Given the popularity of Facebook, it's ability to scale well (at least compared to peers like Twitter), and the openness and evolution of its platform, I was very interested to dive into this chapter. I'm normally in favor of chapters that dig down into the implementation details of solutions so I have something to sink my teeth into rather than just the generic, abstract concepts. This chapter reminded me of the old adage "be careful what you wish for." This chapter was much to long because it was bloated with sample code and detailed discussions of implementation strategies that added nothing to what I gleaned from the high-level overview provided. I found myself about eight pages into the chapter wondering when I'd come across the first noteworthy passage.
With that angry tirade out of the way, I was impressed at how Facebook gave external developers a suite of tools that used familiar interfaces. Those seemingly easy-to-use tools provide what I imagine to be an unprecedented level of flexible integration not only of Facebook's data into their own applications but also, and more surprisingly, of their applications into Facebook itself. I am somewhat concerned, however, that by exposing FQL and FBML, which get lexed and parsed by custom routines, they may be introducing some security vulnerabilities. SQL and HTML have had many years with many pairs of eyes scouring them for ways to fix their vulnerabilities. Even if Facebook has some of the smartest people possible working for them, I think that the incredibly high ratio of black-hat hackers to those trying to secure the platform may come back to bite them.
I think the juxtaposition of the REST chapter with this one made me a bit more skeptical of Thrift and the traditional API that Facebook used to expose its data. I also don't understand which of the "benefits" the author associated with Thrift a) would be considered beneficial and not detrimental by the author of the previous chapter and b) what Thrift provides that SOAP doesn't. Granted, my knowledge of both SOAP and Thrift are limited, but I don't think the author helped me out at all. I also found it strange that in the text leading up to the FQL section, the author said that FQL "casts platform data as fields and table rather than simple loosely defined objects in our XML schema." I thought one of the benefits of Thrift was supposed to be good handling of typing.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment