DOCSLIB.ORG

CS2550 Dr. Brian Durney SOURCES

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
CS2550 Dr. Brian Durney SOURCES CS2550 Dr. Brian Durney SOURCES JavaScript: The Definitive Guide, by David Flanagan Dive into HTML5, by Mark Pilgrim http://diveintohtml5.info/storage.html WEB STORAGE BEFORE HTML5 Cookies – sent to server possibly unencrypted, only 4K data Internet Explorer – userData Flash – Local Shared Objects Dojo Toolkit – dojox.storage Google Gears Except for cookies, all of these rely on third- party plugins or are only available in one browser. (Cookies have their own issues.) WEB STORAGE Provides persistent storage for web applications "playerName": "George" tictactoe.com "won": "3" "lost": "10" Tic Tac Toe George Won: 3 Maps string keys to string Lost: 10 values Can store “large (but not huge) amounts of data” David Flanagan, JavaScript: The Definitive Guide p. 587 PERSISTENT STORAGE Web app saves data User quits browser User returns to site in in local storage same browser tictactoe.com tictactoe.com tictactoe.com Tic Tac Toe Tic Tac Toe Tic Tac Toe George George George Won: 3 Won: 3 Won: 3 Lost: 10 Lost: 10 Lost: 10 "playerName": "George" "playerName": "George" "won": "3" "won": "3" "lost": "10" "lost": "10" BROWSER Web storage is supported by (virtually) all current browsers SUPPORT and a lot of older browsers. caniuse.com screencapture from 20OCT15 http://caniuse.com/#search=localStorage USING LOCAL STORAGE LIKE AN OBJECT localStorage.playerName = "George"; localStorage['won'] = 3; WRITE localStorage.lost = 10; "playerName": "George" "won": "3" "lost": "10" var name = localStorage.playerName; alert(name); // ALERTS George READ USING THE Storage API WRITE localStorage.setItem("playerName", "George"); localStorage.setItem("won", 3); localStorage.setItem("lost", 10); "playerName": "George" "won": "3" "lost": "10" READ var name = localStorage.getItem("playerName"); alert(name); // ALERTS George USING THE Storage API Remove specified key DELETE and associated value localStorage.removeItem("lost"); "playerName": "George" "won": "3” CLEAR Remove all keys and values localStorage.clear(); alert(localStorage.length); // ALERTS 0 Nothing left in the storage object OBJECTS AND ARRAYS Objects and arrays can’t be stored directly in local storage. Use JSON.stringify to convert an object or array to a string. var recordObj = {"lost": 10, "won": 3}; var recObjStr = JSON.stringify(recordObj); localStorage.record = recObjStr; Use JSON.parse to convert a string to an object or array. var recObjStr = localStorage.record; var recordObj = JSON.parse(recObjStr); localStorage AND sessionStorage LIFETIME: LIFETIME: Until permanent (until window or tab is deleted) closed SCOPE: SCOPE: Document origin document origin, per window HOW MUCH DATA? 5 MB “5 megabytes” is how much storage space each origin gets by default. This is surprisingly consistent across browsers, although it is phrased as no more than a suggestion in the HTML5 Storage specification. --Mark Pilgrim http://diveintohtml5.info/storage.html SECURITY AND PRIVACY “Anything you save resides on the user’s hard disk in unencrypted form. Stored data is therefore accessible to curious users who share access to the computer and to malicious software (such as spyware) that exists on the computer. For this reason, no form of client-side storage should ever be used for passwords, financial account numbers, or other similarly sensitive information.” --David Flanagan JavaScript: The Definitive Guide BEYOND NAMED KEY-VALUE PAIRS But there is more to life than “5 megabytes of named key/value pairs,” and the future of persistent local storage is… how shall I put it… well, there are competing visions. --Mark Pilgrim http://diveintohtml5.info/storage.html Web SQL Database IndexedDB WEB SQL DATABASE Uses embedded SQLite database Provides an executeSql method While Web SQL Database is supported in Chrome, Safari & Opera, Firefox and IE are unlikely to support it any time soon (Mozilla is philosophically opposed). www.html5rocks.com/en/features/storage INDEXED DATABASE Provides an object store Database, records, fields, cursor, transactions No structured query language—use object store methods instead Indexed Database has an early implementation in Firefox 4.0 Beta and Chrome dev channel. There's a good chance all browsers will support it in the future, but that's not yet clear. www.html5rocks.com/en/features/storage .
Load more

Recommended publications
  • Programming in HTML5 with Javascript and CSS3 Ebook
    spine = 1.28” Programming in HTML5 with JavaScript and CSS3 and CSS3 JavaScript in HTML5 with Programming Designed to help enterprise administrators develop real-world, About You job-role-specific skills—this Training Guide focuses on deploying This Training Guide will be most useful and managing core infrastructure services in Windows Server 2012. to IT professionals who have at least Programming Build hands-on expertise through a series of lessons, exercises, three years of experience administering and suggested practices—and help maximize your performance previous versions of Windows Server in midsize to large environments. on the job. About the Author This Microsoft Training Guide: Mitch Tulloch is a widely recognized in HTML5 with • Provides in-depth, hands-on training you take at your own pace expert on Windows administration and has been awarded Microsoft® MVP • Focuses on job-role-specific expertise for deploying and status for his contributions supporting managing Windows Server 2012 core services those who deploy and use Microsoft • Creates a foundation of skills which, along with on-the-job platforms, products, and solutions. He experience, can be measured by Microsoft Certification exams is the author of Introducing Windows JavaScript and such as 70-410 Server 2012 and the upcoming Windows Server 2012 Virtualization Inside Out. Sharpen your skills. Increase your expertise. • Plan a migration to Windows Server 2012 About the Practices CSS3 • Deploy servers and domain controllers For most practices, we recommend using a Hyper-V virtualized • Administer Active Directory® and enable advanced features environment. Some practices will • Ensure DHCP availability and implement DNSSEC require physical servers.
    [Show full text]
  • Standard Query Language (SQL) Hamid Zarrabi-Zadeh Web Programming – Fall 2013 2 Outline
    Standard Query Language (SQL) Hamid Zarrabi-Zadeh Web Programming – Fall 2013 2 Outline • Introduction • Local Storage Options Cookies Web Storage • Standard Query Language (SQL) Database Commands Queries • Summary 3 Introduction • Any (web) application needs persistence storage • There are three general storage strategies: server-side storage client-side storage a hybrid strategy 4 Client-Side Storage • Client-side data is stored locally within the user's browser • A web page can only access data stored by itself • For a long time, cookies were the only option to store data locally • HTML5 introduced several new web storage options 5 Server-Side Storage • Server-side data is usually stored within a file or a database system • For large data, database systems are preferable over plain files • Database Management Systems (DBMSs) provide an efficient way to store and retrieve data Cookies 7 Cookies • A cookie is a piece of information stored on a user's browser • Each time the browser requests a page, it also sends the related cookies to the server • The most common use of cookies is to identify a particular user amongst a set of users 8 Cookies Structure • Each cookie has: • a name • a value (a 4000 character string) • expiration date (optional) • path and domain (optional) • if no expiration date is specified, the cookie is considered as a session cookie • Session cookies are deleted when the browser session ends (the browser is closed by the user) 9 Set/Get Cookies • In JavaScript, cookies can be accessed via the document.cookie
    [Show full text]
  • Amazon Silk Developer Guide Amazon Silk Developer Guide
    Amazon Silk Developer Guide Amazon Silk Developer Guide Amazon Silk: Developer Guide Copyright © 2015 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. The following are trademarks of Amazon Web Services, Inc.: Amazon, Amazon Web Services Design, AWS, Amazon CloudFront, AWS CloudTrail, AWS CodeDeploy, Amazon Cognito, Amazon DevPay, DynamoDB, ElastiCache, Amazon EC2, Amazon Elastic Compute Cloud, Amazon Glacier, Amazon Kinesis, Kindle, Kindle Fire, AWS Marketplace Design, Mechanical Turk, Amazon Redshift, Amazon Route 53, Amazon S3, Amazon VPC, and Amazon WorkDocs. In addition, Amazon.com graphics, logos, page headers, button icons, scripts, and service names are trademarks, or trade dress of Amazon in the U.S. and/or other countries. Amazon©s trademarks and trade dress may not be used in connection with any product or service that is not Amazon©s, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who may or may not be affiliated with, connected to, or sponsored by Amazon. AWS documentation posted on the Alpha server is for internal testing and review purposes only. It is not intended for external customers. Amazon Silk Developer Guide Table of Contents What Is Amazon Silk? .................................................................................................................... 1 Split Browser Architecture ......................................................................................................
    [Show full text]
  • Download Slides
    A Snapshot of the Mobile HTML5 Revolution @ jamespearce The Pledge Single device Multi device Sedentary user Mobile* user Declarative Imperative Thin client Thick client Documents Applications * or supine, or sedentary, or passive, or... A badge for all these ways the web is changing HTML5 is a new version of HTML4, XHTML1, and DOM Level 2 HTML addressing many of the issues of those specifications while at the same time enhancing (X)HTML to more adequately address Web applications. - WHATWG Wiki WHATWG What is an Application? Consumption vs Creation? Linkable? User Experience? Architecture? Web Site sites Web apps Native apps App Nativeness MS RIM Google Apple Top US Smartphone Platforms August 2011, comScore MobiLens C# J2ME/Air Java/C++ Obj-C Native programming languages you’ll need August 2011 IE WebKit WebKit WebKit Browser platforms to target August 2011 There is no WebKit on Mobile - @ppk But at least we are using one language, one markup, one style system One Stack Camera WebFont Video Audio Graphics HTTP Location CSS Styling & Layout AJAX Contacts Events SMS JavaScript Sockets Orientation Semantic HTML SSL Gyro File Systems Workers & Cross-App Databases Parallel Messaging App Caches Processing The Turn IE Chrome Safari Firefox iOS BBX Android @font-face Canvas HTML5 Audio & Video rgba(), hsla() border-image: border-radius: box-shadow: text-shadow: opacity: Multiple backgrounds Flexible Box Model CSS Animations CSS Columns CSS Gradients CSS Reflections CSS 2D Transforms CSS 3D Transforms CSS Transitions Geolocation API local/sessionStorage
    [Show full text]
  • Exposing Native Device Apis to Web Apps
    Exposing Native Device APIs to Web Apps Arno Puder Nikolai Tillmann Michał Moskal San Francisco State University Microsoft Research Microsoft Research Computer Science One Microsoft Way One Microsoft Way Department Redmond, WA 98052 Redmond, WA 98052 1600 Holloway Avenue [email protected] [email protected] San Francisco, CA 94132 [email protected] ABSTRACT language of the respective platform, HTML5 technologies A recent survey among developers revealed that half plan to gain traction for the development of mobile apps [12, 4]. use HTML5 for mobile apps in the future. An earlier survey A recent survey among developers revealed that more than showed that access to native device APIs is the biggest short- half (52%) are using HTML5 technologies for developing mo- coming of HTML5 compared to native apps. Several dif- bile apps [22]. HTML5 technologies enable the reuse of the ferent approaches exist to overcome this limitation, among presentation layer and high-level logic across multiple plat- them cross-compilation and packaging the HTML5 as a na- forms. However, an earlier survey [21] on cross-platform tive app. In this paper we propose a novel approach by using developer tools revealed that access to native device APIs a device-local service that runs on the smartphone and that is the biggest shortcoming of HTML5 compared to native acts as a gateway to the native layer for HTML5-based apps apps. Several different approaches exist to overcome this running inside the standard browser. WebSockets are used limitation. Besides the development of native apps for spe- for bi-directional communication between the web apps and cific platforms, popular approaches include cross-platform the device-local service.
    [Show full text]
  • Security Considerations Around the Usage of Client-Side Storage Apis
    Security considerations around the usage of client-side storage APIs Stefano Belloro (BBC) Alexios Mylonas (Bournemouth University) Technical Report No. BUCSR-2018-01 January 12 2018 ABSTRACT Web Storage, Indexed Database API and Web SQL Database are primitives that allow web browsers to store information in the client in a much more advanced way compared to other techniques such as HTTP Cookies. They were originally introduced with the goal of enhancing the capabilities of websites, however, they are often exploited as a way of tracking users across multiple sessions and websites. This work is divided in two parts. First, it quantifies the usage of these three primitives in the context of user tracking. This is done by performing a large-scale analysis on the usage of these techniques in the wild. The results highlight that code snippets belonging to those primitives can be found in tracking scripts at a surprising high rate, suggesting that user tracking is a major use case of these technologies. The second part reviews of the effectiveness of the removal of client-side storage data in modern browsers. A web application, built for specifically for this study, is used to highlight that it is often extremely hard, if not impossible, for users to remove personal data stored using the three primitives considered. This finding has significant implications, because those techniques are often uses as vector for cookie resurrection. CONTENTS Abstract ........................................................................................................................
    [Show full text]
  • HTML5 Storage HTML5 Forms Geolocation Event Listeners Canvas Element Video and Audio Element HTML5 Storage 1
    HTML5 storage HTML5 Forms Geolocation Event listeners canvas element video and audio element HTML5 Storage 1 • A way for web pages to store named key/value pairs locally, within the client web browser – You can store up to about 5 MB of data – Everything is stored as strings • Like cookies, this data persists even after you navigate away from the web site • Unlike cookies, this data is never transmitted to the remote web server • Properties and methods belong to the window object • sessionStorage work as localStorage but for the session localStorage[key] = value; // set localStorage.setItem(key, value); // alternative local-session- var text = localStorage[key]; // get var text = localStorage.getItem(key); // alternative storage.html console.log(localStorage.key(0)); // get key name localStorage.removeItem(key); // remove localStorage.clear(key); // clears the entire storage HTML5 Storage 2 • Web SQL Database (formerly known as “WebDB”) provides a thin wrapper around a SQL database, allowing you to do things like this from JavaScript function testWebSQLDatabase() { openDatabase('documents', '1.0', 'Local document storage', 5*1024*1024, function (db) { db.changeVersion('', '1.0', function (t) { t.executeSql('CREATE TABLE docids (id, name)'); //t.executeSql('drop docids'); localstorage.html }, error); }); } Not working - check: http://html5demos.com/ for working sample • As you can see, most of the action resides in the string you pass to the executeSql method. This string can be any supported SQL statement, including SELECT, UPDATE, INSERT, and DELETE statements. It’s just like backend database programming, except you’re doing it from JavaScript! • A competing Web DB standard is IndexedDB which uses a non- SQL API to something called object store - demos are only available this far HTML5 Forms • There are basically five areas of improvements when it comes to form features in HTML5 • New input types as email, url, number, search, date etc.
    [Show full text]
  • Download This PDF File
    Paper—An Investigation of User Privacy and Data Protection on User-Side Storages An Investigation of User Privacy and Data Protection on User-Side Storages https://doi.org/10.3991/ijoe.v15i09.10669 Thamer Al-Rousan Isra University, Amman, Jordan, [email protected] Abstract—Along with the introduction of HTML5, a new user storage tech- nologies; particularly, Web SQL Database, Web Storage, and Indexed Database API have emerged. The common goal of these storage technologies is to over- come the limitations of legacy of user-side storage mechanisms. All these tech- nologies have many privacy and security concerns, and the main threat is user tracking. In this context, this study investigates the usage of these technologies and to find out which one of these technologies is primarily used by user track- ers, and to calculate their frequency in context of 3rd-party tracking code. The result exposes that the adoption of Web Storage most commonly used amongst the three storage technologies. Motivated by the investigation results, this study examines the degree of protection which the popular web browsers supply to prevent privacy violations. The result reveals that the protection mechanisms that are provided by web browsers are almost the same, and in many occasions privacy violations do exist. Keywords—User-side storages, User tracking, Cookies, Security and privacy 1 Introduction Using the internet and the services that it provides has continuously increased as it has become the main source of information for thousands of millions of people, at work, at school, and at home. People spend over 60 hours a week browsing the inter- net, using personal computers or portable devices.
    [Show full text]
  • Introducing HTML5 Second Edition
    HTMLINTRODUCING SECOND 5EDITION BRUCE LAWSON REMY SHARP Introducing HTML5, Second Edition Bruce Lawson and Remy Sharp New Riders 1249 Eighth Street Berkeley, CA 94710 510/524-2178 510/524-2221 (fax) Find us on the Web at: www.newriders.com To report errors, please send a note to [email protected] New Riders is an imprint of Peachpit, a division of Pearson Education Copyright © 2012 by Remy Sharp and Bruce Lawson Project Editor: Michael J. Nolan Development Editor: Margaret S. Anderson/Stellarvisions Technical Editors: Patrick H. Lauke (www.splintered.co.uk), Robert Nyman (www.robertnyman.com) Production Editor: Cory Borman Copyeditor: Gretchen Dykstra Proofreader: Jan Seymour Indexer: Joy Dean Lee Compositor: Danielle Foster Cover Designer: Aren Howell Straiger Cover photo: Patrick H. Lauke (splintered.co.uk) Notice of Rights All rights reserved. No part of this book may be reproduced or transmitted in any form by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher. For informa- tion on getting permission for reprints and excerpts, contact permissions@ peachpit.com. Notice of Liability The information in this book is distributed on an “As Is” basis without war- ranty. While every precaution has been taken in the preparation of the book, neither the authors nor Peachpit shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the instructions contained in this book or by the com- puter software and hardware products described in it. Trademarks Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks.
    [Show full text]
  • Moving to the Client – Javafx and HTML5 Stephen Chin (@Steveonjava) Kevin Nilson (@Javaclimber)
    Moving to the Client – JavaFX and HTML5 Stephen Chin (@steveonjava) Kevin Nilson (@javaclimber) 1 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 2 Meet the Presenters Stephen Chin Kevin Nilson @steveonjava @javaclimber just.me VP of Engineering Family Man Author Web 2.0 Fundamentals § User Groups Motorcyclist § Silicon Valley Web JUG § Silicon Valley JS Meetup § Silicon Valley Google Developer Group 3 History of the Web • 1991 HTML • 1994 HTML 2 • 1996 CSS 1 + JavaScript • 1997 HTML 4 • 1998 CSS 2 • 2000 XHTML 1 • 2002 Tableless Web Design • 2005 AJAX • 2009 HTML 5 4 What is HTML5 • Web Hypertext Application Technology Working Group (WHATWG) • HTML5 ! = HTML + CSS + JavaScript • HTML5 = Next Generation Features for Modern Web Development • Offline Storage, Web SQL Database, IndexedDB, Application Cache, Web Workers, WebSocket, Notifications, Native Drag & Drop, File System, GeoLocation, Speech Input, Form Types, Audio, Video, Canvas, SVG 5 HTML5 Rounded Corners • http://slides.html5rocks.com/#rounded-corners HTML5 No HTML5 6 HTML5 Canvas 3D (WebGL) • http://oos.moxiecode.com/js_webgl/fish/index.html 7 Prefixes • -webkit-text-fill-color: black; • -webkit-column-count:
    [Show full text]
  • Webová Off-Line Aplikace Pro Evidenci Revizních Měření Elektrických Zařízení Student: Bc
    ZADÁNÍ DIPLOMOVÉ PRÁCE Název: Webová off-line aplikace pro evidenci revizních měření elektrických zařízení Student: Bc. Ondřej Stříteský Vedoucí: Ing. Jan Kubr Studijní program: Informatika Studijní obor: Webové a softwarové inženýrství Katedra: Katedra softwarového inženýrství Platnost zadání: Do konce letního semestru 2018/19 Pokyny pro vypracování Navrhněte a implementujte webovou aplikaci pro správu a evidenci revizních měření elektrických zařízení. Aplikace by měla být maximálně nezávislá na cílové platformě. Zaměřte se na možnost základní práce v aplikaci i v případě nekvalitního internetového připojení nebo dokonce bez internetového připojení. 1) Analyzujte potřeby revizních techniků elektrických zařízení ve spojení se záznamem provedených revizních měření elektrických zařízení. 2) Analyzujte vhodné technologie a možnosti řešení off-line webových aplikací. Zvolte vhodné technologie a řešení dle provedené analýzy. 3) Na základě analýz navrhněte webovou aplikaci. Zaměřte se na responsivní design z důvodu různorodých klientských stanic. 4) Implementujte aplikaci, která bude poskytovat klíčovou funkcionalitu i bez dostupného internetového připojení. 5) Analyzujte požadavky kladené na serverovou část aplikace. Podle výsledků analýzy navrhněte a implementujte serverovou část aplikace. 6) Aplikaci podrobte vhodnému testování. Seznam odborné literatury Dodá vedoucí práce. Ing. Michal Valenta, Ph.D. doc. RNDr. Ing. Marcel Jiřina, Ph.D. vedoucí katedry děkan V Praze dne 13. února 2018 Diplomová práce Webová off-line aplikace pro evidenci revizních měření elektrických zařízení Bc. Ondřej Stříteský Katedra softwarového inženýrství Vedoucí práce: Ing. Jan Kubr 3. května 2018 Poděkování Tímto děkuji vedoucímu práce Ing. Janu Kubrovi za výbornou spolupráci, ochotu a řadu cenných rad a připomínek, které mi při psaní práce poskytl. Dále bych chtěl poděkovat své rodině za jejich podporu a to nejenom při studiu.
    [Show full text]
  • New Persistent Tracking Mechanisms in the Wild
    Received July 1, 2018, accepted August 5, 2018, date of publication September 10, 2018, date of current version October 12, 2018. Digital Object Identifier 10.1109/ACCESS.2018.2869251 I Know What You Did Last Summer: New Persistent Tracking Mechanisms in the Wild STEFANO BELLORO1 AND ALEXIOS MYLONAS 2, (Member, IEEE) 1British Broadcasting Corporation, London W1A 1AA, U.K. 2Department of Computing and Informatics, Bournemouth University, Poole BH12 5BB, U.K. Corresponding author: Alexios Mylonas ([email protected]) ABSTRACT As the usage of the Web increases, so do the threats an everyday user faces. One of the most pervasive threats a Web user faces is tracking, which enables an entity to gain unauthorized access to the user's personal data. Through the years, many client storage technologies, such as cookies, have been used for this purpose and have been extensively studied in the literature. The focus of this paper is on three newer client storage mechanisms, namely, Web Storage, Web SQL Database, and Indexed Database API. Initially, a large-scale analysis of their usage on the Web is conducted to appraise their usage in the wild. Then, this paper examines the extent that they are used for tracking purposes. The results suggest that Web Storage is the most used among the three technologies. More importantly, to the best of our knowledge, this paper is the first to suggest Web tracking as the main use case of these technologies. Motivated by these results, this paper examines whether popular desktop and mobile browsers protect their users from tracking mechanisms that use Web Storage, Web SQL Database, and Indexed Database.
    [Show full text]