You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

Guidelines

  • Reduce number of screens required for actions
  • Reduce number of clicks (e.g. feedback should be in a div which appears instead of a popup that requires an OK).  Note: the div should have a close button not auto-close
  • Have the UI be usable by keyboard without requiring the mouse
  • Do not keep stuff in session, just cache globally, and use request.  The only things in session would be things that can be cached for the user but figured out if needed.  e.g. authentication information.  The app should be able to be used in a load balanced environment with session clustering.  No unserializable stuff in session

Security

  • All methods should be POST, though if GET is required, have a whitelist
  • Prevent CSRF by having a key (SESSIONID?) which is transmitted with each request in a form variable (will this work for dhtmlx GET requests?).  Have a switch that turns this off

Ideas

  • Overall search screen should allow search for all grouper objects
  • Comboboxes should have filters (e.g. for which source)
  • Have recently used objects available
  • Have a screen with each type of UI widget it in it for browser testing

Help framework

  • No labels