Skip to Main Content
Securing Ajax Applications
book

Securing Ajax Applications

by Christopher Wells
July 2007
Intermediate to advanced content levelIntermediate to advanced
256 pages
6h 19m
English
O'Reilly Media, Inc.
Content preview from Securing Ajax Applications

Invariants

Invariants specify certain conditions that have to exist to perform an operation. For example, all users must be authenticated, or all responses must be encoded, are examples of invariants. These conditions may exist before or after the operation, but they act as constraints and must be present for the service to render a response.

Okay, that's a good enough start. By taking these principles and applying them to our web APIs we can build solid state APIs that are client aware and more efficiently perform their discrete tasks.

Building a Good API

What we really want, in the end, is a good API. In fact, it needs to be good. Good APIs get used, and used APIs get reused. So to get this ball rolling it is important to design our API and get it right from the beginning.

But how do we make it good? Well, for starters, keep it simple. Simple is good—everyone likes simple. Simple is the difference between:

Person.communicate.translate.languageChoice.english.say("Hello");

and:

say("hello");

Simple is, well, simple. Simple is clean. Simple is easy to learn. Simple is easy to read. Simple is easy to extend. Simple is also usually small.

Small is also good. By concentrating on one thing at a time, we make everything easier, including security. Basically we want the Charles Emerson Winchester III of APIs, "I do one thing, I do it very well, and then I move on." Small also means there is less surface area to protect, so, yeah, simple and small.

By keeping things simple and small, ideally, our ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Ajax Security

Ajax Security

Billy Hoffman, Bryan Sullivan
Firefox Hacks

Firefox Hacks

Nigel McFarlane

Publisher Resources

ISBN: 9780596529314Errata Page