Some developers mentioned that it would be nice if Ajax.NET Professional could be more JSON compliant to use with some JavaScript frameworks that are not using the eval statement. And, if you have a look at json.org JSON message always have to be an object or array, not a string or boolean directly. Well, I absolutly see the need of these changes and I have done this already in a beta version which I will provide this evening.

How JSON messages will look like, now

To be more JSON compliant I'll return an object with two possible parameters, one with the name value and another one with error (if an Exception has been thrown during the execution of the AjaxMethod). Another change will be to remove the JavaScript code ";/*" at the end of each JSON message which I used to get it working on all web server including some very special configurations with Apache and Mono.

// 3 old JSON messages
"Hello World";/*
true;/*
=null;r.error={"Message":"You are not authenticated!","Type":"System.Exception"};/*

// 3 new JSON messages
{"value":"Hello World"}
{"value":true}
{"error":{"Message":"You are not authenticated!","Type":"System.Exception"}}

New JSON converters

There will be a couple of new JSON converters which may get default. The thing is that AjaxPro sometimes is returning a function call to return a new instance of a class with some additional properties. With the old DataSet converter I reduced the amoung of data sent back to the client-side JavaScript code by saving each time the colum names. A new converter will return a common array with column names in each row which can be used in more third-party JavaScript frameworks. You can switch between these converters in web.config. Note: the change of the DateTime converter will save some bytes, too, which is already possible in AjaxPro web.config configuration today.

// old DataSet converter
new Ajax.Web.DataSet([new Ajax.Web.DataTable(
    [["uid","System.Int16"],["name","System.String"],["type","System.String"],
     ["refdate","System.DateTime"]],
    [
        [1,"sysobjects","S ",new Date(Date.UTC(2002,11,17,13,36,10,43))],
        [1,"sysindexes","S ",new Date(Date.UTC(2002,11,17,13,36,10,43))],
        [1,"syscolumns","S ",new Date(Date.UTC(2002,11,17,13,36,10,43))],
        [1,"systypes","S ",new Date(Date.UTC(2002,11,17,13,36,10,43))],
        [1,"syscomments","S ",new Date(Date.UTC(2002,11,17,13,36,10,43))]
    ]
)]);/*

// new DataSet converter
{"result":{"Tables":[
    {"Rows":[
        {"uid":1,"name":"sysobjects","type":"S ","refdate":"2002-11-17T13:36:10"},
        {"uid":1,"name":"sysindexes","type":"S ","refdate":"2002-11-17T13:36:10"},
        {"uid":1,"name":"syscolumns","type":"S ","refdate":"2002-11-17T13:36:10"},
        {"uid":1,"name":"systypes","type":"S ","refdate":"2002-11-17T13:36:10"},
        {"uid":1,"name":"syscomments","type":"S ","refdate":"2002-11-17T13:36:10"},
    ]}
]}}

AjaxSecurityProvider and the AjaxToken

Because the old interfaces IAjaxKeyProvider and IAjaxCryptProvider are not easy to understand (for some developers) I changed that and created only on interface (abstract class). With this new provider you could create your own de/-encryption for JSON messages and provide a token for each client. I will write about this in another post when the beta is available to the public.

Below you will see a simple encryption (reverse the JSON messages only, but could be replaced i.e. by a Blowfish implementation) and a way to create a token that will be checked for each Ajax request:

public class MySecurityProvider : AjaxSecurityProvider
{
   public override string Encrypt(string json)
   {
      char[] s = json.ToCharArray();
      Array.Reverse(s);
      return new String(s);
   }

   public override string Decrypt(string jsoncrypt)
   {
      char[] s = jsoncrypt.ToCharArray();
      Array.Reverse(s);
      return new String(s);
   }

   public override string ClientScript
   {
      get
      {
         return @"

AjaxPro.cryptProvider = {};

AjaxPro.cryptProvider.decrypt = function(s) {
   var r = [];
   for(var i=s.length -1; i>=0; i--) {
      r.push(s.substr(i,1));
   }
   return r.join('');
};

AjaxPro.cryptProvider.encrypt = function(s) {
   var r = [];
   for(var i=s.length -1; i>=0; i--) {
      r.push(s.substr(i,1));
   }
   return r.join('');
};      
      
";
      }
   }

   public override string GetAjaxToken(string sitePassword)
   {
      if (HttpContext.Current == null || HttpContext.Current.Request == null)
         return null;

      string ip = HttpContext.Current.Request.UserHostAddress;
      string agent = HttpContext.Current.Request.UserAgent;
      string site = sitePassword;
      string token = ip + agent + site;

      return MD5Helper.GetHash(token);
   }

   public override bool IsValidAjaxToken(string token, string sitePassword)
   {
      if (token == GetAjaxToken(sitePassword))
         return true;

      return false;
   }

   public override bool AjaxTokenEnabled
   {
      get
      {
         return true;
      }
   }
}

The old version had a lot of bugs when using the token feature. I fixed those bugs and added support for tokens if using the IFrame XMLHttpRequest replacement when ActiveX objects are disabled.

New JavaScript proxy files

A lot of developers are already using JavaScript frameworks with XMLHttpRequest support. For those I will add new settings to change the output of the JavaScript wrappers, core.ashx, prototype.ashx will be removed then, and you should not have a problem with any third-party control or JavaScript framework.

Another thing is that the Ajax request queue perhaps may be removed. I see more problems with that when developers are using this to run more than 20 (!!!) at the same time which makes absolutly no sense.

5 Comments

• Liming Xu said Friday, April 13, 2007 2:35:23 PM

  Thanks Michael. It's absolutly good news. We've decided to drop Microsoft Ajax and use AjaxPro because of multiple issues including forcing our clients to install in GAC and what not. We'll be integrating yoru framework with Yahoo UI Ext/Ext JS, so everything you are doing will surely helps us. Thanks again.

• Will said Saturday, April 14, 2007 4:11:41 AM

  This is great news. Ajax Pro was really what got me started with ajax dev to begin with. Although I love some of the whiz-bang convenience of Atlas, for many projects I still find Ajax Pro invaluable. I have been using Mootools + Ajax Pro for some more robust client-side functionality lately. Eliminating the redundant code makes this solution even better now. Thanks.

• yaniv danan said Saturday, April 14, 2007 6:16:41 AM

  mm.. isn't that evening already ? waiting for the new release..

• sergiotarrillo said Tuesday, April 24, 2007 9:43:34 PM

  [off-topic] Hi Michael!, I can use AjaxPro togheter ASP.NET AJAX at the same time?, some recommendations? Saludos,

• interactive said Tuesday, April 24, 2007 10:04:29 PM

  @Sergiotarillo: it should work, if not we will get it working... ;) Michael