Welcome!

Douglas Crockford

Subscribe to Douglas Crockford: eMailAlertsEmail Alerts
Get Douglas Crockford via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Douglas Crockford

Douglas Crockford's Blog I was invited to speak at XML 2007 last month. I was given the topic "Does XML have a future on the web?" My answer was "yes." As evidence, I offered that there are still people selling Cobol compilers. Once this stuff gets into the enterprise, it can take generations to get rid of it. A more interesting question is "Is XML on the web trending up or trending down?" Clearly, it is trending down. For data transfer applications, XML is losing ground to JSON because JSON is simply a better data transfer format. And XHTML has failed to displace HTML in the marketplace. The benefit of clientside validation has proven to not be a benefit. I think you can argue, and in fact I did argue, that because of W3C's adventures with XML, the web itself may not have a future. The browser has a lot of problems, the worst of which are the security problems that c... (more)

Kaleidescape - Give It a Better Image

Douglas Crockford's Blog DRM is sometimes called an enabling technology, in that it is supposed to enable new business models. But it is really a disabling technology. As DRM fails, there have been suggestions that the name be changed to something that includes the word enabling; give it a better image; something more right than rights. DRM isn't just a disabling technology, it is also a disabling contractual framework. To sell a DVD device, you must make a deal with the DVD Copy Control Association in order to use the CSS copy protection system that was broken nine years ago. ... (more)

Discoverer of JSON Recommends Suspension of HTML5

"There is much that is attractive about HTML5," says Douglas Crockford, known to millions of developers as the discoverer of JSON (JavaScript Object Notation), the widely used lightweight data-interchange format. "But ultimately," Crockford continues, "the thing that made the browser into a credible application delivery system was JavaScript, the ultimate workaround tool." The problem is that there is what he calls "a painful gap" in the specification of the interface between JavaScript and the browser. The result? XSS and other maladies. The responsible course of action, Crockford... (more)

Yahoo!'s Crockford: Browser Sniffing Is "A Bad Practice Inspired by Even Worse Practice

Douglas Crockford's "Department of Style" Blog Browser sniffing is a bad practice inspired by even worse practice. In browser sniffing, a program attempts to determine what sort of browser it is dealing with so that it can act accordingly. Sniffing can be done on the server, or by scripts in the browser. When browser sniffing is done badly, it becomes a harsh barrier to innovation. Old applications will refuse to work correctly with new browsers because of assumptions that all future versions of a particular brand of browser will always require the same workarounds, or old applicat... (more)

Douglas Crockford on JavaScript Security: Durable Objects

Yahoo! User Interface Blog Cooperating applications, such as mashups, must be able to exchange objects with robust interfaces. An object must be able to encapsulate its state such that the state can be modified only as permitted by its own methods. JavaScript’s objects are soft and currently the language does not include any means to harden them, so an attacker can easily access the fields directly and replace the methods with his own. Fortunately, JavaScript provides the means to construct durable objects that can perfectly guard their state by using a variation of the Modul... (more)