News Roundup: Handlebars, Page Speed, and XAuth
Handlebars.js is a new project from Yehuda Katz that aims to be a more flexible, performant superset of the Mustache templating language. In his blog post announcing the project, Katz identified a few of the ways in which Handlebars is an improvement over Mustache. One of the biggest changes is that Handlebars templates are compiled instead of interpreted. This is a big win in a couple of ways: in addition to the performance benefits of compiled templates, you also get additional methods that can be called on the parsed/compiled content.
The bulk of the other improvements have to do with the way Handlebars deals with blocks and contexts. For instance, Handlebars takes advantage of the fact that iterations and booleans are just special cases of block helpers, and so handles those (and other) blocks with a general method that is invoked whenever there isn’t a helper method specified. As far as the context stuff goes, Handlebars gives your helpers access to the global context, so the lambdas in those helpers can behave differently in different object contexts. In Mustache, you would have to constantly rebuild your objects to get similar behavior.
All in all, Handlebars looks like a tremendous improvement over Mustache, and a pretty solid piece of engineering. Take a look at the project over on Github, and take it for a spin.
Webpagetest and Page Speed
WebPagetest.org has now added Google’s Page Speed SDK into it’s performance metrics. So now when you analyze a page with WebPagetest, you’ll get back a lot of the same data that you would have if you had run Page Speed yourself locally. As the Page Speed integration continues the WebPagetest reports will look more and more like what you’re used to getting from Page Speed.
Zakas on XAuth
This week, Nicholas Zakas has a nice blog post up about the new XAuth framework for cross-site authentication. Basically, XAuth lets a site see what other XAuth-enabled sites a user is logged into and then show them more relevant content based on that. So for instance, instead of a site brandishing a long string of social network badges, asking you to add it to every single platform that has every existed, if that site used XAuth, it would know that you use Twitter and Facebook and only show you those links.
Zakas’s post, however, digs into how XAuth works under the hood, which is pretty interesting. XAuth uses localstorage to store its authentication tokens (as opposed to, say, cookies). However, access to localstorage data from one domain is strictly limited to that domain. XAuth gets around this by essentially building a server that runs out of an iframe, thus allowing access to those data from around the web. Check out Zakas’s post for all of the details as well as how to generalize the XAuth approach to cross-domain storage.