I have another question, I am building a commercial web application in
flapjax and I had a few questions. I would be grateful if you could
point me in the right direction.
1. Flapjax is a client side framework, would I need to implement a
server side platform for server operations and data persistence, e.g
ruby on rails or .net? can you recommend something?
2. For data persistence would I need to use something like SQL?
3. Which type of server would you recommend this to be hosted, linux
or windows?
4. In terms of internet security how robust would you recommend
flapjax to be?
I am sorry if the questions are basic, I don't have extensive
background in web programming.
Many Thanks,
Ravi
On Nov 5, 8:53 pm, Arjun Guha <arjun.g...@gmail.com> wrote:
> 1. Flapjax is a client side framework, would I need to implement a > server side platform for server operations and data persistence, e.g > ruby on rails or .net? can you recommend something?
.NET or Ruby on Rails will probably work fine. We've used both Python (with SQLObject) and Haskell (with CouchDB) as backends for our Flapjax applications.
> 2. For data persistence would I need to use something like SQL?
Right. We've used MySQL and CouchDB.
> 3. Which type of server would you recommend this to be hosted, linux > or windows?
Anything works. Flapjax is entirely server agnostic.
> 4. In terms of internet security how robust would you recommend > flapjax to be?
Flapjax will not automatically make your applications secure. When you code in Flapjax, you're still coding in JavaScript, so you have the freedom to create a security disaster.
However, Flapjax itself does not use unsafe operators like eval[1], document.write, element.innerHTML, etc. So, if you don't use these operators yourself, theoretically you won't suffer from script injection attacks.
[1] If you call getWebServiceObjectE with { response: "json" } it *will* use eval to parse the resulting JSON string. We should probably replace eval with an actual parser--I believe that's reasonably fast these days.
Arjun Guha wrote:
>> 1. Flapjax is a client side framework, would I need to implement a
>> server side platform for server operations and data persistence, e.g
>> ruby on rails or .net? can you recommend something?
> .NET or Ruby on Rails will probably work fine.
> We've used both Python (with SQLObject) and Haskell (with CouchDB) as
> backends for our Flapjax applications.
>> 2. For data persistence would I need to use something like SQL?
> Right. We've used MySQL and CouchDB.
>> 3. Which type of server would you recommend this to be hosted, linux
>> or windows?
> Anything works. Flapjax is entirely server agnostic.
>> 4. In terms of internet security how robust would you recommend
>> flapjax to be?
> Flapjax will not automatically make your applications secure. When
> you code in Flapjax, you're still coding in JavaScript, so you have
> the freedom to create a security disaster.
> However, Flapjax itself does not use unsafe operators like eval[1],
> document.write, element.innerHTML, etc. So, if you don't use these
> operators yourself, theoretically you won't suffer from script
> injection attacks.
> [1] If you call getWebServiceObjectE with { response: "json" } it
> *will* use eval to parse the resulting JSON string. We should
> probably replace eval with an actual parser--I believe that's
> reasonably fast these days.
Most browsers have native JSON methods nowadays. Significant speed benefit when you use them. Of course, there's always the question of when it isn't available: do you load in a library, which, and when?
|
