Scriptlets: Killer Components For The Web

Anyone using a Web-based
application today is familiar with the routine: enter
some data, click a button, and wait for a new page.
Sometimes, especially if you made a mistake or forgot
something important, the new page looks a lot like the
old page. You wonder sometimes when the Web is ever going
to grow up and start behaving like the smoothly running
productivity apps you use on your desktop every day.

With Dynamic HTML and
Scripting Library, that day is substantially closer, if
not already here.

The
user experience

When we use an application
we interact with it as a kind of conversation. We do a
few things and then we expect some feedback. Then we do a
few more things and expect more feedback. Very few
interesting applications can be resolved in just one
shot. As we interact with an application, we expect the
feedback we get to be in context, using what we’ve
already seen and done as a way to focus our attention and
help us find the right thing to do next.

But we
all know the Web is built on a stateless protocol called
HTTP. This means that those of us creating Web apps must
constantly wrestle with the problem of giving the user
the best possible experience with little help from
underlying machinery of the Web. We’ve become quite
adept at using concepts like ‘cookies’ to
create illusion of a continuous session between client
browser and Web server.

Still, we live with many
constraints. Every time a Web application interacts with
the server, browser must navigate to a new page. As
application designers, we have to live with the flash
associated with refreshing the current page, perhaps
changing it only a little bit. Perhaps, you’ve used
the trick of pretending that by loading a completely
different page that contains what we want to tell the
user. Either way, we’ve all felt the constraints
imposed by the Web.

The
new Web computing model

While the Web has been
evolving gradually, richer programming facilities are
finally reaching a new plateau. It is now possible to
create Web applications using Dynamic HTML, that are as
rich as what could be created with more established
client/server programming environments, such as Microsoft
Visual Basic.

What
is a Scriptlet?

Simple concept with global reach

A scriptlet is a
component for the Web. They are a standard feature of IE
4.0. Scriptlets combine the benefits of component
programming with Dynamic HTML and script. The
consequences of this combination, however, transcend the
Web.

Component-based
software

Components are now
recognized as a key technology to improve the amount and
quality of software. These are units of software that are
self-contained and designed to be used through simple
interfaces. While most early components were designed to
present some visual appearance to the end-user,
components can consist of pure logic and may have no
visual representation for the end-user whatsoever.

A programmer developing an
application uses substantial design-time
information about a component to understand how to
customize it and use it in his program. Much of this
information is not needed to actually run the resulting
application at run time. Component architectures
today therefore, try to identify the information only
needed at design time and organize the packaging of
components so that this information does not need to be
carried in the finished application.

Most component
architectures today describe the component interfaces in
terms of three concepts: properties, methods, and events.

Properties act like named
memory values inside the component. They are the means
for customizing the component at design time. Properties
can also be used to inspect the state of a component or
modify its behavior at run time.

Methods are operations
that a component can perform at run time to carry out
useful work. Together with properties, methods are means
for a program to communicate information into a
component.

Events are notices that a
component transmits at run time to the outside
application. These events are the primary means for
communicating information out of a component.

Benefits
of components

Components isolate
themselves from their surrounding program, except through
the well-defined interfaces they expose. In this way,
errors elsewhere in a program will not affect a
component. Historically, the ability of an error to have
unexpected consequences throughout a program has made
debugging difficult and expensive. By removing this
source of errors, components simplify programming and
reduce costs and risks.

Another substantial
benefit of well-designed components is reuse. A component
can be used in many programs without having to be
modified. Intelligent use of properties to allow
customization can avoid the trap of copying source code
and making changes. As anyone who has dealt with the long
term consequence of copying and modifying source code
knows, maintenance costs and integration bugs become
overwhelming.

Lastly, components can be
combined that have been written in different programming
languages (provided the underlying component architecture
supports this). COM does exactly this, facilitating a
market for reusable components that allow much richer
applications to be constructed in much less time than
ever before. One no longer must spend time converting
code from one language to another just to get the
functionality trapped in that code.

Components
on the Web

With the introduction of
scripting languages to the Web, the Internet has been
transformed to a dynamic environment supporting
sophisticated programming. Particularly with the
introduction of Dynamic HTML, the Web is maturing into
the user interface framework of choice for Web
programmers.

The
scriptlet architecture

Scriptlets themselves are
simply Web pages in which script has been written
according to certain conventions. They are used by
inserting an OBJECT tag into another Web page. The
scriptlet is named by any standard URL. IE 4.0 recognizes
a scriptlet by marking the tag as using a MIME type of
"text/x-scriptlet". Note that there is no CLSID
in the OBJECT tag. For example:

width=200 height=123

TYPE="text/x-scriptlet"
DATA="Calendar.htm">

IE 4.0 supports this MIME
type on all platforms–Windows, Mac, or Unix. Because
of the open nature of the architecture, third party
vendors will be able to implement this support as well.

The functionality of a
scriptlet can be written in any scripting language,
including but not limited to JavaScript and VBScript.

On other platforms, the
implementation will have to be somewhat changed, but on
the Win32 platform, the Scriptlet MIME type exploits new
IE 4 features so that Scriptlets use a COM object to
accomplish their work.

This COM object
encapsulates Trident, the IE HTML rendering engine, and
hides most of its functionality. In this way it is
different from the Web Control object that exposes
Trident to its users. Instead, the scriptlet component
exposes the interface of the Web page that is loaded.

This exposure is
accomplished by loading the page into Trident and letting
Trident run the page’s script normally. Once
completely loaded, the scriptlet component is ready to
interact with its container. The container in the pure
Web case is of course Internet Explorer, but any COM
container, including a Visual Basic program or even
Microsoft Word, can insert a scriptlet control just like
any other ActiveX control.

The Scriptlet Component
bridge layer then acts as a broker, passing requests for
properties and methods into the scriptlet and passing
events out of it. The bridge also performs certain basic
housekeeping functions such as negotiating the size of
the scriptlet between the container and Trident.

Security
considerations

Scriptlets are as secure
as Dynamic HTML and script itself. A scriptlet
furthermore recognizes when it is placed in a secure
container, such as Internet Explorer, and obeys the
security policies of its container.

In general, to operate
correctly, a scriptlet must be loaded from the same Web
server as its container page. These are the same
restrictions in force for Java applets, for example.