Web Browser

Tuesday, May 8, 2007

JavaScript Part - II

You can show: JavaScript Part - I

Debugging

JavaScript debugging has some specifics in comparison with stand-alone applications. JavaScript programs usually rely on interaction with the loaded page's Document Object Model (DOM) so errors may be caused by wrong DOM usage in a technically correct script. This makes JavaScript errors difficult to find. However nowadays both Internet Explorer and the Gecko-based browsers come with a reasonably good JavaScript debugger. Gecko browsers use the Venkman debugger or the Firebug debugger for Mozilla Firefox. Opera announced a debugging developer tool in a preview released in February 2007. Client-side JScript in Internet Explorer can be debugged with Microsoft Script Debugger. Some client-side JavaScript errors might depend on specific client side conditions such as browser version, user input or other installed software. This type of errors can be located using the JSBugHunter Service. Microsoft Visual Studio can be used to debug server-side and command-line JScript. Microsoft also provides Microsoft Script Editor (MSE) as part of their Microsoft Office package for scripts embedded in Microsoft Office documents. There are also some free tools such as JSLint, which will scan JavaScript code looking for problems, as well as a commercial JavaScript Debugger called SplineTech JavaScript HTML Debugger for Microsoft Windows.

Since JavaScript is interpreted, loosely-typed, and, when run at the client-side, may be hosted in varying environments, applications, implementations and versions, the programmer has to take extra care to make sure the code executes as expected in as wide a range of circumstances as possible, and that functionality degrades nicely when it does not.

Each script block is parsed separately. On web pages where JavaScript in script blocks is mixed with HTML, syntax errors can be identified more readily by keeping discrete functions in separate script blocks, or (for preference), using many small linked .js files. This way, a syntax error will not cause parsing/compiling to fail for the whole page, which can help to enable a dignified death.

Security

As JavaScript is a rich interpreted language running arbitrary server-provided code on a client computer, it has suffered its fair share of security issues. Many attempts at bypassing logical barriers to steal confidential information make use of JavaScript to perform their deeds behind the scenes, using techniques such as cross-site scripting (XSS). Non-expert users usually can't notice what is going on because the malicious code has no visible effect on their browsing experience. Besides, it is not obvious to people who are not programmers that their Web browser includes a full-blown programming language interpreter, with the power and risks implied.

The basic Javascript language and the standard objects present few security risks. Most risks come from the way in which access is provided to the execution environment, which is most commonly the browser.

Java has similar security issues but these are considered less serious because the Java virtual machine provides a well-defined sandboxing model and few Web sites today (as of 2007) require Java, whereas many use JavaScript.

Related languages

There is no real relationship between Java and JavaScript; their similarities are mostly in basic syntax because both are ultimately derived from C. Their semantics are quite different and their object models are unrelated and largely incompatible. Like C and C++, all Java variables and members are statically typed, whereas all JavaScript variables (as well as object properties and array elements) may hold a value of any type.

To avoid trademark issues, Microsoft named its implementation of the language JScript. JScript was first supported in Internet Explorer version 3.0, released in August 1996 and included Y2K compliant date functions unlike JavaScript at the time. Microsoft submitted JScript to ECMA for standardization resulting in the standardized version named ECMAScript.

The standardization effort for JavaScript also needed to avoid trademark issues, so the ECMA 262 standard calls the language ECMAScript, three editions of which have been published since the work started in November 1996. The object model of browser-based JavaScript, the Document Object Model (DOM), is not part of the ECMAScript standard. It is defined in a set of separate standards developed by the W3C, and is applicable to the access and manipulation of HTML and XML documents in many computer languages and platforms.

Microsoft's own VBScript, like JavaScript, can be run client-side in web pages. VBScript has syntax derived from Visual Basic and will only run if the web pages are viewed in Internet Explorer.

ActionScript, the programming language used in Macromedia Flash, is another implementation of the ECMAScript standard.

JSON, or JavaScript Object Notation, is a general-purpose data interchange format that is defined as a subset of JavaScript.

JavaScript OSA (JavaScript for OSA, or JSOSA), is a scripting language for Mac OS based on the Mozilla 1.5 JavaScript implementation, SpiderMonkey. It is a freeware component made available by Late Night Software. Interaction with the operating system and with third-party applications is scripted via a MacOS object. Otherwise, the language is virtually identical to the core Mozilla implementation. It was offered as an alternative to the more commonly used AppleScript language.

ECMAScript was included in the VRML97 standard for scripting nodes of VRML scene description files.

because it has JavaScript is also considered a functional programming language like Scheme and OCamlclosures and supports higher-order functions.

From http://en.wikipedia.org/wiki/Javascript

Continue....


Post a Comment