1 / 21

JavaScript

JavaScript. Kevin Reuter & Brian Guthrie. Overview. Multi-paradigm Prototype based objects Dynamic, weak typing. History. 1995 Originally developed for Netscape as 'Mocha' by Brendan Eich Renamed to LiveScript when it was first included in Navigator Renamed again to JavaScript

cicero
Télécharger la présentation

JavaScript

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. JavaScript Kevin Reuter & Brian Guthrie

  2. Overview • Multi-paradigm • Prototype based objects • Dynamic, weak typing

  3. History 1995 • Originally developed for Netscape as 'Mocha' by Brendan Eich • Renamed to LiveScript when it was first included in Navigator • Renamed again to JavaScript • Final renaming coincided with Navigator adding support for Java - confusion ensued 1996 • Microsoft includes JScript in IE 3 • Netscape submits JS to ECMA for standards consideration • Standard adopted in 1997

  4. Dialects and Extensions • JavaScript • Jscript • Jscript .NET • ECMAScript • ActionScript • QtScript • Objective-J • WMLScript

  5. Datatypes • Primitive Datatypes • String: ‘single quote’ “and double quote” • Boolean: true, false • Number: 1, 2.0 • Special Types • null • undefined • NaN • Infinity

  6. Objects

  7. Readability • Pros • C-style syntax • Style is not subjective • Cons • Nested function • Dynamically typed variables • Minimal variable naming rules

  8. Writability • Pros • Semicolon insertion • Dynamically typed variables • Cons • Semicolon insertion • Style is not subjective

  9. Reliability • Pros • Most browsers have built-in debugging consoles • Cons • Dynamically typed variables • Scripts are run in client browser • Easily exploitable (XSS, CSRF) • Inclusion in web pages can cause T2S and magnification features to fail

  10. Cost • Pros • Scripts are run in client browser • C-based syntax is commonly known • Cons • Many different variations • Every browser family has its own version • May have to write separate code for each • Prototype-base languages are uncommon • Based on Scheme

  11. Readability && Writability && Reliability • Cons • Undefined variables are undefined not null • All numbers are IEEE-745 doubles • .2 + .1 =  0.30000000000000004 • So .2 + .1 != .3 • Strings can be single or double quoted • var greeting = "Hello, world!"; • var greeting = 'Hello, world!'; • Many vendor-specific variations • Semicolon insertion • with (…) {} • Seriously? " \t \r\n " == 0 == ‘0’ == false != ‘false’

  12. Code Samples

  13. Code Samples

  14. Code Samples

  15. Semicolon Insertion

  16. with (…) {}

  17. JSON • Serialization format based on JS object shorthand • Used as an alternative to XML

  18. Security • Cross-site vulnerabilities • Insertion of malicious JavaScript into a site • Misplaced trust in client browser • No reliable way to hide code from clients • Scripts can be disabled so JS can't be used to prevent certain actions • Browser and plugin coding errors • Coding errors in plugins can allow for things like buffer-overflows • Sandbox implementation errors • Browser can unintentionally allow JS to run outside of a sandbox • Windows allows JS to be run as a non-sandboxed, general-purpose program

  19. Who is Using JavaScript? • The Internet - just turn off JS in your web browser and watch the web stop working. • Many other programming languages have libraries for manipulating JSON.

  20. Notable Quotes • "JS had to 'look like Java' only less so, be Java’s dumb kid brother or boy-hostage sidekick. Plus, I had to be done in ten days or something worse than JS would have happened"  - Brendan Eich • “The problem with JavaScript isn’t just that it allows them (global variables), it requires them.” – Douglas Crockford • “All JavaScript implementations are broken. Some more broken than others [...]. They're all broken in different ways.” - Bob Ippolito

  21. References • http://en.wikipedia.org/wiki/JavaScript • http://en.wikipedia.org/wiki/Client-side_JavaScript • http://en.wikipedia.org/wiki/Json • http://www.json.org/ • http://www.json.org/example.html • http://en.wikipedia.org/wiki/ECMAScript • https://developer.mozilla.org/en/JavaScript_technologies_overview • http://www.netmagazine.com/opinions/too-much-javascript • http://bob.pythonmac.org/archives/2005/07/18/javascript-sucks-volume-2/ • http://yuiblog.com/blog/2006/04/11/with-statement-considered-harmful/ • http://javascriptmascot.com/

More Related