Fully open source.
Hybrid single page framework with full support for
browser history navigation and SEO.
Compatible with HTML5 and HTML4 browsers, but also plain
HTML user agents (including web crawlers).
Develop in and deploy on Linux, UNIX (macOS, FreeBSD, ...), or Microsoft
Windows (Visual Studio and MinGW) environments.
- High performance (you'd expect nothing else from a C++
library), using asynchronous I/O throughout, multi-threaded,
optimized rendering, ...
- Typesafe C++11 signal/slot API for responding to
events: attach C++ code (such as C++11 lambdas or bound
object methods) to react to events from keyboard, mouse,
touch, history navigation, etc.
Automated and efficient synchronization of browser
and server state, using incremental rendering updates.
- Server-initiated updates using WebSockets with
automatic fallback to Ajax long polling.
2D and 3D painting APIs
2D painting API which leverages the browsers native
(vector) graphics support (HTML5 canvas, inline SVG or
inline VML), but can also render to common image formats
(PNG, GIF, ...) or vector formats (SVG, PDF).
Unified hardware-accelerated 3D painting API which
leverages WebGL in the browser or server-side OpenGL
Integrated capable HTML/CSS renderer lets you generate
high quality dynamic PDF reports easily.
In dedicated process mode:
ability to leverage kernel-level memory protection to
Built-in Cross-Site Scripting (XSS) prevention. Rendered
text is always filtered against potentially malicious
code, making XSS attacks against Wt applications
(close to) impossible.
Built-in Cross-Site Request Forgery (CSRF)
prevention. Using cookies for session tracking is not
necessary nor recommended. Cookies are never solely
relied on for requests that trigger event handling code.
Application logic attack prevention. Only those events
exposed in the interface (accessible from a button, for
example) can be triggered.
- Session hijacking mitigation and risk prevention
- DoS mitigation
- Authentication module which implements best practices for
authentication, including support for OAuth 2.0 and OpenID Connect
C++ Object Relational Mapper
Wt::Dbo is a self-contained library which implements an
Object-Relational Mapper (ORM) for C++, and thus a convenient
way to interact with SQL databases from C++.
Although features like optimistic concurrency control make
this an ideal technology for a database driven web
applications (and it provides good integration with Wt's
MVC classes), the library can also be used for other
applications, and does not depend on Wt.
See also this
tutorial for an idea of what Dbo looks like.
No code generation, no macro hacks, no XML configuration, just C++!
Uses a templated visitor pattern which requires a single
template method to provide the mapping: DRY and efficient.
Flexible mapping support which includes support for
surrogate auto-incremental keys or natural keys of any
C++ type, which may also be composite (i.e. require more
than one database field).
optimistic concurrency control
using a version field.
Maps Many-to-One and Many-to-Many relations to STL-compatible
Provides schema generation (aka DDL: data definition language)
and CRUD operations (aka DML: data manipulation language).
Transactions, prepared statements and connection
Each session tracks dirty objects and provides a first-level cache.
Uses native SQL to query individual fields and/or objects.
Comes with Sqlite3, Firebird, MariaDB/MySQL, SQL Server and
PostgreSQL backends, and an Oracle backend is also
available on request.
The library abstracts different deployment options as connector
libraries, which connect Wt with the outer world. Switching deployment
option is a matter of (re)linking to one of these connector libraries!
When in doubt, pick the built-in httpd. It's convenient,
battle-tested, and supports the most features.
a) Built-in httpd
Simple, high performance web application server (multi-threaded,
asynchronous I/O) based on the C++ asio library.
- Supports the HTTP(S) and (Secure) WebSocket protocols.
- Supports response chunking and compression.
Can be deployed as a single process (convenient for
development and debugging) or multiple processes (e.g. a
separate process per session), and is embeddable in an
Host multiple applications on the same server, by
bolting a reverse proxy in front.
- Available for Linux, UNIX, and Windows platforms.
Legacy protocol that integrates with most common web
servers (apache, lighttpd).
- Different session-to-process mapping strategies.
Hot deployment: new sessions use the new application version while
older sessions may continue with their application version.
- Available only for Linux and UNIX.
- Integrates with Microsoft IIS server.
- Uses the ISAPI asynchronous API for maximum performance.
- Available for Windows.