"There is much that is attractive about HTML5," says Douglas Crockford, known
Notation), the widely used lightweight data-interchange format.
"But ultimately," Crockford continues, "the thing that made the browser into
workaround tool." The problem is that there is what he calls "a painful gap"
result? XSS and other maladies. The responsible course of action, Crockford
contends, is to correct that defect first before pushing ahead with HTML5.
In an email exchange with Jeremy Geelan, here is what Crockford (pictured
above) says, in his own words...
"The most serious defect in web browsers is the incorrectly named Cross Site
Scripting (XSS) vulnerability. XS... (more)
Douglas Crockford's Blog
I was invited to speak at XML 2007 last month. I was given the topic "Does
XML have a future on the web?" My answer was "yes." As evidence, I offered
that there are still people selling Cobol compilers. Once this stuff gets
into the enterprise, it can take generations to get rid of it.
A more interesting question is "Is XML on the web trending up or trending
down?" Clearly, it is trending down. For data transfer applications, XML is
losing ground to JSON because JSON is simply a better data transfer format.
And XHTML has failed to displace HTML in the mark... (more)
Douglas Crockford's "Department of Style" Blog
Browser sniffing is a bad practice inspired by even worse practice. In
browser sniffing, a program attempts to determine what sort of browser it is
dealing with so that it can act accordingly. Sniffing can be done on the
server, or by scripts in the browser.
When browser sniffing is done badly, it becomes a harsh barrier to
innovation. Old applications will refuse to work correctly with new browsers
because of assumptions that all future versions of a particular brand of
browser will always require the same workarounds, or old applicat... (more)
Yahoo! User Interface Blog
Cooperating applications, such as mashups, must be able to exchange objects
with robust interfaces. An object must be able to encapsulate its state such
that the state can be modified only as permitted by its own methods.
include any means to harden them, so an attacker can easily access the fields
directly and replace the methods with his own.
can perfectly guard their state by using a variation of the Modul... (more)
JSON is a universal data format. It provides an uncommonly effective bridge
for moving data between systems and between languages. It is rendering the X
in AJAX superfluous. JSON is also really simple. This talk will spend several
seconds to fully explain the entire JSON language. There will also be a first
look at a new JSON solution to the Cross Domain Problem.