HTML 5 and Comet
Comet doesn’t have to be a hack. Currently, as we saw last time, Comet relies on undocumented loopholes and workarounds, each one with some drawbacks. We can make Comet work effectively in every browser, using streaming transports on subdomains of the same second-level domain, or using script tag long polling across domains. But this leaves Comet developers implementing (and more frustratingly, debugging) several transports across several browsers. Traps are numerous and easy to stumble into.
Recognizing the benefit of a straight-forward, standardized Comet technique, the WHATWG’s HTML 5 specification includes sections about server-sent events, and a new event-source
element, which aim to de-hackify Comet. For now, only Opera has implemented these, and its implementation remains incomplete, but both Mozilla and Apple have committed to HTML 5, and an implementation is at least in-the-works for Safari.
Every Comet developer should familiarize himself with these specifications, because they provide the best streaming transport for Opera since version 8.5, and can only grow in importance as browsers adopt them. Furthermore, HTML 5 is a work-in-progress, and now is the best time to provide feedback to the WHATWG. Those interested in the future of Comet should comment now, before the specifications have been repeatedly implemented and can no longer be easily modified.
Basics of the server-sent events data format
The server-sent events portion of HTML 5 defines a data format for streaming events to web browsers, and an associated DOM API for accessing those events, by attaching callback functions to particular named event types. The format, which is sent by a Comet server with content type application/x-dom-event-stream
, is straight-forward. Each event is made up of key-value pairs. For example:
key 1: this is the value associated with key 1
key 2: this value for key 2 stretches
key 2: over three lines, which are concatenated
key 2: by a browser supporting server-sent events
; these lines, which each begin with a `;`, are
; comments, and are ignored by the browser
key 1: after a pair of newlines, this is a new
key 1: event, with its own set of key-value pairs
; the following key has an empty corresponding value
empty key
...
Each key-value pair is known as a field, and several special fields are defined in the specification. In particular, the Event
field names the event as a specific type. The browser can attach different callback functions to specific named event types. If omitted, the event type is assumed to be message
. Also, though it is only mentioned in examples, the data
field is useful for our event payloads.
So an event stream sent by Orbited might look something like:
Event: orbited
data: this is our event payload for the
data: first Orbited event
Event: orbited
data: this is the payload for the second
data: Orbited event
Event: ping
data: /o/
Event: orbited
data: here's the third Orbited event
...
The specification mandates that all files are UTF-8, but considers any of carriage return (/r
), line feed (/n
), or both (/r/n
) an acceptable newline—in the browser, multiple lines of a single field are joined with /n
alone.
The event-source element
Server-sent events are received by objects supporting the RemoteEventTarget
interface, which merely means that they support two methods, addEventSource
and removeEventSource
, each of which takes a URI string as input, and adds or removes it, respectively, from the list of event sources for the object.
In addition to any JavaScript objects supporting server-sent events, HTML 5 defines an event-source
HTML element, which declaratively indicates the use of a Comet source in a web page. As well as supporting the addEventSource
and removeEventSource
methods, the event-source
element has a src
attribute. When the src
is changed, the event-source
closes its previous connection, and opens a new Comet connection to the new URI.
Cross-domain usage
HTML 5 allows connections across domains, through use of the Access-Control
HTTP header, as defined in a separate W3C specification (which applies identically to normal XHR usage and to server-sent events). A request is made for a resource as usual, but if that resource on the server (in this case, an event stream from a Comet server), includes the Access-Control
HTTP header with values allowing the use of the resources, browsers will treat it as if it came from the same domain as the main document. If the header is not found, or if it denies the requested use, browsers will behave as if the resource does not exist (so that denied requests reveal no information about the resource).
Additionally, HTML 5 defines a “cross-document messaging” mechanism, which allows cooperation between documents (perhaps in iframe
s, etc.) from different domains, using a postMessage
function.
Opera’s implementation
Opera has, since version 8.5, implemented a subset of these HTML 5 technologies. Opera versions since 8.5 support the event-source
element, and recent versions have pure-JavaScript interfaces as well.
To support versions back to 8.5, we must create event-source
elements, set their src
attribute, and attach them to the document. Then we can add “event listener” callback functions to the event-source
for each type of named event in the event stream. In Orbited, we use the following JavaScript to accomplish this:
connect_server_sent_events: function () {
var es = document.createElement('event-source');
es.setAttribute('src', this.url);
document.body.appendChild(es);
var event_cb = this.event_cb;
es.addEventListener('orbited', function (event) {
var data = eval(event.data);
if (typeof data !== 'undefined') {
event_cb(data);
}
}, false);
},
Where this.event_cb
is some callback function, a property of the Orbited
object, which will receive the event payload of every orbited
event. By default we send payloads in JSON format, so eval
ing each yields a JavaScript object.
Also, it is quite easy to test browsers for server-sent events support from JavaScript, using code something like:
if ((typeof window.addEventStream) === 'function') {
// ... browser supports server sent events
} else {
// ... no support. fall back on another transport
}
Caveats
Opera’s implementation differs from the specification in a few key ways, however, so Comet application authors must be careful.
- Opera ignores events without a defined
Event
field, rather than assuming its value to bemessage
. It is possible to include multiple named event types, attaching separate event listeners for each type. - Event payloads must be in the
data
field. A callback attached to the event source will receive anevent
object as input, withevent.data
set to the value of thedata
field. - At present, Opera only supports linefeed (
/n
) characters as newlines in event streams, and will silently fail if carriage returns are used in newlines (/r/n
and/r
are not supported newlines).
Legacy support
Even though Opera is the only browser to natively implement server-sent events, it is possible for a Comet server to treat the last several versions of Safari and Firefox as if they did, with a few caveats. We can use a modified XHR streaming technique (as described in part 1), and implement our own parsing for the application/x-dom-event-stream
format (at least the version supported by Opera) in JavaScript. To pull this off we must make one concession to Safari: 256 bytes of dummy data at the beginning of our event stream, so that Safari will begin incremental parsing.
Our Comet server can then be blissfully unaware that these browsers have no real server-sent event support, and we can get away with implementing only two transports on the server side: the iframe transport, supported by most browsers since at least 1999 or 2000, and—using the htmlfile ActiveX object—capable of a flawless user experience back to Internet Explorer 5.01; and server-sent events.
To make them still more compatible, we might be able to build support for event-source
into Firefox and Safari using JavaScript alone, creating objects supporting the addEventSource
, removeEventSource
methods, and capable of dispatching named event types to event listeners. Adding such support would require deeper magic than I currently possess as a journeyman JavaScript hacker; if any masters can shed insight, please comment here, or shoot an email to the Orbited mailing list.
In Orbited, we have not yet tried reducing XHR streaming to server-sent events for Firefox and Safari, but it is on the to-do list.
Arbitrary DOM events and controversy
In addition to this straight-forward Comet transport, server-sent events provide more general, and potentially powerful, capabilities, whose complexity is somewhat controversial. Indeed, the whole server-sent events section of the specification currently includes a notice that it may be removed. I expect that it will change at least somewhat from its current form before the specification is finished.
The specification demands that every element supporting the EventTarget
interface should also support the RemoteEventTarget
interface. A Comet server can thereby send arbitrary DOM events to page elements. This includes events such as mouse clicks, key presses, etc. As specified, event streams can also include a Target
field, which can target events to the top level of the document, or to specific element IDs. And browser vendors could, if they desired, add further objects supporting the RemoteEventTarget
interface, potentially enabling declarative Comet applications.
So the theory goes. Many of us Comet developers, including Michael Carter and Alex Russell (in a recent IRC discussion), remain unconvinced that there is a benefit in pushing application logic from browser-side JavaScript to the server side. We expect that real-time applications will always have a significant need for client-side logic, so the specification may as well embrace that—and remain as simple as possible. Specification simplicity benefits not only browser vendors who must build conforming and compatible implementations but also Comet developers who must learn its ins and outs.
But I hope server-sent events are not scrapped altogether. Comet would benefit greatly from specification and intentional browser support. The version supported by Opera strikes a reasonable balance, meeting the needs of Comet developers without going beyond those needs.
Conclusion
With improving browser support, creation of more high-quality open-source Comet servers, better developer resources such as Comet Daily, and the examples provided by big-name Comet applications, Comet’s future looks bright. Any standardization efforts by browser vendors that further reduce barriers to entry will only lead to more and better Comet applications.
HTML 5 is coming, with at least Opera, Apple, and Mozilla committed to its adoption, and one way or another it will include improved Comet support. But the Comet-related portions of HTML 5 are still very much unfinished, and in need of feedback from browser vendors and from us, the community of Comet developers. The discussions are transparent and easy to join, and time for action is now. We should figure out what we need and tell the W3C and the WHATWG about it. They are all ears.