Monday, December 3, 2018

Fundamentals of JavaScript

Last weekend I went to "JavaScript Fundamentals" boot-camp . It was a good class and nice introduction  for people who are new to programming. But my goal was to refresh some of the basics of JavaScript that I haven't tried for long time and want to learn some new things in JavaScript.

Two interesting and new things I learned  from the class are :

1.  80 to 90% of the Internet/Website is running with JavaScript.  Leading browsers in the market ( IE,Mozilla,Google Chrome) can execute only 3 things ( HTML,CSS and JAVASCRIPT).

If you consider Web as language (Analogy), then we can consider  HTML = 'noun' , CSS = "style"  and JavaScript = "Verb". I am ok with this analogy .

All frameworks of other languages like  Django(python web framework) , React( JS framework), Ruby Rails are translating their native language to JS as the browser can  understand only Javascript/html/css.

2. It ( JS applications) can be easily vulnerable and exploited by the malicious  inputs . ( The instructor did not mention/told this ). It was a basic programming boot-camp, so I won't expect him to say this.

But when I saw some of the examples  mentioned are so scary !!!.

We can use "typeof" operator to restrict the input types . But its all on developer's head.

Some of the questions : How  "+" operator can work on number and string ?
It can pass anything to a function and function won't check the type and JS will return something(what ever it like) !!,  its fully developers responsibility to understand the inputs and validate the types of the input before passing.

I think, you can read through below links for more :

But I believe, JavaScript is a highly paid programming language and a language still showing/have  deficiency of programmers because 80%t to 90% Websites are running with JS.

If you want to build some fancy and interactive web pages , you need javascript. because the browsers can understand only JavaScript.

That made me research a little bit on Web browser engines, looks like it was just a race for JavaScript engines from 2006 to 2010 between leading web browsers(Microsoft IE, Google Chrome, Opera,Mozilla) . Read more

Just because JavaScript was the only thing making websites interactive and fancy!!. (There would be  some other benefits why browser engines using JS engines). So whoever(browser) can execute the JS quick ,they are the best ( I believe this hold true even today). But serious drawbacks of JavaScript are ignored and that made the internet even worse.

We really need the web to be more secure and trusty , without compromising the performance( I am ok with compromising performance if we get security). So the point is, we really needed an alternative for JavaScript or something can write a good JS for us. Since the 80% of the Web is running with JS, the browsers are not going to switch to some other language engines quickly.

I am not sure how will be internals/architecture  of the browser in next  10 years .I wish there would be more type and memory safe languages engines and they should replace JS engines. People/developers should write those type and memory  safe languages for the browser engines.

I was reading through WebAssembly for last a few months.The JavaScript boot-camp was an eye-opening for me to read more on WebAssembly + Rust again because....

Why  Rust and Web Assembly ?

WebAssembly -  Its not compromising performance and allows to write type safe + memory safe low languages

Rust - Featuring
  • zero-cost abstractions
  • move semantics
  • guaranteed memory safety
  • threads without data races
  • trait-based generics
  • pattern matching
  • type inference
  • minimal runtime
  • efficient C bindings

But one thing even concerning me is web assembly compiling the C,C++ or Rust to JavaScript that eventually going to run in the browser.. so again JS is going to run in engines. Will this actually solve the JavaScript issues ? I am not sure.

Looking for your comments and thoughts!

No comments: