Category Archives: web

Instance and class based plugins in YUI 3

Using plugins in YUI 3 is a way to add functionality to existing objects in YUI (very much like you would use prototype to augment a function to a normal JavaScript object). Objects in YUI all derive from Y.Base.

Note that this post is about YUI 3 and not YUI 2.

However, the current YUI 3 documentation does really only get into how to add a plugin to a current instance. What about adding functionality to the class level so all instances of the same type of objects automatically get it?

First an example of how a simple plugin may look like:

NodePlugin = function(config) {
    this._node = config.host;
}

NodePlugin.NS = 'vis';
NodePlugin.NAME = 'NodeVisibiltyPlugin';

NodePlugin.prototype = {
    show: function() {
        this._node.setStyle('display', 'block');
        return this_node;
    },

    hide: function() {
        this._node.setStyle('display', 'none');
        return this_node;
    }
};

What this plugin does it to add hide() and show() functions to the vis namespace (as specified in the code) of Y.Node.

This plugin would typically be used like this:

var node = Y.one('#myElement');
node.plug(NodePlugin); // add plugin functionality
node.vis.hide();

If you would like to use the plugin functionality for all node objects it would be somewhat tedious to invoke plug() for each and every instance. The way to get around this, which is not really documented except in the API reference, is to use the static method Y.Plugin.Host.plug.

Y.Plugin.Host.plug(Y.Node, NodePlugin); // plug once ...

var node = Y.one('#myElement');
node.vis.hide(); // ... use anywhere

Now any new instances of Y.node have access to the plugin methods through the specified namespace. I also discovered that in order for this to work the static NAME property must be defined in the plugin object.

Progressive enhancements with JavaScript and CSS

It is clear that IE6 is not going away just yet, at least not for mainstream websites targeting a large (and non-tech) audience. Quite some time and effort is put into making design and functionality work in IE6 which otherwise works perfectly well in more modern browsers. This is inefficient, but just because IE6 support cannot be dropped does not mean the cause is lost. The key is to not think black and white, instead think in terms of progressive enhancements.

The fundamental concept of progressive enhancements are that anyone may use the functionality, but a more enhanced version is available for those with more advanced browsers.

Having a complex feature with pixel perfect appearance and functionality in all browsers usually means that you implement it on standard compliant browsers, and then provide workarounds to make it work in Internet Explorer (usually a significant amount of work). The key to reduce this waste of time is not to skip IE6 entirely (which may not be an option), but to let go of having everything exactly the same in all browser. Instead, provide the basic functionality to IE6 but add the shinyness and bling to newer browsers.

The old approach

About a year ago I did a JavaScript map implementation (similar to Google Maps) and it had an info box popup that could contain additional information. The original requirements were that it should have rounded corners and a pointer that depending on position could point in four directions (flipping when the map moved). In addition the dimensions should automatically size to the content unless a fixed width and/or height were set.

Old (complex) InfoBox implementation

Old (complex) InfoBox implementation

And it should look exactly the same in all browsers. This single line of requirement resulted in the implementation becoming one of the largest and most complex modules in the whole mapping application. Using css sprites for the corners, off-screen rendering to estimate size, lots of IE workarounds and so on… probably 60% of the development time were spent on compatibility issues.

The modern way

I recently had the opportunity to rewrite the info box implementation, using a much smarter approach. The key was that the basic functionality should work in IE6, but it shouldn’t necessary look the same.

This resulted in an implementation that was 1/5 of the number of lines of the original, didn’t require additional images for the corners (reducing number of HTTP requests), no IE hacks and was a lot more flexible.

By using border-radius and box-shadow available in CSS3 the implementation was very simple, and we even got a drop shadow for free.

InfoBox in modern browsers

InfoBox in modern browsers

Using an old or non-standard browser like Internet Explorer resulted in the following look.

InfoBox in Internet Explorer

InfoBox in Internet Explorer

Still functional and useful, but without the extra visual appearance. However, instead the development time was dramatically reduced and the implementation dead easy instead of very complex.

The challenge

This is all pretty straightforward, why do it any other way? Usually the challenge is not technical, but rather to communicate this to the stakeholder. Most organizations simply state “Support IE6+, FF2+, …” implicitly resulting in requirements demanding exactly the same functionality pixel by pixel between the supported browsers.

This is where it gets wrong and the challenge is to change it! It is not about being supported or not supported – it is about to what extent should a browser be supported! IE6 may be supported in a way that the core functionality is useful, but it may look less attractive and some fancy (but non critical) features may be removed.

To what extent each browser should be supported should be a conscious and strategical choice! The benefits are huge with productivity gains, less complex code and faster time-to-market. And it is up to you, as a developer, to communicate this and make it happen!

Internet Explorer cross-site scripting warning

I came across the warning “Internet Explorer has modified this page to help prevent cross-site scripting.” which is triggered by the IE8 security filter.

However, IE gives no clues of why the warning was triggered or what was modified to prevent it. Annoying.

To get some more information you must download Microsoft Application Compatibility Toolkit and run the Internet Explorer Compatibility Test Tool.

More information about this particular issue with XSS is available here.

It is possible to stop this warning from occuring (beside actually fixing the underlying issue) by adding a custom header entry: X-XSS-Protection: 0