This example implements a simple chat client and server. Using
server-initiated updates, you can easily push events from one
user to other users. Server-initiated updates are implemented using
Ajax long polling or HTML5 WebSockets.
It also illustrates nice benefits of a class-based approach to web
application development: you can easily instantiate the same widget
class multiple times. The SimpleChatClient widget may be reused just
as you reuse basic Wt widgets such as a push button.
The chat application is also available as a Widget which can
be embedded in another page (very much like how you integrate a
Google Maps widget inside another application). You could embed the
chat in a homepage as follows:
<div id="chat"></div>
<script src="//www.webtoolkit.eu/wt/examples/simplechat/chat.js?div=chat"></script>
This uses Cross-Origin Ajax/WebSocket requests (if the browser
supports this, falling back to old tricks if not) to communicate
from a HTML origin page to a server hosting the Widget possibly from
a different domain.
Interactive applications like these, which allow users to post HTML
text to other users, are notorious for cross-site-scripting (XSS)
attacks: a user enters malicious (javascript) code as part of
his message. When another user renders this message, it may transmit
unwanted private information retrieved from, for example, browser
cookies. Wt prevents such attacks completely, and without any
responsibility to the developer, since widgets such as WText ensure
that what is displayed is only passive text, discarding anything
that is not strictly text.