function (event) { let arrayBuffer = event.data; ··· }); 20.6.6 Other APIs • WebGL¹⁵ uses the Typed Array API for: accessing buffer data, specifying pixels for texture mapping, reading pixel data, and more. • The Web Audio API¹⁶ lets you decode audio data¹⁷ submitted via an ArrayBuffer. ¹³http://www.w3.org/TR/2dcontext/ ¹⁴http://www.w3.org/TR/websockets/ ¹⁵https://www.khronos.org/registry/webgl/specs/latest/2.0/ ¹⁶http://www.w3.org/TR/webaudio/ ¹⁷http://www.w3.org/TR/webaudio/#dfn-decodeAudioData 325 Typed Arrays • Media Source Extensions¹⁸: The HTML media elements are currently <audio> and <video>.

Typed Arrays . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20.2 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . 20.2.1 Element types . . . . . . . . . . . . . . . . . . . . . 20.2.2 Handling overflow and underflow . . . . . . . . . . 20.2.3 Endianness . . . . . . . . . . . . . . . . . . . . . . . 20.2.4 Negative indices . . . . . . . . . . . . . . . . . . . . 20.3 ArrayBuffers . . . . . . . . . . . . . . . . . . . . . . . . . . 20.3.1 ArrayBuffer constructor . . . . . . . . . . . . . . . 20.3.2 Static ArrayBuffer methods . . . . . . . . . . . . . 20.3.3 ArrayBuffer.prototype properties . . . . . . . . 20.4 Typed Arrays . . . . . . . . . . . . . . . . . . . . . . . . . 20.4.1 Typed Arrays versus normal Arrays . . . . . . . . . 20.4.2 Typed Arrays are iterable . . . . . . . . . . . . . . . 20.4.3 Converting Typed Arrays to and from normal Arrays 20.4.4 The Species pattern for Typed Arrays . . . . . . . . . 20.4.5 The inheritance hierarchy of Typed Arrays . . . . . . 20.4.6 Static TypedArray methods . . . . . . . . . . . . . . 20.4.7 TypedArray.prototype properties . . . . . . . . . 20.4.8 «ElementType»Array constructor . . . . . . . . . . 20.4.9 Static «ElementType»Array properties . . . . . . . 20.4.10«ElementType»Array.prototype properties . . . . 20.4.11Concatenating Typed Arrays . . . . . . . . . . . . . 20.5 DataViews . . . . . . . . . . . . . . . . . . . . . . . . . . . 20.5.1 DataView constructor . . . . . . . . . . . . . . . . . 20.5.2 DataView.prototype properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307 307 308 309 310 311 312 312 313 313 313 313 313 314 314 315 315 315 317 320 320 321 321 322 322 322 CONTENTS 20.6 Browser APIs that support Typed Arrays . 20.6.1 File API . . . . . . . . . . . . . . . 20.6.2 XMLHttpRequest . . . . . . . . . 20.6.3 Fetch API . . . . . . . . . . . . . . 20.6.4 Canvas . . . . . . . . . . . . . . . 20.6.5 WebSockets . . . . . . . . . . . . . 20.6.6 Other APIs . . . . . . . . . . . . . 20.7 Extended example: JPEG SOF0 decoder . 20.7.1 The JPEG file format . . . . . . . . 20.7.2 The JavaScript code . . . . . . . . 20.8 Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322 322 323 323 323 324 324 325 325 325 327 21.

Two kinds of views are used to access the data: • Typed Arrays (Uint8Array, Int16Array, Float32Array, etc.) interpret the ArrayBuffer as an indexed sequence of elements of a single type. • Instances of DataView let you access data as elements of several types (Uint8, Int16, Float32, etc.), at any byte offset inside an ArrayBuffer. The following browser APIs support Typed Arrays (details are mentioned later): • • • • • • File API XMLHttpRequest Fetch API Canvas WebSockets And more 307 Typed Arrays 308 20.2 Introduction Much data one encounters on the web is text: JSON files, HTML files, CSS files, JavaScript code, etc. For handling such data, JavaScript’s built-in string data type works well. However, until a few years ago, JavaScript was not well equipped to handle binary data. On 8 February 2011, the Typed Array Specification 1.0¹ standardized facilities for handling binary data.

 

pages: 834 words: 180,700

The Architecture of Open Source Applications by Amy Brown, Greg Wilson

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

8-hour work day, anti-pattern, bioinformatics, c2.com, cloud computing, collaborative editing, combinatorial explosion, computer vision, continuous integration, create, read, update, delete, Debian, domain-specific language, en.wikipedia.org, fault tolerance, finite state, Firefox, friendly fire, linked data, load shedding, locality of reference, loose coupling, Mars Rover, MVC pattern, premature optimization, recommendation engine, revision control, side project, Skype, slashdot, social web, speech recognition, the scientific method, The Wisdom of Crowds, web application, WebSocket

However, it is both specific to the Mozilla/XPCOM browser platform, as well as to the D-Bus/Telepathy messaging platform. 19.7.1. Cross-browser Transport To make this work across browsers and operating systems, we use the Web::Hippie4 framework, a high-level abstraction of JSON-over-WebSocket with convenient jQuery bindings, with MXHR (Multipart XML HTTP Request5) as the fallback transport mechanism if WebSocket is not available. For browsers with Adobe Flash plugin installed but without native WebSocket support, we use the web_socket.js6 project's Flash emulation of WebSocket, which is often faster and more reliable than MXHR. The operation flow is shown in Figure 19.17. Figure 19.17: Cross-Browser Flow The client-side SocialCalc.Callbacks.broadcast function is defined as: var hpipe = new Hippie.Pipe(); SocialCalc.Callbacks.broadcast = function(type, data) { hpipe.send({ type: type, data: data }); }; $(hpipe).bind("message.execute", function (e, d) { var sheet = SocialCalc.CurrentSpreadsheetControlObject.context.sheetobj; sheet.ScheduleSheetCommands( d.data.cmdstr, d.data.saveundo, true // isRemote = true ); break; }); Although this works quite well, there are still two remaining issues to resolve. 19.7.2.

The server needs to be configured as a proxy so that it can intercept any requests that are made to it without causing the calling Javascript to fall foul of the "Single Host Origin" policy, which states that only resources from the same server that the script was served from can be requested via Javascript. This is in place as a security measure, but from the point of view of a browser automation framework developer, it's pretty frustrating and requires a hack such as this. The reason for making an XmlHttpRequest call to the server is two-fold. Firstly, and most importantly, until WebSockets, a part of HTML5, become available in the majority of browsers there is no way to start up a server process reliably within a browser. That means that the server had to live elsewhere. Secondly, an XMLHttpRequest calls the response callback asynchronously, which means that while we're waiting for the next command the normal execution of the browser is unaffected. The other two ways to wait for the next command would have been to poll the server on a regular basis to see if there was another command to execute, which would have introduced latency to the users tests, or to put the Javascript into a busy loop which would have pushed CPU usage through the roof and would have prevented other Javascript from executing in the browser (since there is only ever one Javascript thread executing in the context of a single window).

There are many interesting possibilities with this open-source spreadsheet engine, and if you can find a way to embed SocialCalc into your favorite project, we'd definitely love to hear about it. Footnotes https://github.com/audreyt/wikiwyg-js http://one.laptop.org/ http://seeta.in/wiki/index.php?title=Collaboration_in_SocialCalc http://search.cpan.org/dist/Web-Hippie/ http://about.digg.com/blog/duistream-and-mxhr https://github.com/gimite/web-socket-js http://perlcabal.org/syn/S02.html http://fit.c2.com/ http://search.cpan.org/dist/Test-WWW-Mechanize/ http://search.cpan.org/dist/Test-WWW-Selenium/ https://www.socialtext.net/open/?cpal http://opensource.org/ http://www.fsf.org https://github.com/facebook/platform https://github.com/reddit/reddit The Architecture of Open Source Applications Amy Brown and Greg Wilson (eds.) ISBN 978-1-257-63801-7 License / Buy / Contribute Chapter 20.

 

pages: 570 words: 115,722

The Tangled Web: A Guide to Securing Modern Web Applications by Michal Zalewski

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

barriers to entry, business process, defense in depth, easy for humans, difficult for computers, fault tolerance, finite state, Firefox, Google Chrome, information retrieval, RFC: Request For Comment, semantic web, Steve Jobs, telemarketer, Turing test, Vannevar Bush, web application, WebRTC, WebSocket

In their view, any sites that need a form of authentication should instead rely on explicitly exchanged authentication tokens.[79] The other, more pragmatic criticism of CORS is that the scheme is needlessly complicated: It extends an already problematic and error-prone API without clearly explaining the benefits of some of the tweaks. In particular, it is not clear if the added complexity of preflight requests is worth the peripheral benefit of being able to issue cross-domain requests with unorthodox methods or random headers. The last of the weak complaints hinges on the fact that CORS is susceptible to header injection. Unlike some other recently proposed browser features, such as WebSockets (Chapter 17), CORS does not require the server to echo back an unpredictable challenge string to complete the handshake. Particularly in conjunction with preflight caching, this may worsen the impact of certain header-splitting vulnerabilities in the server-side code. XDomainRequest Microsoft’s objection to CORS appears to stem from the aforementioned concerns over the use of ambient authority, but it also bears subtle overtones of their dissatisfaction with interactions with W3C.

Binary HTTP SPDY[258] (“Speedy”) is a simple, encrypted drop-in replacement for HTTP that preserves the protocol’s key design principles (including the layout and function of most headers). At the same time, it mini- mizes the overhead associated with delivering concurrent requests or with the parsing of text-based requests and response data. The protocol is currently supported only in Chrome, and other than select Google services, it is not commonly encountered on the Web. It may be coming to Firefox soon, too, however. HTTP-less networking WebSocket[259] is a still-evolving API designed for negotiating largely unconstrained, bidirectional TCP streams for when the transactional nature of TCP gets in the way (e.g., in the case of a low-latency chat application). The protocol is bootstrapped using a keyed challenge-response handshake, which looks sort of like HTTP and which is (quite remarkably) impossible to spoof by merely exploiting a header-splitting flaw in the destination site.

[256] “navigator.registerProtocolHandler,” Mozilla Developer Network, https://developer.mozilla.org/en/DOM/window.navigator.registerProtocolHandler. [257] “Manipulating the Browser History,” Mozilla Developer Network, https://developer.mozilla.org/en/DOM/Manipulating_the_browser_history/. [258] A. Langley and M. Belsche, “SPDY: An Experimental Protocol for a Faster Web,” The Chromium Projects, http://www.chromium.org/spdy/spdy-whitepaper/. [259] I. Fette and A. Melnikov, “The WebSocket Protocol,” IETF Request for Comments draft (2011), http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-10/. [260] J. Rosenberg, M. Kaufman, M. Hiie, and F. Audet, “An Architectural Framework for Browser Based Real-Time Communications,” IETF Request for Comments draft (2011), http://tools.ietf.org/html/draft-rosenberg-rtcweb-framework-00/. [261] I. Hickson, “HTML5: 5.6—Offline Web Applications,” World Wide Web Consortium (2011), http://www.w3.org/TR/html5/offline.html

 

pages: 196 words: 58,122

AngularJS by Brad Green, Shyam Seshadri

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

combinatorial explosion, continuous integration, Firefox, Google Chrome, MVC pattern, node package manager, single page application, web application, WebSocket

Generically, we call these dependencies services, as they provide specific services to our application. For example, if in our shopping website a controller needs to get a list of items for sale from the server, we’d want some object—let’s call it Items—to take care of getting the items from the server. The Items object, in turn, needs some way to communicate with the database on the server over XHR or WebSockets. Doing this without modules looks something like this: function ItemsViewController($scope) { // make request to server … // parse response into Item objects … // set Items array on $scope so the view can display it ... } While this would certainly work, it has a number of potential problems. If some other controller also needs to get Items from the server, we now have to replicate this code.

throw operator, Expressions time zones, Common Gotchas tokens, XSRF transclude property, API Overview, Transclusion transformations, Transformations on Requests and Responses transitive changes, Performance Considerations in watch() U UIs (User Interfaces) creating dynamic, Data Binding separating responsibilities in, Separating UI Responsibilities with Controllers unauthorized transfers, XSRF unit tests, The Tests–Unit Tests for $http service, Unit Testing for app logic, A Few Words on Unobtrusive JavaScript for ngResource, Unit Test the ngResource in Karma, Integrating AngularJS with RequireJS Jasmine style, Unit Tests Jasmine-style, Project Organization with monkey patches, Organizing Dependencies with Modules uppercase filter, Formatting Data with Filters user input, validation of, Validating User Input, The Templates username requirement, enforcing, The Templates V validation tools, Karma, Directives and HTML Validation (see also form validation controls) variables, in data binding, An Example: Shopping Cart vendor folder, Project Organization View Controller, Controllers views adding with Yeoman, Adding New Routes, Views, and Controllers basics of, Model View Controller, Relationship Between Model, Controller, and Template changing with routes and $location, Changing Views with Routes and $location–controllers.js creation of, Model View Controller exposing model data to, Publishing Model Data with Scopes working example of, The Templates W watchAction, Observing Model Changes with $watch watchFn, Observing Model Changes with $watch, Performance Considerations in watch() web development platforms, IDEs web servers starting with ExpressJS, Without Yeoman starting with Yeoman, With Yeoman WebSockets, Organizing Dependencies with Modules WebStorm development platform, IDEs while loop, Expressions window.location vs. $location, $location Windows OS, and Yeoman, Project Organization workflow optimization, Yeoman: Optimizing Your Workflow X XHR, Organizing Dependencies with Modules xHTML naming format, Directives and HTML Validation XML naming format, Directives and HTML Validation XSRF, Talking to Servers XSRF (Cross-Site Request Forgery) attacks, XSRF Y Yeoman, Yeoman: Optimizing Your Workflow overview of, Project Organization starting web servers in, With Yeoman About the Authors Brad Green works at Google as an engineering manager.

 

pages: 193 words: 46,550

Twisted Network Programming Essentials by Jessica McKellar, Abe Fettig

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

continuous integration, WebSocket

Protocols and transports are decoupled, which makes transport reuse and protocol testing easy. The Twisted Core examples directory has many additional examples of basic servers and clients, including implementations for UDP and SSL. The Twisted Core HOWTO index has an extended “Twisted from Scratch” tutorial that builds a finger service from scratch. One real-world example of building a protocol in Twisted is AutobahnPython, a Web‐ Sockets implementation. 22 | Chapter 2: Building Basic Clients and Servers Twisted has been developing a new higher-level endpoints API for creating a connection between a client and server. The endpoints API wraps lower-level APIs like lis tenTCP and connectTCP, and provides greater flexibility because it decouples con‐ structing a connection from initiating use of the connection, allowing parameterization of the endpoint.

161 Index A adbapi switching from blocking API to, 77–79 using with SQLite, 78 addBoth method, 36, 56 addCallback method, 26, 31–35, 36 addCallbacks method, 27–28, 33–35, 36 addErrback method, 27–27, 31–35, 36 administrative Python shell, SSH providing, 153–155 Agent API, 53, 55–60 agent.request, 56 AlreadyCalledError, 35 ampoule, 101 API Agent, 53, 55–60 blocking, 77–79, 93 Deferred, 36, 50, 50 (see also Deferreds) platform-independent, 96 producer/consumer, 58 threading, 101 API documentation, using Twisted, 8–8 applications, deploying Twisted, 63–69 Applications, in Twisted application infrastruc‐ ture, 64 Ascher, David, Learning Python, xvi asynchronous code about using Deferreds in, 25 addCallback method vs. addErrback meth‐ od, 33–35 keyfacts about Deferreds, 35 managing callbacks not registered, 25 structure of Deferreds, 26–28 structuring, 25 using callback chains inside of reactor, 28–29 using callback chains outside of reactor, 26– 28 asynchronous headline retriever, 28 asynchronous responses, web server, 49–51 authentication in Twisted applications, 89–90 using public keys for, 151–153, 158 authentication, using Cred about, 81 chat-specific, 121–124 components of, 81–82 examples of, 82–86 process in, 84 AuthOptionMixin class, 89–91 AutobahnPython, Web-Sockets implementa‐ tion, 22 avatar ID, definition of, 82 avatar, definition of, 81 B blocking API, 77–79, 93 blockingApiCall, 95 We’d like to hear your suggestions for improving our indexes. Send email to index@oreilly.com. 163 blockingCallFromThread method, 96 blogs, for Twisted, 9 browsers GET request, 42 serializing requests to same resource, 51 buildProtocol method, 16, 85, 130 C C compiler, installing, 5 Calderone, JP, “Twisted Conch in 60 Seconds” series, 158 callback chains in Deferreds, 26–28 using inside of reactor, 28–29 using outside of reactor, 26–28 callbacks attaching to non-blocking database queries, 78, 79 attaching to writeSuccessResponse, 97 Deferreds using outside of reactor, 26–28 failing to register, 25 practice using, 30–31 registering multiple, 27–28 callFromThread method, 96 callInThread method, 93 callLater method, 29, 108, 112 callMultipleInThread method, 96 channelOpen method, 158 ChatFactory, 21, 106 ChatProtocol states, 21 chatserver, testing, 106–108 client, 142 (see also web client) communication in Twisted, 19 IRC, 119–121 POP3, 142 simultaneous connections to server, 19 SMTP, 127–129, 143 SSH, 156–158 TCP echo, 11–16 ClientCommandTransport class, 158 ClientConnection class, 158 clients IMAP, 137–139 closed method, 158 ColorizedLogObserver, 74 commands standard library module, 96–100 conchFactory, manhole_ssh, 155 ConchUser class, 149 164 | Index connection.SSHConnection class, 156 connectionLost method, 15, 56 connectionMade method, 15, 98, 99 connectionSecure method, 158 connectTCP method, 14 Cred authentication system about, 81 chat-specific, 121–124 components of, 81–82 examples of, 82–86 process in, 84 SSH server, 145–146 credentialInterfaces class variable, 87 credentialInterfaces, authenticating, 85 credentials checkers database-backed, 87–88 DBCredentialsChecker, 87–88, 110–112 definition of, 82 FilePasswordDB, 86 IMAP, 133 in UNIX systems, 91 POP3, 139 returning Deferred to Portal, 85 SSH server, 145–146, 153 credentials, definition of, 81 curses library, 150 D DailyLogFile class, 73 data, streaming large amounts of, 58 databases, non-blocking queries, 77–79 dataReceived method, 15, 56 dataReceived methods, IProtocol interface, 20 DBCredentialsChecker, 87–88, 110–112 decoupling, transports and protocols, 16 deferLater method, 94 Deferreds about Deferred API, 36 agent.request returning, 56 asynchronous responses on web server us‐ ing, 50 credentials checker to Portal, 85 in non-blocking database queries, 78, 79 keyfacts about, 35 POP3 client returning, 142 practice using, 30–35 shutting down reactor before firing, 95 testing, 109–112 using callback chains inside of reactor, 28–29 using callback chains outside of reactor, 26– 28 using in asynchronous code, 25 deferToThread method, 93 DirtyReactorAggregateError, 110 Dive Into Python (Pilgrim), xvi downloading Python, xvi TortoiseSVN, 6 Twisted, 3 web resources, 54–55 downloadPage helper, 54–55 dynamic content, serving, 45 dynamic URL dispatch, 46–48 E echo application, turning echo server into, 64 echo bot IRC, 119–121 talking in #twisted-bots with, 122 Echo protocol, testing, 104–105 echo TCP servers and clients, 11–16 EchoFactory class, 16, 64, 72, 85, 90, 104 emails IMAP client for, 137–139 POP3 servers for, 139–143 sending using SMTP, 127–128 serving messages using IMAP, 133–137 storing using SMTP servers, 130–132 emit method, 74 errbacks attaching to non-blocking database queries, 78 Deferreds using outside of reactor, 26–27 practice using, 30–33 errReceived method, 99 event-driven programming, 12–14 F fakeRunqueryMatchingPassword, 111–112 FileLogObserver, 73–74 FilePasswordDB credential checker, 86 Free Software (Open Source movements), x, xiii G GET requests handling, 43–48 making HTTP, 40–42 getHost method, ITransport interface, 14 getManholeFactory function, 155–155 getPage helper, 53–54 getPassword method, 158 getPeer method, ITransport interface, 14 getPrivateKey method, 158 getPrivateKeyString functions, 150, 150 getProcessOutput method, 96, 97, 98 getProcessValue method, 96 getPu blicKey method, 158 getPublicKeyString functions, 150, 150 H headline retriever, asynchronous, 28 HistoricRecvLine, 145, 149 HTTP client, 55 (see also web client) Agent API, 55–60 HTTP GET request, 40–42 HTTP HEAD request, 57–57 HTTP servers, 39 (see also web servers) about, 39 parsing requests, 42 responding to requests, 39–42 tutorials related to, 51 HTTPEchoFactory, 40, 66 I IAccount, imap4, 133 IAvatar, 150 IBodyProducer interface, 58 IChatService interface, InMemoryWordsRealm implementing, 121 ICredentialsChecker interface, 87 IMailbox, imap4, 133 IMAP (Internet Message Access Protocol) about, 125, 132 clients, 137–139 servers, 133–137 imap4 IAccount, 133 IMailbox, 133 IMessage, 133 IMessage, imap4, 133 IMessageDelivery interface, 130 in-application logging, 71–73 Index | 165 inConnectionLost method, 99, 99 infrastructure, Twisted application, 63–67 InMemoryWordsRealm, implementing IChat‐ Service interface, 121 installing Twisted, 3–6 insults library, 150 integration-friendly platform, xv IPlugin class, 67 IProcessProtocol, 98 IProtocol interface methods, 15 IProtocolAvatar interface, 85 IRC channels, for Twisted, 9 IRC clients, 119–121 IRC servers, 121–124 IRCFactory, 122 IRCUser protocol, 121 irc_* handler, implementing, 122 IResource interface, 44 irssi, connecting to twisted IRC server using, 122 IService interface, implementing, 64 IServiceMaker class, 67 ISession, 149 ISSH PrivateKey, 153 ITransport interface methods, 14 IUsernameHashedPassword, 88–88 K key-based authentication, supporting both user‐ name/password and, 153 Klein micro-web framework, 51 L Learning Python (Lutz and Ascher), xvi Lefkowitz, Matthew “the Glyph”, ix–xi lineReceived method, 40, 106, 145, 149 lineReceived methods, 20 LineReceiver, 97, 145 Linux installing PyCrypto for, 4 installing pyOpenSSL for, 4 installing Twisted on, 3–4 Linux distributions, OpenSSH SSH implemen‐ tation on, 146 listenTCP method, 14, 40 listSize method, 142 log.addObserver, 74 logging systems, 71–75 166 | Index LogObserver, 74 LoopingCall, 94 loseConnection method, ITransport interface, 14 Lutz, Mark, Learning Python, xvi M Mac OS X, 146 (see also OS X) OpenSSH SSH implementation on, 146 mail (see emails) Maildir IMAP server, 133–137 storage format, 130–132 using POP3, 139 mailing lists, for Twisted, 8–7 makeConnection method, 15 manhole_ssh, 155–155 manhole_ssh.ConchFactory class, 156 myCallback function, 26 myErrback function, 27 MyHTTP protocol, 43 MySQL, non-blocking interface for, 77 N namespace argument, 155–155 non-blocking code, using Deferreds in, 25 NOT_DONE_YET method, 50 nslookup command, 126 O Open Source movements (Free Software), x, xiii openShell method, 145–146, 150–150 OpenSSH SSH implementation, 146 optParameters instance variable, 67 OS X installing PyCrypto for, 5 installing pyOpenSSL for, 5 installing Twisted on, 5 OpenSSH SSH implementation on, 146 outConnectionLost method, 99 outReceived method, 99 P parsing HTTP requests, 42–43 passage of time, testing, 112–114 PasswordAuth class, 158 pauseProducing method, 58 persistent protocol state, stored in protocol fac‐ tory, 19 Pilgrim, Mark, Dive Into Python, xvi Planet Twisted blogs, 9 platform-independent API, 96 Plugins, in Twisted application infrastructure, 66–67, 69 POP3 (Post Office Protocol version 3) about, 125 servers, 139–143 Portal definition of, 82 IMAP, 133 in Cred authentication process, 85 POP3, 139 SSH server, 145–146 POST HTTP data, with Agent, 58 POST requests, handling, 48–49 Postgres, non-blocking interface for, 77 printing to stderr if headline is too long, 28 web resource, 53–54 printResource method, 56 private keys generating for SSH server, 150 RSA, 150 processEnded method, 99 processExited method, 99 ProcessProtocol, 98, 99 producer/consumer API, streaming large amounts of data using, 58 protocol code, mixing application-specific logic with, 22 protocol factories about, 16 IMAP server, 133 in Cred authentication process, 85–85 in HTTP GET request, 40, 43 persistent protocol state stored in, 19 POP3, 139 SMTP server, 130 protocol state machines, 19–21 protocols about, 15–16 creating subclass ResourcePrinter, 56 custom process, 98–100 decoupling, 16 HistoricRecvLine vs. regular, 149 IMAP server, 133 in Twisted Mail, 125 IRCUser, 121 POP3, 139 retrieving reason for terminated connection, 19 service implementations, 64 SMTP, 126–127 SSH server, 145–146, 149 testing, 104–108 Twisted Words, 119–124 proto_helpers, 104–105 public keys generating for SSH server, 150 using for authentication, 151, 158 PublicKeyCre dentialsChecker, 153 putChild method, 44 PyCrypto, installing for Linux, 4, 4 for OS X, 5, 5 Python about, xiii checking version of, 7 resources for learning and downloading, xvi Python shell, SSH providing administrative, 153–155 python-crypto,packages, for Windows, 4 python-openssl packages, for Windows, 4 python-twisted packages, 3 Q queries, non-blocking database, 77–79 quote, TCP servers and clients, 16–19 R reactor in serving static content, 44–44 shutting down before events complete, 95 testing and, 108–114 using callback chains inside of, 28–29 reactor event loop, 14 Realm IMAP, 133 POP3, 139 SSH server, 145–146, 150 realm, definition of, 82 receivedHeader method, 130 RecvLine class, 145 Index | 167 redirects, dynamic URL dispatch, 48 release tarball, installing Twisted from, 6 remote server using SSH, running commands on, 156–158 render_GET method, 46, 48, 50 render_POST method, 46 request blocks, rendering on web servers, 49–51 requestAvatar method, 86, 150, 153 requestAvatarId method, 87, 88, 153 requestAvatarID method, 110 Resource hierarchies, extending by registering child resources, 45 Resource subclass, defining dynamic resource by, 45 ResourcePrinter subclass, 56 resources, for answering questions about Twist‐ ed, 8–7 Response body, handling through agent.request, 56 Response metadata, retrieving, 57–57 resumeProducing method, 58 retrieve method, 142 rotateLength, 72, 73 RSA private keys, for SSH server, 150–150 RSA.generate, as blocking function, 150 RunCommand, 97 RunCommandFactory, 97 S Safari Books Online, xvii Scripts directory, adding to PATH in Windows, 4–5 sendData method, IProtocol interface, 20 sendLine methods, 20 sendRequest, 158 server, 51 (see also web server) client simultaneous connections to, 19 communication in Twisted, 19 examples at Twisted Web examples directo‐ ry, 51 IMAP, 133–137 IRC, 121–124 POP3, 139–143 SMTP, 128–132 SSH creating, 145–150 supporting both username/password and key-based authentication on, 153 168 | Index twisted.conch communicationg with, 156–158 TCP echo, 11–16 service plugin, components of, 67 Services, in twisted application infrastructure, 64 serviceStarted method, 158 serving dynamic content, 45 static content, 43–45 setResponseCode, 43 slowFunction, 109 SMTP (Simple Mail Transfer Protocol) about, 125 protocol, 126–127 sending emails using, 127–128 servers, 128–132 tutorial for building client, 143 source, installing Twisted from, 6 spawnProcess method, 98, 99 SQLite non-blocking interface for, 77 using adbapi with, 78 SSH (Secure SHell) about, 145 clients, 156–158 getting error on local machine, 149 providing administrative Python shell, 153– 155 running commands on remote server, 156– 158 server creating, 145–150 supporting both username/password and key-based authentication on, 153 using public keys for authentication, 151–153 ssh-keygen, using in Windows, 146 SSHDemoAvatar class, 149 SSHDemoProtocol class, 149 Stack Overflow programming Q & A site, for Twisted, 9 startLogging, 74 startProducing method, 58 startService method, 64 static content, serving, 43–45 static URL dispatch, 44 stderr, printing if headline is too long to, 28 stdout, logging to, 71–72 StdoutMessageDelivery, 130 StdoutSMTPFactory, 130 stopProducing method, 58 stopService method, 64 storing mail, 130 streaming, large amounts of data, 58 StringProducer, constructing, 58–60 StringTransport class, 104–105 subprocesses, running, 96–100 subproject documentation, using Twisted, 8 svn (subversion) repository, Twisted, 6 T TAC (Twisted Application Configuration) files, in Twisted application infrastructure, 64–65, 69 task module method, 94 TCP servers and clients echo, 11–16 quote, 16–19 TCP, HTTP using as transport-layer protocol, 40 telnet connections, terminating, 21 telnet utility, 40 TerminalRealm, manhole_ssh, 155 testing about, 103 Deferreds, 109–112 passage of time, 112–114 protocols, 104–108 reactor and, 108 writing and running unit tests with trial, 103–104 test_slowFunction, 109 threaded calls, making, 93–96, 101 threading API, 101 TortoiseSVN, downloading, 6 transport.SSHClientTransport class, 156 transports about, 14 decoupling, 16 twistd examples of, 68–68 in Twisted application infrastructure, 65–66 logging, 73 Twisted about, ix–xi, xiii–xv downloading and installing, 3–6 resources for answering questions about, 8– 7 svn repository, 6 testing installation of, 7–7 using API documentation, 8 Twisted Application Configuration (TAC) files, in Twisted application infrastructure, 64–65 Twisted applications authentication in, 89–91 deploying, 63–69 Twisted Conch examples, 158 Twisted Conch HOWTO, walking through im‐ plementing SSH client, 158 “Twisted Conch in 60 Seconds” series (Calder‐ one), 158 Twisted Core examples directory, 22 networking libraries, 8 Twisted Core HOWTO documents on Deferreds, 36 plugin discussion at, 69–69 TAC discussion at, 69–69 threads discussion at, 101 “Twisted From Scratch” tutorial, 22 Twisted Cred about, 81 authentication process in, 84 chat-specific authentication using, 121–124 components of, 81–82 examples of, 82–86 using on SSH server to support authentica‐ tion, 151–146 #twisted IRC channel, 9 Twisted Mail about, 125 examples directory, 143 Twisted Mail HOWTOtutorial, for building SMTP client, 143 Twisted Web Client HOWTO, discussing Agent API at, 60 Twisted Web HOWTO, tutorials related to HTTP servers, 51 Twisted Words, 119–124 #twisted-bots, talking with echo bot in, 122 twisted-python, mailing list, 8–9 twisted.application.service.Application, creating instance, 64–65 twisted.conch about, 145 Index | 169 communicationg with server using SSH, 156–158 writing SSH server and, 145 twisted.conch.avatar.ConchUser class, 149 twisted.conch.common.NS function, 158 twisted.conch.interfaces.IAvatar, 150 twisted.conch.interfaces.ISession, 149 twisted.conch.manhole_ssh module, 153 twisted.conch.recvline, 145, 149 twisted.conch.ssh.keys module, 150 twisted.enterprise.adbapi, as non-blocking in‐ terface, 77 twisted.internet.protocol.ProcessProtocol, 98 twisted.internet.task Clock class, 112 LoopingCall, 94 twisted.trial.unittest, 103–104 twisted.web implementations for common resources contained on, 44 mailing list, 9 parsing http requests from, 42–43 server, handling GET requests, 43–48 twisted.web.client downloadPage, 54–55 getPage, 53–54 initializing Agent, 55–56 U Ubuntu PPA, packages for Twisted, 4 unit tests, writing and running with trial, 103– 104 unittest framework, 103 unittest.tearDown test method, 108 UNIX systems curses library in, 150 using credentials checker in, 91 URL dispatch dynamic, 46–48 static, 44 userauth.SSHUserAuthClient class, 156, 158 170 | Index username/password, supporting both key-based authentication and, 153 V validateFrom method, 130 validateTo method, 130 verifyHostKey method, 158 verifySignature, 153 W wantReply, keyword argument, 158 web browsers GET request, 42 serializing requests to same resource, 51 web clients, Agent API, 55–60 web resources, downloading, 54–55 web servers about, 39 asynchronous responses on, 49–51 handling GET requests, 43–48 handling POST requests, 48–49 parsing requests, 42–43 responding to requests, 39–42 Windows adding the Scripts directory to PATH in, 4–5 installing PyCrypto for, 4 installing pyOpenSSL for, 4 installing Twisted on, 4–5 using ssh-keygen, 146 Wokkel library, 122 write method, ITransport interface, 14 writeSequence method, ITransport interface, 14 writeSuccessResponse, attaching callback to, 97 Z zope.interface import implements, 58 installing, 6 About the Authors Jessica McKellar is a software engineer from Cambridge, Massachusetts.

 

pages: 141 words: 9,896

Pragmatic Guide to JavaScript by Christophe Porteneuve

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

barriers to entry, domain-specific language, en.wikipedia.org, Firefox, web application, WebSocket

eBook <www.wowebook.com>this copy is (P1.0 printing, November 2010) U SING DYNAMIC M ULTIPLE F ILE U PLOADS 26 Using Dynamic Multiple File Uploads The file upload feature currently built into HTML (as in, pre-HTML5) basically blows. It’s single-file, it has no upload progress feedback, it cannot filter on size or file type constraints, and so on. And it uses Base64 encoding, which means every file sent is blown up by 33 percent. Unless we use stuff like WebSockets or SWFUpload, we are stuck with most of these limitations. However, we can improve the user experience a bit by letting users pick multiple files in a nice way. When I say “nice” here, I basically mean “without as many visible file controls as there are files.” I like how 37signals presents lists of files-to-be-uploaded in their products: a flat, icon-decorated list of filenames with the option to remove them from the upload “queue.”

 

pages: 540 words: 103,101

Building Microservices by Sam Newman

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

airport security, Amazon Web Services, anti-pattern, business process, call centre, continuous integration, create, read, update, delete, defense in depth, Edward Snowden, fault tolerance, index card, information retrieval, Infrastructure as a Service, inventory management, job automation, load shedding, loose coupling, platform as a service, premature optimization, pull request, recommendation engine, social graph, software as a service, the built environment, web application, WebSocket, x509 certificate

REST over HTTP payloads can actually be more compact than SOAP because it supports alternative formats like JSON or even binary, but it will still be nowhere near as lean a binary protocol as Thrift might be. The overhead of HTTP for each request may also be a concern for low-latency requirements. HTTP, while it can be suited well to large volumes of traffic, isn’t great for low-latency communications when compared to alternative protocols that are built on top of Transmission Control Protocol (TCP) or other networking technology. Despite the name, WebSockets, for example, has very little to do with the Web. After the initial HTTP handshake, it’s just a TCP connection between client and server, but it can be a much more efficient way for you to stream data for a browser. If this is something you’re interested in, note that you aren’t really using much of HTTP, let alone anything to do with REST. For server-to-server communications, if extremely low latency or small message size is important, HTTP communications in general may not be a good idea.

 

Industry 4.0: The Industrial Internet of Things by Alasdair Gilchrist

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

3D printing, additive manufacturing, Amazon Web Services, augmented reality, autonomous vehicles, barriers to entry, business intelligence, business process, chief data officer, cloud computing, connected car, cyber-physical system, deindustrialization, fault tolerance, global value chain, Google Glasses, hiring and firing, industrial robot, inflight wifi, Infrastructure as a Service, Internet of things, inventory management, job automation, low skilled workers, millennium bug, pattern recognition, platform as a service, pre–internet, race to the bottom, RFID, Skype, smart cities, smart grid, smart meter, smart transportation, software as a service, stealth mode startup, supply-chain management, trade route, web application, WebRTC, WebSocket, Y2K

IPv6 offers approximately 5 x 1028 addresses for every person in the world, enabling any embedded object or device in the world to have its own unique IP address and connect to the Internet. Especially designed for home or building automation, for example, IPv6 provides a basic transport mechanism to produce complex control systems and to communicate with devices in a costeffective manner via a low-power wireless network. Designed to send IPv6 packets over IEEE802.15.4-based networks and implement open IP standards including TCP, UDP, HTTP, COAP, MQTT, and web sockets, the standard offers end-to-end addressable nodes. This allows a router to connect the network to IP. 6LoWPAN is a mesh network that is robust, scalable, and self-healing. Mesh router devices can route data destined for other devices, while hosts are able to sleep for long periods of time. RPL Routing issues are very challenging for low-power networks such as 6LoWPAN. This is due to devices operating over poor lossy radio links, and the situation comes about due to the low power available to battery-supplied nodes.

 

pages: 462 words: 172,671

Clean Code: A Handbook of Agile Software Craftsmanship by Robert C. Martin

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

continuous integration, database schema, domain-specific language, en.wikipedia.org, Eratosthenes, finite state, Ignaz Semmelweis: hand washing, iterative process, place-making, web application, WebSocket

For example, consider a single-threaded information aggregator that acquires information from many different Web sites and merges that information into a daily summary. Because this system is single threaded, it hits each Web site in turn, always finishing one before starting the next. The daily run needs to execute in less than 24 hours. However, as more and more Web sites are added, the time grows until it takes more than 24 hours to gather all the data. The single-thread involves a lot of waiting at Web sockets for I/O to complete. We could improve the performance by using a multithreaded algorithm that hits more than one Web site at a time. Or consider a system that handles one user at a time and requires only one second of time per user. This system is fairly responsive for a few users, but as the number of users increases, the system’s response time increases. No user wants to get in line behind 150 others!

 

pages: 1,025 words: 150,187

ZeroMQ by Pieter Hintjens

Amazon: amazon.comamazon.co.ukamazon.deamazon.fr

anti-pattern, carbon footprint, cloud computing, Debian, distributed revision control, domain-specific language, factory automation, fault tolerance, fear of failure, finite state, Internet of things, iterative process, premature optimization, profit motive, pull request, revision control, RFC: Request For Comment, Richard Stallman, Skype, smart transportation, software patent, Steve Jobs, Valgrind, WebSocket

There are thousands of IETF specifications, each solving part of the puzzle. For application developers, HTTP is perhaps the one solution to have been simple enough to work, but it arguably makes the problem worse by encouraging developers and architects to think in terms of big servers and thin, stupid clients. So today people are still connecting applications using raw UDP and TCP, proprietary protocols, HTTP, and WebSockets. It remains painful, slow, hard to scale, and essentially centralized. Distributed peer-to-peer architectures are mostly for play, not work. How many applications use Skype or BitTorrent to exchange data? Which brings us back to the science of programming. To fix the world, we needed to do two things. One, to solve the general problem of “how to connect any code to any code, anywhere.” Two, to wrap that up in the simplest possible building blocks that people could understand and use easily.