JavaScript & Node.js APIs Best Practices

Do Not Block in Event Handlers and Listeners

Since JavaScript is single threaded, applications must not block in and should return as quickly as possible from message receive, event, and timer handler or listener code.

Behavior Profiles

Generally, Solace recommends using the latest version's factory profile when writing a new application. When modifying an existing application to use a new behavior profile, the differences between behavior profiles should be considered.

For more information on the JavaScript and Node.js APIs behavior profiles, refer to Initializing and Monitoring APIs.

Secure Connections Support

JavaScript API

When browser and web applications are using WSS or HTTPS secure connections, a client certificate is requested from the event broker during the SSL handshake. In order for connections to succeed, browsers may need to prompt the user which client certificates to use, if any, before connecting to a session. To facilitate this, the following steps are required:

1. Define and load an invisible iframe with a target of https://<router-ip>/crossdomain.xml before connecting.
2. Wait for the iframe to load successfully.
3. Continue connecting the session.

For details, refer to the secure sessions sample and locate the iframe related code in both the html and js sources.

If client certificate authentication is used, the appropriate client certificate must be installed in the browser.

Node.js API

To configure secure connections, refer to Creating Secure Sessions.

If client certificate authentication is used, refer to Defining Client Authentication Info.