Michaels Blog | Looking Forward to next AjaxPro Release

Some developers mentioned that it would be nice if Ajax.NET Professional^[1] could be more JSON compliant to use with some JavaScript frameworks that are not using the eval statement. And, if you have a look at json.org^[2] JSON message always have to be an object or array, not a string or boolean directly. Well, I absolutly see the need of these changes and I have done this already in a beta version which I will provide this evening.

How JSON messages will look like, now

To be more JSON compliant I'll return an object with two possible parameters, one with the name value and another one with error (if an Exception has been thrown during the execution of the AjaxMethod). Another change will be to remove the JavaScript code ";/*" at the end of each JSON message which I used to get it working on all web server including some very special configurations with Apache and Mono.

// 3 old JSON messages<span class="str">"Hello World"</span>;/

<span class="kwrd">true</span>;/

=<span class="kwrd">null</span>;r.error={<span class="str">"Message"</span>:<span class="str">"You are not authenticated!"</span>,<span class="str">"Type"</span>:<span class="str">"System.Exception"</span>};/*

// 3 new JSON messages {"value":"Hello World"} {"value":true} {"error":{"Message":"You are not authenticated!","Type":"System.Exception"}}</pre>

New JSON converters

There will be a couple of new JSON converters which may get default. The thing is that AjaxPro sometimes is returning a function call to return a new instance of a class with some additional properties. With the old DataSet converter I reduced the amoung of data sent back to the client-side JavaScript code by saving each time the colum names. A new converter will return a common array with column names in each row which can be used in more third-party JavaScript frameworks. You can switch between these converters in web.config. Note: the change of the DateTime converter will save some bytes, too, which is already possible in AjaxPro web.config configuration today.

<pre class="csharpcode">// old DataSet converter
new Ajax.Web.DataSet([new Ajax.Web.DataTable( [["uid","System.Int16"],["name","System.String"],["type","System.String"], ["refdate","System.DateTime"]], [ [1,"sysobjects","S ",new Date(Date.UTC(2002,11,17,13,36,10,43))], [1,"sysindexes","S ",new Date(Date.UTC(2002,11,17,13,36,10,43))], [1,"syscolumns","S ",new Date(Date.UTC(2002,11,17,13,36,10,43))], [1,"systypes","S ",new Date(Date.UTC(2002,11,17,13,36,10,43))], [1,"syscomments","S ",new Date(Date.UTC(2002,11,17,13,36,10,43))] ] )]);/*

// new DataSet converter {"result":{"Tables":[ {"Rows":[ {"uid":1,"name":"sysobjects","type":"S ","refdate":"2002-11-17T13:36:10"}, {"uid":1,"name":"sysindexes","type":"S ","refdate":"2002-11-17T13:36:10"}, {"uid":1,"name":"syscolumns","type":"S ","refdate":"2002-11-17T13:36:10"}, {"uid":1,"name":"systypes","type":"S ","refdate":"2002-11-17T13:36:10"}, {"uid":1,"name":"syscomments","type":"S ","refdate":"2002-11-17T13:36:10"}, ]} ]}}</pre>

AjaxSecurityProvider and the AjaxToken

Because the old interfaces IAjaxKeyProvider and IAjaxCryptProvider are not easy to understand (for some developers) I changed that and created only on interface (abstract class). With this new provider you could create your own de/-encryption for JSON messages and provide a token for each client. I will write about this in another post when the beta is available to the public.

Below you will see a simple encryption (reverse the JSON messages only, but could be replaced i.e. by a Blowfish implementation^[3])) and a way to create a token that will be checked for each Ajax request:

<pre class="csharpcode">public class MySecurityProvider : AjaxSecurityProvider
{
public override string Encrypt(string json)
{
char[] s = json.ToCharArray();
Array.Reverse(s);
return new String(s);
}

public override string Decrypt(string jsoncrypt) { char[] s = jsoncrypt.ToCharArray(); Array.Reverse(s); return new String(s); }

public override string ClientScript { get { return @"

AjaxPro.cryptProvider = {};

AjaxPro.cryptProvider.decrypt = function(s) { var r = []; for(var i=s.length -1; i>=0; i--) { r.push(s.substr(i,1)); } return r.join(''); };

AjaxPro.cryptProvider.encrypt = function(s) { var r = []; for(var i=s.length -1; i>=0; i--) { r.push(s.substr(i,1)); } return r.join(''); };

"; } }

public override string GetAjaxToken(string sitePassword) { if (HttpContext.Current null || HttpContext.Current.Request null) return null;

string ip = HttpContext.Current.Request.UserHostAddress; string agent = HttpContext.Current.Request.UserAgent; string site = sitePassword; string token = ip + agent + site;

return MD5Helper.GetHash(token); }

public override bool IsValidAjaxToken(string token, string sitePassword) { if (token == GetAjaxToken(sitePassword)) return true;

return false; }

public override bool AjaxTokenEnabled { get { return true; } } } </pre>

The old version had a lot of bugs when using the token feature. I fixed those bugs and added support for tokens if using the IFrame XMLHttpRequest replacement when ActiveX objects are disabled.

New JavaScript proxy files

A lot of developers are already using JavaScript frameworks with XMLHttpRequest support. For those I will add new settings to change the output of the JavaScript wrappers, core.ashx, prototype.ashx will be removed then, and you should not have a problem with any third-party control or JavaScript framework.

Another thing is that the Ajax request queue perhaps may be removed. I see more problems with that when developers are using this to run more than 20 (!!!) at the same time which makes absolutly no sense.