“D”-constructing $.ajax()
Today I learned something new about some of the little nuances of jQuery ajax calls and the JSON objects that are returned.
If you're familiar with, or have used jQuery ajax calls in your code, no doubt that the following code example looks typical to something you've seen prior:
$.ajax({
type: 'POST',
url: 'services/foo.aspx/GetBar',
contentType: 'application/json; charset=utf-8',
data: '{}',
dataType: 'json',
isAsync: true,
success: function(data) { alert(data.d); },
});
Pay particular close attention to that little 'd' there in the anonymous function that's called when our ajax call successfully returns from the server. For those of you not in the know, that 'd' is the response data returned from the server packaged into a JSON object. Now like most other language quirks, I'm sure you've gone along and used this function and perhaps quietly assumed that this 'd' is nothing more than a simple naming convention that the authors of jQuery put together to make the function work.
Well, I'm here today to let you know that not only is that not the case, but there actually is a very good and specific reason for them doing this that way. That little 'd' actually helps protect your site from Cross Site Scripting attacks (XSS). Allow me to explain in detail a bit further, but first a brief introduction as to what exactly a Cross Site Script attack is for those out there who are hearing the term for the first time.
Wikipedia defines it as:
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to injectclient-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.
As you can see, XSS attacks are something not to be taken lightly. So how does our little 'd' protect us? Simple, when an ajax call is returned, the data contained within that response becomes encapsulated in a JSON object (and given the name 'd') that the Javascript code can then use accordingly. If a malicious attacker tried to send executable Javascript code in the response to an ajax call, the code would not be executed by the browser.
All that security wrapped up in one little letter.
Cost Per Action (CPA) vs Pay Per Click (PPC)
Why CPA Advertising is better than Pay Per Click Campaign
The internet cannot live without online advertisements and most websites live longer because they generate funds from brands seeking to advertise on them. But with the advent of tracking tools and analytics, despite millions of website populating the internet, companies do not have a difficult time picking which site they could advertise on. However, that was just one issue solved.
Before starting to advertise, every company must decide on which type of advertisement would work best for in terms of income, and which one works well with its budget. Here comes the battle between Cost Per Action (CPA) and Pay Per Click (PPC). As a pro-CPA, allow me to raise the points why and how CPA will generate more gains for the company.
First, let us define the two. CPA-based advertising is a model used by websites allows advertisers to select how they want to pay for their ads – by clicking, impression, sale or any other variable. Meanwhile, PPC allows for advertisers to pay their host ONLY when the ad is clicked, The Cost per Click is the amount paid by the advertiser to the search engine and other internet publishers for very click on the ad which leads the ‘clicker’ to their website.
Why CPA is better than PPC
Probably the most logical reason why most advertisers choose CPA is its cost. While PPC will cost the advertiser to pay for every click, CPA advertisers only pay if the prerequisite action has been reached. For example, if an advertiser chooses to pay for every sale, then it would only pay for every sale. In other words, it ensures that the advertiser gets what it pays for. On the contrary, PPC does not guarantee the advertiser of a sale. CPA is more preferred today as the competition for brands in the online world continuous to ramp up and the least advertisers can expect is a sale.
Don’t get me wrong, CPA and PPC are not complex but they aren’t your usual ABC. An adequate knowledge of effective advertising is still required to be able to generate the leads that you want.
Many companies have earned a lot from PPC but only after investing a lot. On the other hand, CPA does not entail advertisers to shell out much money to be able to sell. Although it still depends on what type of service or product you are selling, it is obvious that CPA has an edge over PPC. Still the best way to find out which one works for your company is by trying out both. Don’t forget to take track of your gains so you can properly gauge which one will serve you well.
Certification vs Graduation: The educational dilemma of the modern IT professional
Recently I was asked the following question by a colleague of mine in regards to IT education:
What do you think is better for someone in IT to have: A four-year degree from a college or university? Or, certification for their field of work?
The short answer: both, obviously. But what if one had to choose between the two? What then would be the best course of action?
Triggering ASP.NET validators with Javascript
In this article today I am going to show you how to call the validation methods for ASP.NET validators using only Javascript. You won't need to include any special plugins to do this and can begin implementing this method on your site right away.
Regular Expression Library Website
I was researching for a regex expression to use for validating a particular input for time when I discovered this website, The Regex Library.
It has a plethora of expressions for validating practically any kind of string format you can think of. Even better, you can test the expression on the site itself! For those of you out there who aren't RegExperts, you'll find the information contained in this website a huge help when you want to validate or search for a particular string.
Know of a better website/resource on Regular Expressions for developers? Let us know!
Surviving in the IT world in an economic recession
In today's economy everyone is trying to find ways to supplement their income they receive from their regular job, or try to replace the income they've lost due to cut backs at their place of employment. For others, they may find themselves looking for a new gig altogether. Despite having the luxury of working in the field of IT, web developers and designers are not immune to the woes of an economy in decline.
Full-Sized Calendar in jQuery
Came across this nice little Calendar widget that you can plug into your web applications with jQuery. Check it out here.
30+ Useful Photoshop Custom Shapes
Found an awesome and varied collection of custom made Photoshop shapes for you to use in your designs. Click here to view the collection.