Features

Core library

  • Supports all major browsers (Firefox/Gecko, Internet Explorer, Safari, Chrome, Konqueror, and Opera) but also plain HTML browsers (tested with Links and Lynx).
  • Develop and deploy on Unix/GNU Linux (gcc) or Microsoft Windows (Visual Studio).
  • Equal behavior with or without support for JavaScript or AJAX, as far as possible, by using graceful degradation or progressive enhancement (the latter using the progressive bootstrap method).
  • Integrated Unicode support (UTF8/UTF16).
  • When AJAX is available, only changes are rendered.
  • Two-phased rendering of changes to the web page, with first visible, and in the background invisible changes (when AJAX is available). When AJAX is not available, only visible contents is rendered.
  • Configurable session tracking options that include URL rewriting and cookies.
  • Support for browser history navigation (back/forward buttons and bookmarks), pretty URLs, and search engine optimization with a unified behavior for plain HTML or AJAX sessions.
  • High performance, allowing deployment on low-end embedded devices, or energy-, space- and budget-friendly deployment of Internet or extranet web sites.
  • Completely based on async I/O: sessions are not tied to threads, and neither do delayed responses (e.g. for server push) block threads. Instead, threads are needed only to improve concurrent request handling or for reentrant event loops.

Event handling

  • Uses a typesafe signal/slot system for event handling.
  • Listen for keyboard, mouse and focus events, and get event details (such as mouse position, modifier buttons, or keyboard key).
  • Automatic synchronization of form field data.
  • Dynamic C++-to-JavaScript translation, by specifying stateless slot implementations. A single C++ slot implementation provides both client-side and server-side event handling: visual changes at client-side and application state at server side.
  • Possibility to hook in custom JavaScript (e.g. for client-side only event handling), and emit C++ signals from this custom JavaScript.
  • Drag&Drop API.
  • Supports timed events and built-in support for server-initiated updates ("server push")

Native painting system

  • Unified painting API which uses the browsers native (vector) graphics support (inline VML, inline SVG, or HTML 5 canvas), or renders to common image formats (PNG, GIF, ...) or vector formats (SVG, PDF).
  • Supports arbitrary painter paths, clipping, text, images, transformations, drop shadow.
  • Use the painting API in conjunction with a WPaintedWidget, or directly using the WSvgImage, WPdfImage or WRasterImage paint devices.

GUI components

See also the Widget gallery for an interactive overview of built-in functionality.
  • Basic widgets (buttons, HTML anchors, checkboxes and radio buttons, combo boxes, containers, file upload control, images, labels, line edits, buttons, etc..
  • Form widgets have built-in support for client-side and server-side validation using WValidator classes.
  • Composite widgets (that are built on top of basic widgets, and use only the Wt public API): calendars, sliders, trees and tree tables, menus, in-place edits, virtual images, panels.
  • Modal and non-modal windows (dialog and message boxes).
  • Built-in internationalization using messages resource bundles.
  • Ext Wt widgets that internally use Ext JS 2.0.1 JavaScript widgets. A large subset of the ExtJS widgets have been wrapped as C++ widgets.
  • Supports sounds for event feedback.
  • Flexible charting widgets (cartesian charts and pie charts) based on the native painting API, and Wt's MVC infrastructure.

Built-in security

  • Kernel-level memory protection protects against privacy issues arising from programming bugs, since sessions can be completely isolated from each other (in dedicated-process mode).
  • Supports encryption and server authentication using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) through HTTPS.
  • Enables continuous use of HTTPS through low bandwidth requirements (fine-grained AJAX).
  • Built-in Cross-Site Scripting (XSS) prevention. Rendered text is always filtered against potentially malicious code, making XSS attacks against Wt applications (close to) impossible.
  • Not vulnerable to Cross-site Request Forgery (CSRF) because cookies for session tracking are optional, and even when used, they are never solely relied on for requests that trigger event handling code.
  • Not vulnerable to breaking the application logic by skipping to a particular URL, since only those events exposed in the interface can be triggered.

Object Relational Mapping library

Wt::Dbo implements Object-Relational mapping, and thus a convenient way to interact with SQL databases from C++. Although features like optimistic concurrency control make this sub-library an ideal companion for a database driven web application, the library can even be used for off-line or other applications (and does not depend on Wt). The ORM library (which diserves an introduction by it own in this tutorial) has the following features:
  • No code generation, no macro hacks, no XML configuration, just C++!
  • Uses a templated visitor pattern which requires a single template method to provide the mapping: DRY and terribly efficient!
  • You can indicate surrogate auto-incremental keys or map natural keys of any C++ type, which may also be composite (i.e. require more than one database field).
  • Supports optimistic concurrency control using a version field.
  • Maps Many-to-One and Many-to-Many relations to STL-compatible collections.
  • Provides schema generation (aka DDL: data definition language) and data manipulation language (aka DML: data manipulation language).
  • Prepared statements throughout.
  • Session tracks dirty objects and provides a first-level cache.
  • Flexible querying which can query individual fields, objects, or tuples of any these (using Boost.Tuple).
  • Connection pools from which connections are used only during an active transaction.
  • Comes with Sqlite3 and PostgreSQL backends. A MySQL backend (GPL only) is maintained by the community (Paul Harisson).

Testing

With Wt, event handling code constructs and manipulates a widget tree, which can easily be inspected by test code. Therefore, a test environment allows your application to be instantiated and events to be simulated in absence of a browser, short-cutting the underlying request/response cycle that would otherwise require a simulated browser.

Deployment

a) FastCGI
  • Integrates with most common web servers (apache, lighttpd).
  • Different session-to-process mapping strategies.
  • Hot deployment: new sessions use the new application version while older sessions may continue with their application version.
  • Simultaneous handling of requests within and in between sessions (using multi-threading)
  • Debug using gdb or valgrind.
  • Available only for UNIX platforms.
b) Built-in httpd
  • Simple, high-performance web application server (multi-threaded, asynchronous I/O) based on the C++ asio library.
  • Supports both HTTP and HTTPS using the OpenSSL library.
  • Supports response chunking and compression
  • Single process (convenient for development and debugging).
  • Available for both UNIX and Win32 platforms.
  • Supports deployment behind a ProxyPass'ing (and if needed, load-balancing) web server.