Author Topic: Basic question Javascripts: online resources  (Read 3055 times)

sinus

  • Global Moderator
  • *****
  • Posts: 4461
  • IMatch-User since 2001 (IMatch 3.6)
Basic question Javascripts: online resources
« on: February 04, 2017, 10:24:42 PM »
Hi all
If I look at some Javascript-code, there is quite often written some links like these here:

Code: [Select]
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0/jquery.min.js"></script>
<script src="https://api.html5media.info/1.1.8/html5media.min.js"></script>
@import url("//fonts.googleapis.com/css?family=Yanone+Kaffeesatz:200,300,400");

Now a very basic question: Are such links in a way "dangerous" to use such scripts, because they could bring some bad stuff in my computer?
If I delete such lines, the script does not work correct.

The first line above refers (I think) to a jquery-version, what I do think, is a kind of library.
And now this link goes to this library and I must not "install" on my computer.
If I had "installed" it, then this line would not be necessary.
Is this correct?

I ask this here, because I like this forum.  ;) 8)

« Last Edit: February 04, 2017, 10:27:11 PM by sinus »
Best wishes from Switzerland! :-)
Markus

Jingo

  • Super Hero
  • ****
  • Posts: 1863
Re: Basic question Javascripts: online resources
« Reply #1 on: February 05, 2017, 12:59:54 AM »
These script "calls" are simply defining the location of the javascript files in your html program so included functions/libraries from within those programs can be called within the actual html code.  In and of itself, just linking the source files in the HTML file is not dangerous.. but if there are calls to functions within the javascript - that could be trouble since you would need to know what they are doing...

Hope this helps!

ubacher

  • Oldtimer
  • ****
  • Posts: 2358
Re: Basic question Javascripts: online resources
« Reply #2 on: February 05, 2017, 08:20:09 AM »
Will I need to have access to the net when such lines are included
in order to execute the script?

Mario

  • IMatch Developer
  • Administrator
  • *****
  • Posts: 29729
Re: Basic question Javascripts: online resources
« Reply #3 on: February 05, 2017, 08:43:30 AM »
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0/jquery.min.js"></script>

jQuery is a standard library used by many, many web sites. Including IMatch WebViewer and all IMatch Developer Demos (see also the examples in the IMatch Anywhere Developer Center) for more info about jQuery, links, and documentation.

Importing (using) one (usually multiple) external script libraries is totally normal for modern web sites.
Using code written by others (usually open source and used by millions of people out there) can save you a lot of work. And, unless you use something more advanced like Google's Angular or Facebook's React, jQuery is the best available HTML library. It helps you do do more in less time.

CDNs

When you look at the <script> tag for jQuery you notice that the URL begins with cdnjs.cloudflare... This is a CDN. To improve performance, many web sites don't "host" the jQuery library themselves but instead rely on so-called CDNs (content delivery networks). The HTML code just links to the appropriate version of jQuery on the CDN. Your browser loads jQuery from the CDN if it has not cached it already.

Using a CDN improves reliability and speed. CDNs have data-centers all over the world and can deliver HTML and JavaScript code very fast. If many web sites download jQuery from the same CDN, it is much more likely that your browser already has a copy of the library in it's cache and does not need to load it again.
This is irrelevant for your own IMatch scripts, but for sites like Google, it can save billions of downloads each day.

<script src="https://api.html5media.info/1.1.8/html5media.min.js"></script>
Don't know what this library does.

Fonts

@import url("//fonts.googleapis.com/css?family=Yanone+Kaffeesatz:200,300,400");

This is an instruction to download a font from Google. Google offers hundreds of free fonts you can use in your web site and elsewhere: https://fonts.google.com/
Many web sites use these fonts. Instead of copying and hosting the font on their own server, they just link to the fonts.googleapis website to access the font.

This is what Google wants and why they offer free fonts.
Whenever your browser requests a font from the Google CDN, it delivers your IP address in return. This allows Google to track you, even if you have Google cookies disabled or you use your browser in "private" mode. That's all Google wants. To track you, wherever you go. Fonts and basically everything Google offers (from apps to tools) servers this only purpose. To track you, gather data, learn about you and then monetize this data.

Summary

In general: JavaScript libraries like jQuery or accessing a Google fonts is safe.

Your browser runs JavaScript in a "sandbox" and JavaScript has many security features to prevent it from harming your system. Like, no access to the file system on your computer etc.

Of course there is always a small risk for undetected browser security holes which may be used by malicious JavaScript code to do something evil.
Hence it is important to stay away from the shadier areas of the Internet and to use tools like "NoScript" to control which web sites you allow to run JavaScript. Many web sites don't run well if JavaScript is not enabled - but they also cannot do anything potentially harmful.

sinus

  • Global Moderator
  • *****
  • Posts: 4461
  • IMatch-User since 2001 (IMatch 3.6)
Re: Basic question Javascripts: online resources
« Reply #4 on: February 05, 2017, 11:42:08 AM »
Will I need to have access to the net when such lines are included
in order to execute the script?

I think, when I read Mario's answer, we must have access to the internet, unless the library is in your cache.
Best wishes from Switzerland! :-)
Markus

sinus

  • Global Moderator
  • *****
  • Posts: 4461
  • IMatch-User since 2001 (IMatch 3.6)
Re: Basic question Javascripts: online resources
« Reply #5 on: February 05, 2017, 11:44:55 AM »
Hey Jingo
thanks for your answer!

And of course also Mario, specialy for your indepth answers, I know now a lot more!  :D
Best wishes from Switzerland! :-)
Markus

Mario

  • IMatch Developer
  • Administrator
  • *****
  • Posts: 29729
Re: Basic question Javascripts: online resources
« Reply #6 on: February 05, 2017, 01:00:15 PM »
Quote
we must have access to the internet, unless the library is in your cache.

Sure. This way for linking to 3rd party libraries makes only sense when you do it on a normal web site. A user can only reach your web site when he is on-line, and then he can also reach the CDNs.

For a web site / app that has to work in off-line mode, you make jQuery etc. part of the app and store them in the local file system.
This is how all the demos in the IMatch Anywhere Developer Center are set up. Each demo is independent and includes everything that is needed to run it.

You might have a look at the demos and the documentation. This will make a lot things a lot more clear.

jch2103

  • Oldtimer
  • ****
  • Posts: 2243
Re: Basic question Javascripts: online resources
« Reply #7 on: February 05, 2017, 07:08:35 PM »
Quote
we must have access to the internet, unless the library is in your cache.

Sure. This way for linking to 3rd party libraries makes only sense when you do it on a normal web site. A user can only reach your web site when he is on-line, and then he can also reach the CDNs.

For a web site / app that has to work in off-line mode, you make jQuery etc. part of the app and store them in the local file system.
This is how all the demos in the IMatch Anywhere Developer Center are set up. Each demo is independent and includes everything that is needed to run it.
...

OK, good to have this option, as there will be times where users who are traveling with laptops will not have internet access.
John