↑
Main Page

Deployment Issues

So the JavaScript for your Web application or Web site has been coded, you’ve fully debugged it,

and you’ve made sure that it works in each of your target browsers. The time is coming for deploy-

ment, and that introduces a whole host of new issues. Although you can test on various operating

systems with various browsers, seemingly little things can cause unexpected browser behavior. It

might be an operating system service pack; it could be a bug patch for a browser; or it could be a

difference in cross-platform behavior. All these fall under the umbrella of deployment issues: things

you need to worry about when setting up a system outside of your development environment.

Security

One of the biggest issues for any Web-based system, whether it be purely informational or an online

storefront, is security. JavaScript is filled with security checks to prevent malicious scripts from

attacking your computer, but specific security measures are also taken by each browser. Mozilla, for

instance, has an entirely unique security model involving signed scripts and enhanced privileges. If

you understand which security measures apply to all browsers and which are browser-specific you

can create more secure JavaScript.

The Same Origin Policy

It was briefly mentioned earlier in the book that JavaScript can only communicate with pages

from the same domain. For example, a script running on Wrox’s home page (

www.wrox.com

)

cannot interact with any browser window or frame containing a page from Mozilla’s Web site

(

www.mozilla.org

). This security measure is known as the Same Origin Policy.

Two scripts are considered to have the same origin if the containing pages:

Use the same protocol (such as http://)

Use the same port (typically port 80)

Have the same domain name

22_579088 ch19.qxd 3/28/05 11:43 AM Page 563