Pages

Friday, April 16, 2010

Crossdomain is not Crossbrowser ...

While Safari and Chrome are pretty modern browsers that don't usually disappoint, in web programming, you can never be sure. I am talking about the way cross-domains is implemented.

In javascript, as a security feature, access to some objects is restricted based on document origin. If that was cryptic, here is a concrete example. A frame in a page can't read the location of the parent using window.top.location.href property , if the frame came from a different webserver than the parent.

That is, if you do something like this inside the iframe

location = window.top.location.href

you would get an exception in Firefox, and IE (at least the more recent versions)

Error: uncaught exception: Permission denied to get property
Location.href

I guess that is what the RFC may have prescribed. However, the behavior in Chrome and Safari is different. (And chrome and safari both are based on Webkit, so its essentially webkit). They will not throw an exception, but instead merely return undefined.

Now this initially seems counter intuitive, but to think of it, I believe there is a reason why webkit behaves so. Let's say you have the following code

location = window.top.location.href
// do something
doSomething()
...

In firefox, the code that follows will never execute, because an exception was thrown when we accessed window.top.location.href. This will not be intuitive to a lame javascript programmer. Or so thought the makers of Webkit, who decided that it is smarter not to throw an exception and just set location to undefined, so that doSomething gets called. Which means any 'not so lame programmer' who writes this

try {
location = window.top.location.href
doSomething();
} catch {
doSomethingElse();
}

will find that their code wouldn't work as expected on Safari and Chrome.

Which is why it is important to adhere to the specs, in letter and spirit.

Saturday, April 03, 2010

Chat bot


For long, I have been toying with the idea of writing a chat bot for google and yahoo. I finally got around to doing that last weekend, and it proved to be much simpler than I had estimated. I

I connected the bot to Eliza (an AI program that simulates a therapist), and had it login as me on gtalk and talk to my friends and acquaintances in the contact list. The AI was pretty basic, but the conversations made for a very interesting reading. Not as good as the one at the top of this post though.

To all the unsuspecting victims in my contact list - I apologize. I was planning to use this as a Fools day prank, and then post the conversations here, but the novelty wore of much before the 1st of April, during the testing stage, and I dropped the idea. In any case, most of my Fools day prank have a reputation of being taken too seriously, creating unintended consequences. Most people I know in real life don't quite appreciate the kind of humor I like.

In any case, when I ever get the impulse to finish this project, I am going to modify it so that it could be used for logging in on Yahoo/MSN, and then create an AI that has a personality more like mine (and less like a therapist).

TODO: I am going to expand this post with a brief tutorial on how I did it for gtalk.