Building a Better Photo Uploader

Visit the post for more.

Chris Putnam
5 min readbeginner
--
View Original

Overview

The article discusses Facebook's significant upgrade to its photo uploader, focusing on the transition from a third-party ActiveX control to a modern, secure, and efficient uploader built with HTML and CSS. It outlines the goals, implementation, security measures, and the rollout plan for the new uploader.

What You'll Learn

1

How to create an asynchronous file uploader using JavaScript APIs

2

Why using a headless browser plug-in enhances user experience in web applications

3

How to ensure security in browser plug-ins through local web servers

Key Questions Answered

What are the main goals for the new photo uploader at Facebook?
The main goals for the new photo uploader include eliminating dependency on Java, enabling asynchronous uploads, ensuring UI integration with Facebook's design, allowing easy UI iteration, and facilitating secure and seamless updates. These objectives aim to improve the overall user experience and address previous complaints.
How does the new photo uploader handle security?
The new photo uploader implements several security measures, including running a local web server bound to 127.0.0.1, refusing to operate on non-Facebook domains, and using a secure download verification process. Additionally, it features a remote 'kill switch' to deactivate the plug-in if a security vulnerability is detected.
What technologies were considered for the new uploader before deciding on a headless browser plug-in?
Before choosing to build a headless browser plug-in, Facebook considered existing technologies like Adobe Flash, Google Gears, and Yahoo! Browser Plus. However, none of these options provided the specific functionalities needed for the new uploader.
What is the installation process for the new photo uploader plug-in?
The installation process for the new photo uploader plug-in is designed to be seamless. Users are prompted to install the plug-in, which can be done via a small applet if Java is installed or through a direct download link for their platform, all without requiring a browser restart.

Key Statistics & Figures

Percentage of users unable to upload photos due to technical issues
Significant percentage
This statistic highlights the necessity for a new uploader as many users faced challenges with the old system.

Technologies & Tools

Some links below are affiliate links. We may earn a commission if you make a purchase.

Frontend
Javascript
Used to create custom APIs for the new photo uploader.
Frontend
HTML
Used to build the uploader's user interface.
Frontend
CSS
Used to style the uploader's user interface.

Key Actionable Insights

1
Implementing asynchronous uploads can significantly enhance user experience by allowing users to interact with the application while uploads are in progress.
This approach is particularly useful in applications where users may need to perform multiple tasks simultaneously, reducing frustration and improving overall satisfaction.
2
Building a headless browser plug-in can provide powerful JavaScript APIs that enhance functionality without compromising security.
This method allows developers to leverage existing web technologies while ensuring that sensitive operations, like file uploads, are handled securely.
3
Prioritizing security in plug-in development is crucial, especially with features like remote deactivation and secure download verification.
These measures help maintain user trust and protect against potential vulnerabilities that could be exploited by malicious actors.

Common Pitfalls

1
Relying on outdated technologies like ActiveX can lead to user frustration and technical issues.
This often occurs when developers prioritize legacy systems over modern solutions, resulting in a poor user experience and increased support requests.