Explain ASP.NET Ajax Framework.

Answer
ASP.NET Ajax Framework is used for implementing the Ajax functionality. It allows you to create interactive web applications which can update data on the web page without changing the actions of the existing page. The frame work includes both client and serer side components. The framework can be used best in ASP.NET 2.0.

Explain limitations of Ajax.

Answer

• Back functionality cannot work because the dynamic pages don’t register themselves to the browsers history engine. Hence the need of Iframe becomes essential.
• The page cannot be bookmarked if implemented using Ajax.
• If java script is disabled , Ajax will not work
• Because different components of the pages are loaded at different times, response time may be slow.
• Because different components of the pages are loaded at different times it may create confusion for the user.

What is the role of Script Manager in Ajax?

Answer
Script Manager, as the name suggests is used to manage the client side script of Ajax. Since Ajax uses Java Script, there needs to be a mediator to manage this script and restrict a particular version to a browser. A Script manager is present on every page where Ajax is used to enable the Ajax Libraries. These Libraries in turn helps to implement the core Functionality of Ajax: Partial rendering.

List out differences between AJAX and JavaScript.

Answer
Ajax is Asynchronous Java Script and XML. Here on sending request to the server, one needn’t wait for the response. Other operations on the page can be carried out. Hence, Asynchronous. On the other hand, Java script sends an HTTPRequest to the server and waits for the XML response.

E.g. populating State field. Using JavaScript we need to use the “Onchnage” event where as using ajax, the request is just sent to populate the state list. Other operations can be carried out on the page.

Ajax is a part of Java Script programming. Java Script is used to manage and control a web page once downloaded. Ajax does not need to wait for the whole page to download.

Use of Ajax can reduce connections to the server since the script has to be requested once

Describe how to create AJAX objects.

Answer
Ajax Objects can be created by the following syntax:

Var ajax= New ajaxObject(‘page path’). Here page path is the URL you want the Object to call. The URL must be of the same domain as the webpage.

Define JSON.

Answer
JSON is JavaScript Object Notation. JSON is a safe and reliable data interchange format in JavaScript. This format is easy for humans to read and machines to understand.

Explain in brief abo XMLHttpRequest object.

Answer
XMLHttpRequest object is used to transfer data between a client and a server. Here the client can be a web browser. Here, the client can send and receive data without reloading the page.

It can be created as follow

Var request = new XMLHttpRequest ()

Describe the formats and protocols used by AJAX.

Answer

• Ajax uses HTTP’s GET or POST. AJAX also uses XMLHttpRequest protocol for requesting to the web server.
• AJAX uses JSON format to communicate between client and server. UED or URL encoded data formats can also be used.

What are the security issues with AJAX?

Answer
AJAX function calls are sent in plain text to server. These calls may easily reveal database details, variable names etc

User’s browsing session can be monitored my maliciously inserting scripts

Ajax may encourage developers to use multiple server side pages thereby introducing multiple entry points for attackers

Ajax security issues posted on March 12, 2009 at 22:35 pm by Rajmeet Ghai.

Are there any security issues with AJAX?

• A JavaScript can not access the local file system without the user's permission.
• An AJAX interaction can only be made with the servers-side component from which the page was loaded.
• A proxy pattern could be used for AJAX interactions with external services.
• The application model should not be exposed as some user might be able to reverse engineer the application.
• HTTPS can be used to secure the connection when confidential information is being exchanged.

Describe how to handle concurrent AJAX requests.

Answer
JavaScipt closures can be used for handling concurrent requests. A function can be written to handle such requests. Once processing of code is over, URL and the call back function to call can be passed as parameters. These parameters are passed to the AJAXInteraction(url, callback) object. Closures insure that the proper callback function associated with a specific AJAX interaction is called.

When should AJAX NOT be used?

Answer

If the page is expected to be shown in a search engine like Google. Since Web crawlers don’t execute javascript code.

If the browser does not support JavaScript.

If security is a big concern in the application; Since Ajax allows end user to see half of what’s being sent to the server.

How do you know that an AJAX request has completed?

Answer
By determining the readyState property value of XMLHttpReqyest, One can know if the request is completed. If the readyState value = 4, the request has been completed and the data is available.

How do I handle the back and forward buttons?

Answer
In order to store changes in the browsers web history (enabling back and forward buttons) Iframes can be used. Iframes allow am HTML document to be embedded in another HTML document.

RSH (Really Simple History) framework can also be used. RSH framework explains the management of bookmarks and history for Ajax applications.