Building upon the Social Web: Yahoo's Open Platform Deep Dive
Table of Contents
Background
This talk is available at
http://www.slideshare.net/jleblanc/uwash-hack-u-yos
http://upcoming.yahoo.com/event/1515889/
Yahoo! Open Tech Night Part 1 Thursday February 19, 2009 at 6:00pm University of Washington, Computer Science & Engineering, Paul Allen Atrium 185 Stevens Way Seattle, Washington 98195-2350
Jon LeBlanc: Scaling Open: Building upon the social web in a standard way.
Opening up core services, APIs, and data, Yahoo!'s Open Strategy lets developers build their own presence and reach a massive user base on Yahoo! and across the social web. The Yahooo Application Platform (YAP) implements OpenSocial and OAuth standards with Caja sanitation to provide a unified and secure container for development. With vitality feeds reaching across the Yahoo! network, this platform allows the development community to influence the course of future technologies on Yahoo!.
An introduction to Yahoo!'s open platform including our new social platform, application platform, YQL (Yahoo Query Language), and open search offering (BOSS and SearchMonkey). Meet Yahoo! Developer Network evangelists, and learn about building OpenSocial apps for Yahoo!'s vast audience and the social web.
Reviewed
Integrated Social Platform
Allow access to Yahoo!'s customer base for managing contacts.
Supports OpenSocial
Core focus is the use of connections / contacts
OAuth used
http://developer.yahoo.com/oauth/
Two and three legged versions available. Two-legged is easier to implement but will have limits on the type of data available to the client.
YML
http://developer.yahoo.com/yap/yml/
This is not FBML. Core set of tags (similar to jstl) to interact with Yahoo! services.
Caja is used to protect the container / user
http://code.google.com/p/google-caja/
Any sanitized code is considered "cajoled": the size of JavaScript cajoled by Caja is approximately 2 - 3x the original size.
JSLint is required
Clean JavaScript would be required in order to use Caja.
PHP is the core SDK
http://developer.yahoo.com/social/sdk/
Extensive skills at Yahoo! with PHP including the creator.
YQL
http://developer.yahoo.com/yql/
Built by the same team as Pipes. SQL-like access to data services from Upcoming to Travel to Flickr.
Deep Dive
Large vs. Small views
Access limited based on authentication and available access.
Two legged SDK is best initial authentication model
Much simpler than three-legged.
yml:a tag review
http://developer.yahoo.com/yap/yml/a.html
Encapsulates Ajax and DOM update functionality.
YQL
http://developer.yahoo.com/yql/
Multiple output format (e.g., JSON or XML).
Working with Caja
- Use OpenSocial JavaScript standards
- Use standard JSON parsing algorithms (these are white-listed)
- Use W3C standards
- Unit test all JavaScript (use layering approach to unit test then integrate)
Best practices for working with Caja should be available at
http://developer.yahoo.com/yos/
Once proficient with the system there isn't much maintenance but the initial start-up costs high.
Getting started
my.yahoo.com has about 30 applications. Even internal groups at Yahoo have significant changes needed before inclusion with the system.