The risks of cancelling AJAX calls client-side

AJAX has completely changed the way web pages (and web developers) work, and has given web applications around the world a much needed boost. But as they say, with great power comes great responsibility and anyone from a traditional web development background needs to be careful about the implications of making numerous AJAX calls without considering the cost in server resources.

Bear in mind that if you have lengthy or resource-intensive operations on the server that are triggered by AJAX calls from your web page, they will continue to run  server-side regardless of whether the request has been cancelled at the browser by a call to XmlHttpRequest.abort. This is a problem I noticed very quickly when working in the investment banking analytics industry, because the workload on our servers (especially the SQL servers) was intense and the risk is that you could end up with multiple concurrent requests running on your web and SQL servers, eating up processor time, memory and disk resources for absolutely no reason because the user had already cancelled them client-side. And if you don’t safeguard against it, you will quickly run into scalability issues not unlike a DDoS attack, where your servers become overloaded.

So pay particular attention to this in your website design. The simplest and most fool-proof way to prevent a user repeatedly making the same AJAX call is to disable the control which triggers it when the call starts, and then re-enable it when a response (whether it’s success or error) is received. It sounds ridiculously obvious but more often than not, the best software solutions are the simplest ones. Don’t be tempted to over-complicate your client-side synchronisation – I’ve been there and it can get very messy very quickly!

Advertisements

About Phil Munro

I have been developing commercial desktop and distributed web applications with Microsoft technologies since 1997.
This entry was posted in AJAX. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s