Chat Applications are analogous to Web Applications and Web 2.0, but using Synchronous JavaScript and XML (along with JSON and other Mime Types that have been used with AJAX) over PSYC instead of engaging in HTTP Abuse such as polling.
Contents |
Protocol Details
The preferred way to implement this on a Protocol level would be for the client to announce the Mime Types that it will accept when it Joins or Subscribes to a context. The _format variable is used with values like _HTML to indicate the kinds of content that a client is willing to receive. Multiple _format declarations are assumed to be ordered by preference with highest preference first, but applications may choose to send content in any format accepted. It is always assumed that the client will accept _text and _surf formats, so if these are specified then it is indicative of preference.
Application Details
Chat Applications implemented in psyced programmable rooms should use Inheritance rules to determine what format to send to the client. Applications are not required to respect preference order, but should do so when reasonable for the content served.
Content formats like HTML that have a root element will replace the current contents of the content window when the root element is included. In the absence of a root element, the content of a new message is inserted into the content window at an arbitrary point (usually at the end of the document).
The application should favor psyc:// URIs for linked content where possible, but may specify other protocols as necessary.
Applications should override form submissions with a JavaScript method to submit forms via PSYC so as to avoid placing an undue burden on client developers.
Client Details
It is assumed that a client implementing HTML will also implement PSYC, HTTP and other URL schemes anticipated in HTML content.
For clients that do not implement JavaScript, forms submitted to a psyc:// URI should not be HTTP URL encoded, but will be submitted as PSYC variables. The method specified for the form will be provided for reference, e.g. _form_method_POST, but will not alter the actual means of submission.
The usual considerations of handling HTML content apply; Escape text before insertion and apply due diligence with respect to executing code from possibly untrusted sources. Be aware that CSS is as much a security consideration as JavaScript.
Miscellaneous Implementation Details
We should probably work out some JavaScript libraries for application developers to provide finer control over where differing message types are inserted into the content window.
Content types are likely to include _HTML, _JSON, _text and _surf initially. Library support makes implementation attractive for _XML, _SVG, and a couple other content types.