AJAX: Friend or Foe
AJAX can make Web pages feel like full-fledged applications, but beware weaknesses in security and accessibility
According to the poet Homer, Ajax was one of the mightiest Greek warriors in the battle of Troy. But he also wound up going mad and turning on his friends before killing himself.
'AJAX is successful because it is so easy to learn, easy to use and easy to deploy,' said Michel Gerin, vice president of marketing at Backbase USA, an AJAX consulting and development company that has created AJAX applications for a number of federal clients, including the Navy.
But AJAX is not without its challenges.
'Rich Internet Applications such as AJAX and [Dynamic] HTML are becoming increasingly popular as Web development techniques,' said Judy Brewer, director of the World Wide Web Consortium's Web Accessibility Initiative (W3C/WIA). 'Yet they can create barriers for people with disabilities because of difficulty accessing dynamic navigation and event features.'
So the question arises: Which side of AJAX will you get ' the mighty ally or an unstable technology that will turn on you?Wait-loss program
AJAX is not a single technology, but a Web development technique using a set of technologies that work together to create a smoother interactive experience.
Although the term was coined in 2005 by Jesse James Garrett, president of consulting firm Adaptive Path, some of the technologies go back a decade. AJAX is just a way to describe developing Web applications using these technologies.
It is a browser-based approach that breaks down the traditional concept of the Web page, making it more like a desktop application. With traditional Web pages, Garrett wrote in his initial paper on the subject (GCN.com/866), a user action, such as clicking on a button, triggers an HTTP request to the Web server.
The Web server then processes the request ' including querying databases, performing calculations or pulling up documents ' generates a new Web page and sends that entire page via the pipe to the user.
'While the server is doing its thing, what is the user doing?' Garrett wrote. 'That's right, waiting. And at every step in a task, the user waits some more.'
AJAX has been broadly adopted by a number of companies, most notably Google, which uses it for Google Maps and Gmail. Netflix also uses AJAX to let its customers change their list of movies.
Federal agencies are increasingly using AJAX, too. The Air Force is moving to AJAX as part of its Enterprise Knowledge Management (EKM) system that provides process automation and system-to-system interoperability across the service.
EKM was started in 2001 as part of the Charter for Aging Aircraft Program and now supports collaboration for more than 80 projects or enterprises and more than 5,000 users.
'The AJAX-based design will allow the application to have more of a desktop application look and feel,' said Michael Hucul, EKM program manager at Wright-Patterson Air Force Base, Ohio. 'It will allow us to include some of the features people expect from a shared drive, such as drag and drop.'
The new filing cabinet will load faster and cut bandwidth requirements because it will only load data when the user needs it.JSTARS in your eyes
Part of EKM is the Secure Collaborative Integrated Development Environment for the Joint Surveillance and Target Attach Radar System (JSTARS) software maintenance group, a collaboration between the military and Northrop Grumman.
'The solution that we chose here is to provide Air Force teams, organizations and contractors a secure, cost-effective method to jointly develop, maintain and upgrade mission-critical and weapons systems software,' said Scott Randall, technology lead at the 402nd Software Maintenance Group at Robins Air Force Base, Ga.
Enhancements and software maintenance for JSTARS are being performed by the Air Force at Robins and by Northrop Grumman.
'We hope this new system will eliminate redundant efforts from an integration perspective and unify our test teams and our development teams in execution of the software,' said Vinnie Simone, Northrop Grumman's senior program manager for Total Systems Support Responsibility.
Although AJAX indisputably builds better applications, its use also raises concerns about accessibility, security and usability ' concerns that also apply to other Rich Internet Applications.
Adaptive technologies such as screen readers and speech dictation software make the Web accessible to people with disabilities ' a requirement for federal Web pages under Section 508 of the Rehabilitation Act Amendments of 1998.
Brewer said W3C/WAI is developing a suite of resources called Accessible Rich Internet Applications. The suite (GCN.com. GCN.com/887) includes a road map, taxonomy and syntax for developing accessible applications.
Security is another issue. Rich Internet Applications are more complex than straight HTML and can open new vulnerabilities. AJAX attacks have already hit Yahoo and MySpace visitors.
Finally, AJAX wreaks havoc with traditional behaviors we've all come to expect from the Web environment.
There are also problems with search engines because Web crawlers don't typically execute the code to access the data.
Native AJAX still has these vulnerabilities, but workarounds exist, either as a piece of stand-alone code or a framework. Microsoft has ASP.NET AJAX (formerly called Apollo), and NexaWeb Technologies has Enterprise Web 2.0. Backbase has Enterprise AJAX 4 in addition to a free version of its framework, and the company is releasing a visual AJAX development tool early next year.
Using a framework addresses these problems and makes it possible to write a single set of code that works on all browsers.
'For anybody who wants to start in AJAX, make sure you know what your requirements are, and then look for a framework ' ours or someone else's,' Gerin said. 'It will really help you to manage your code and to maintain it down the road.'