tags:

views:

51

answers:

2
+2  Q: 

What are recommended programming patterns for passing identifiers/keys between server and client?

If I need to keep track of a key or token that identifies a resource being displayed and modified in the browser, what are the some of the programming patterns used?

For example, if I display a list of movies and hookup ajax calls for users to checkout or review those movies, I'm assuming I would embed the identifier in the html which would then be passed back to the server.

Is it bad practice to use database keys? Is it bad practice to expose the identifiers in hrefs?

+1  A: 

I don't consider a bad practice to expose a resource identifier to the clients. Doing so could overcomplex your system without any reason. If the database key is in fact your entity key, you can use it transparently.

The only pattern I can remember for displaying and editing data on the client side is DTO.

About the HREFs and your identifiers, a REST architecture would even recommend you to do so. It is a common practice ; )

Hope it helps you.

SDReyes  2010-07-15 02:28:37
A: 

To start off, I do suggest using URIs to identify stuff. It's central to how the web works.

Exposing your database IDs to the client isn't too bad, but you should consider:

  • Clients that know about database IDs and use them to do stuff are introducing a subtle form of coupling. The more clients expect of these IDs (e.g. that they're unique) the more coupling there is.
  • Do the clients need to know that the items have database IDs at all? Perhaps it's OK to expose the ID buried inside a URI. Clients have no business disecting URIs to figure stuff out, so you're not strictly exposing it.
  • If the clients need database IDs, could that be merely as a display identifier? You could then embed the database ID in the data going over the wire, but mark it up in such a way that it's understood that the ID should only be used to show users the identifier, in case they have a vested interest (because the ID is leaked elsewhere).

Removing the database ID from the URI suggest having another unique identifier which is not a primary key in some database.

Consider how e.g. Twitter's own twitter account has a list of the team:http://twitter.com/twitter/team The well designed URI exposes very little, so they could change their entire implementation without URIs being a problem. A single tweet on twitter has something which looks like a primary key http://twitter.com/meangrape/status/18622784109 but who's to know.

mogsie  2010-07-15 19:37:13

related questions

Web framework programming mindset
ASP.NET - asp:xxx Controls versus standard HTML
From Desktop to Web browser considerations
Which PHP Framework will get me to a usable UI the fastest?
Best practice for integrating TDD with web application development?
How to Manage Web Development?
When is a file just a file?
Recommendations for browser add-on tools to help with development
REALLY Simple Website--How Basic Can You Go?
Convince Firefox to send an If-Modified-Since header over HTTPS
What do the getUTC* methods on the date object do?
Planning and Building a mobile enabled site for your main site.
Firebug for IE
Javascript and PHP - Login Script with hidden buttons
Firebug won't display console feeds for some of my sites
Displaying ad content from Respose.WriteFile()/ Response.ContentType
How can I detect if a browser is blocking an popup?
How to Test Web Code?
What PHP framework would you choose for a new application and why?
How do you disable browser Autocomplete on web form field / input tag?
What is Progressive Enhancement?
In HTML, how to word-break on a dash?
The Definitive Guide To Website Authentication
How do you test layout design across multiple browsers/OSs?
How much of the Web build process do you/should you automate?