Tag Archives: thoughts

Web Development and MVC: a pain somewhere, cont’d.

Posted on by
Reply

Our beloved model-view-controller pattern seems to act as an excuse for every damn web-framework out there. Yet there is one problem. From my point of view, no framework to date has ever managed to slice a web application in a useful way. Really. Why?

First of all, it should be clear that patterns just like MVC can’t be adapted without major changes from desktop environments to the web. Why? Well, desktops are a safe harbor compared to every browser. The Operating System provides resources, screen estate, some kind of event handling and the promise that once you build your app around a certain system, it will work there. Of course this is the major drawback of desktop applications.

Web Applications are not built for just one system, they are mostly built with the target of total platform-independence. Including that nothing can be taken for granted, just like screen estate, resolution, browser software etc.

And then there is this huge limiting factor called HTTP. HTTP is a simple, beautiful protocol that does a great job for what it was designed. That is, delivering web pages, stateless, happiness. Which introduces just a new detail that clearly seperates desktop from the web, the web just doesn’t know anything about state. Once a server delivered a page to you, he just doesn’t care. Really. We introduced sessions and stuff, yet, there is this design-based limitation, and for the time being, we’re just working around this limitation, whereas desktop applications are stateful: ever heard of RAM?

So the problem we are actually facing is that all the well-engineered patterns of the desktop world just can’t be adapted. Sorry. There maybe certain areas where the impression of adaptability may occur, yet these impressions vanished as AJAX appeared.

Why? The traditional web-application, let’s call it Web 1.0, was based on that well-known request-response-leavemyalone cycle. Maybe some session sugar enabled a stateful behaviour, whatever. And we had a way to adapt MVC: put everything that is persistent or part of the “business logic” in a Model-Class ( aka bean ). Go ahead and search for your embedded html. Try to put in a seperate file, and tell all your geek-friends that it’s the view. And finally, the glue was the controller. And yes, it worked out really well. That was then.

Since the unfortunate launch of GMail everything has changed. There is no longer anything like “impossible”, since someone clearly demonstrated that virtually no restrictions in terms of usability and functionality exist.

Again, from my point of view, Google just didn’t reinvent the wheel, they just used available techniques in a new way.

So, with all this “new” technology, web application creators were forced to adapt, which led to a wide variety of 1) AJAX-Frameworks like Prototype and JQuery 2) Smart helper functions for server-side components to hide away the fact that none of them is able to encapsulate that new technology beyond some well-designed layer of abstraction.

Welcome to my world. I’m doing web stuff daily. Someone even pays me for doing it. But I’m really, really frustrated. There is simply no single well-designed framework, enabling me to really focus on what I want to do, not on how.

Today, business logic isn’t the problem. There are some very good approaches making it a breeze to brew out even complex logic.

But there is still too much code here ( in my repositories, maybe I’m just doing wrong ) that’s just dealing with requests. But the amount wouldn’t be a big deal, since the average linecount already dropped massively over the years. The problem is that there is absolutely no beauty. Nada. No language can hide, not even Ruby, that it’s ugly to deal with requests on a per-request level.

I don’t have a solution, though I’m thinking about it a looottt. And that’s just my opinion, expressed in some kind of english. And I’d really appreciate any single comment.

Password Management, 2nd approach

Posted on by
Reply

A while ago I developed a simple demo of an application able to log a user on to his several social homes. Feedback was poor, users are just not willing to save their passwords anywhere else but in their brains. This is funny since most users I talked to ( except some nerds ) stick to the one-password-per-life principle. Really. And since every major security measure applied is rendered completely useless if the user has a weak password, which is assumably mostly the case, it’s time to think about an alternative. I won’t, I tried, nobody liked it.

But the other problem is in enterprise or business environments. Imagine some people with the need to have access to certain management systems ( e.g. for remote servers ) sharing one account. While it would be totally usable to simply write down a password and hide it in the office, this is quite time-consuming, each time someone compromises your secret place, you have to reset passwords and find a new place, communicate this new location etc.

So an online solution should be the way to go. Public-Key Infrastructures fulfill the requirement of security sufficiently, yet the usability sucks. A simple desktop application retrieving encrypted passwords and deciphering them locally would be enough. Change a password and publish this change is as simple as changing the password, everyone else would get his new password automatically if he is in the group with access to that password, so password changes are not a problem.

Avoiding showing the password onscreen is as simple. Just put it in the clipboard, and happiness would spread. But where is this simple approach?

Still working on usabilitizing the Web: ideas, cont’d

Posted on by
2

Hello, today I continue my list of ideas which would make the Web and Computers in General way more easier and safer to use. Although it won’t change anything, I just want to make you think about it and let me know your opinion.

I’m still a bit frustrated that there is nothing like a general file metadata format. While every OS nowadays has its own metadata-supplying filesystem, there doesn’t seem to be a way to exchange that information or reuse it. Neither to publish it online, in a useful manner. I was thinking about a format that enables one to store almost arbitrary information in for a file. Album art, MD5-hashes, Author information, keywords. Anything that helps to categorize a file. Thus, a download would start by clicking on the metadata file, a nice screen would popup showing the file type, the supplied information, giving you the ability to get a quick overview about a file.

This could help to prevent the download of malicious software etc.. And it would help to store files correctly without user interaction. As a teacher of mine noticed correctly, it’s impossible to store and organize files in a useful way using the old-school directory-filename scheme, plus the good old 3-char extension, e.g. avi or txt. Something more sophisticated is needed, and would add a bit more usability to this web.

This is once again just a rough idea, and I would love to hear your comments.

Still include IE6 support when creating a Web Application?

Posted on by
4

I really don’t know if i shall. And this time I’m really asking for your opinion on that, just leave a comment. A Pro is that many users in corporate environments are still forced to use our favourite old-school browsing grandpa. And excluding a mentionable amount of users just for the sake of less work? 

On the other hand, I guess that most people using really modern WebApps are nevertheless forced to use modern browsers. I don’t know, really not. A short yet true list of cons is presented here as well, and a rather radical point of view presented by nick cowie.

Thoughts on the importance of browsers

Posted on by
Reply

What are browsers? They are bit like a light switched on so one can read a book. They are rather useless without any pages they can display. And still, it seems that dominating the browser market is a very attractive goal. Of course, doing that leads to the ability to control what techniques can be used and which can’t, a very powerful way to exclude competitors. 

Continue reading