The Return of the
Fat Client

The Goal:

How to protect your code?

Sandboxing


(function (window, undefined) {
  var document = window.document,
      $ = window.jQuery.noConflict();

  var root = {};

  // ...

  window.yourExternalApi = {
    someFunction: function() {
    	root.someFunction();
    }
  };
} (this));
	

No-Conflict


(function (window, undefined) {
  var previousVersion = window.myPlugin;

  var myPlugin = {
    // ...

    noConflict: function() {
      window.myPlugin = previousVersion;

      return myPlugin;
    }
  };

  window.myPlugin = myPlugin;
} (this));
	

How to preserve your style?

Style


#myWidget p {
	background-color: #fff;
}
	

How to enable communication?

CORS

CORS Explained

Cross-origin resource sharing is a web browser technology specification, which defines ways for a web server to allow its resources to be accessed by a web page from a different domain. Such access would otherwise be forbidden by the same origin policy.

wikipedia.org

Implementing CORS

Implementing CORS on a server is as simple as sending additional HTTP headers, for example:


	Access-Control-Allow-Origin: *
	Access-Control-Allow-Origin: http://example.com:8080 http://foo.example.com
	

Well, if only...

Forward Proxy

easyXDM

easyXDM is a Javascript library that enables you as a developer to easily work around the limitation set in place by the Same Origin Policy, in turn making it easy to communicate and expose javascript API's across domain boundaries.

easyXDM.net

easyXDM Explained

So, what about security?

Remember to...

Thanks for listening!

t: @thedersen

w: thedersen.com

m: thomas.pedersen@miles.no

#