Secure web applications via automatic partitioning
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Integrating long polling with an MVC framework
WebApps'11 Proceedings of the 2nd USENIX conference on Web application development
A finite-state machine approach for modeling and analyzing restful systems
Journal of Web Engineering
The CloudBrowser web application framework
Proceedings of the 3rd annual conference on Systems, programming, and applications: software for humanity
Hi-index | 0.00 |
Ajax-driven Web applications require state to be maintained across a series of server requests related to a single Web page. This conflicts with the stateless approach used in most Web servers and makes it difficult to create modular components that use Ajax. We implemented and evaluated two approaches to managing component state: one, called reminders, stores the state on the browser, and another, called page properties, stores the state on the server. Both of these approaches enable modular Ajax-driven components but they both introduce overhead for managing the state; in addition the reminder approach creates security issues and the page property approach introduces storage reclamation problems. Because of the subtlety and severity of the security issues with the reminder approach, we argue that it is better to store Ajax state on the server.