One of the most popular technologies employed by modern web developers is jQuery, which powers countless sites and mobile applications. As easy as the framework is to use, however, a variety of conflicts and other concerns await even the most careful of coders.
Some of the most significant of these issues surround the safety of a website.
Testing for common conflicts and more is where automated auditing tools earn their bread and butter.
Freelance security blogger Adrian Stolarski explains that in its role as a lightweight programming library for JavaScript, jQuery’s main task is to manipulate the DOM tree of elements. This causes threats from the use of jQuery on ()Event and from Reply(), along with jQuery’s storage of the root page template. Other problems arise from the use of legacy versions of jQuery, or multiple versions.
“Writing a good jQuery script can be terribly difficult. You must unfortunately rely on trial and error,” Stolarski says. “And then what? Do you have to rely on trial and error to find out what is good and what is not? Does it have to be this way? Of course not.”
Testing for common conflicts and more is where automated auditing tools earn their bread and butter.
According to its developer, jQuery Audit (www.github.com/zertosh/jquery-audit) is a Chrome Developer Tools extension for auditing jQuery, by creating a sidebar within the Elements panel, containing jQuery delegated events, internal data and more; presented as live DOM nodes, functions, and objects.
Google says that its Chrome Developer Tools (www.developers.google.com/chrome-developer-tools/) is a set web authoring and debugging tools built into Google Chrome that provides web developers deep access into the internals of the browser or application.
It is an extensible platform with substantial community support.
For its part, jQuery Audit allows users to locate delegated events and their handlers, with the variables behaving like objects in the sources panel’s “Scope Variables” sidebar.
Users can right-click on a function and go to “Show Function Definition,” or hover over a DOM node to highlight it in the file. Right-clicking to “Reveal in Elements Panel” adds another view.
Zertosh, the extension’s developer, notes that the content of a SidebarPane can be an HTML page, a JSON object, or “the result of an expression,” but adds neither an HTML page nor a JSON object has the ability to display “live” objects.
“The reason for making this extension was so that I could find a delegated event and be able to use ‘Show Function Definition’ on the handler,” Zertosh explains. “For that effect, the contents of the sidebar is actually ‘the result of an expression’ with a lot of trickery to make it look not-so-ugly.”
To differentiate between actual object data and informational messages, Zertosh went with the @(...) convention to prevent confusion with string data.
It even works with popular iframe types.
A useful extension for debugging jQuery events and for the introspection of jQuery objects, the tool’s ability to view the source of a bound function and ability to track down unexpected event behavior, coupled with its simple interface, make it a winner.
Install it from the Chrome Web Store and let jQuery Audit improve your website’s performance by identifying underlying jQuery scripting problems. Your customers will thank you.
