Wt: an introduction

Wt (pronounced as witty) is a C++ library for developing web applications.

The API is widget-centric and uses well-tested patterns of desktop GUI development tailored to the web. To the developer, it offers abstraction of web-specific implementation details, including client-server protocols, event handling, graphics support, graceful degradation (or progressive enhancement), and URL handling.

Unlike many page-based frameworks, Wt was designed for creating stateful applications that are at the same time highly interactive (leveraging techinques such as WebSockets and Ajax to their fullest) and accessible (supporting plain HTML browsers), using automatic graceful degradation or progressive enhancement. Things that are natural and simple with Wt would require an impractical amount of effort otherwise: switching widgets using animations, while being perfectly indexed by search robots with clean URLs, or having a persistent chat widget open throughout, that even works in legacy browsers like Microsoft Internet Explorer 6.

The library comes with an application server that acts as a stand-alone Http(s)/WebSocket server or integrates through FastCGI with other web servers.

Interactive, secure and accessible

Page-based web frameworks (Django, Ruby on Rails, PHP, etc...) do not attempt to abstract underlying technologies (HTML/XHTML, JavaScript, CSS, Ajax, WebSockets, Comet, Forms, DHTML, SVG/VML/Canvas). As a consequence, a web developer needs to be familiar with all of these evolving technologies and is also responsible for graceful degradation when browser support is lacking. The structure of many web applications still follows mostly the page-centric paradigm of early day HTML. This means that not only will you need to implement a controller to indicate how a user moves from page to page, but when using advanced Ajax or WebSockets, you will need to design and maintain your client-server communication.

Pure Ajax frameworks on the other hand require tedious JavaScript programming to deal with browser quirks, and client-server programming to interact securely with server resources. These applications usually are not compliant with accessibility guidelines and cannot be indexed by a search robot.

Generating HTML code or filling HTML templates is prone to security problems such as XSS (Cross-Site-Scripting) by unwillingly allowing JavaScript to be inserted in the page, and CSRF (Cross-Site Request Forgery) by trusting cookies for authentication. These security problems are hard to avoid in traditional frameworks when as a developer you need to implement JavaScript functionality and thus the framework cannot filter it out.

In contrast, a web application developed with Wt is developed against a C++ API, and the library provides the necessary HTML, CSS, Javascript, CGI, SVG/VML/Canvas and Ajax code. The responsibility of writing secure and browser-portable web applications is carried by Wt. For example, if available, Wt will maximally use JavaScript, Ajax and even WebSockets, but applications developed using Wt will also function correctly when JavaScript is not available. Wt will start with a plain HTML/CGI application and progressively enhance to a rich Ajax application if possible. With Wt, security is built-in and by default.

Typical use scenarios:

  • High performance, complex web applications which are fully personalized (and thus cannot benefit from caching), fully Ajax enabled and at the same time entirely accessible and Search Engine Optimized.
  • Web-based GUIs for embedded systems benefit from the low footprint of a C++ web application server.
  • Web-based GUIs that require integration with (existing) C++ libraries, for example for scientific or engineering applications, or existing C++ desktop applications.

Other benefits of using Wt

  • Develop web applications using familiar desktop GUI patterns.
  • Provides an extensive set of widgets, which work regardless of JavaScript availability (but benefit from JavaScript availability).
  • A single specification for both client- and server-side validation and event handling.
  • Optionally, use XHTML and CSS for layout and decoration.
  • Generates standards compliant HTML or XHTML code.
  • Portable, anti-aliased graphics optimized for web usage (using inline VML, inline SVG, HTML5 canvas or PNG images), which can also be used to render to PDF.
  • Avoid common security problems since Wt has complete control over the presentation layer and proactively filters out active tags and attributes, does not expose business logic, and simplifies authentication using a stateful design.
  • Ultra-fast load time and low bandwidth usage, which are affected only by screen complexity, not application size. Wt implements all the common tips and tricks for optimizing application responsiveness and even optimizes per browser.
  • A simple API with a robust cross-browser implementation for server-initiated events aka server push (using comet or WebSockets).
  • Use the built-in httpd for easy development and deployment, or use the FastCGI/ISAPI connectors to deploy in existing web servers.