Wt (pronounces as witty) is a C++ library for developing web application.
Wt offers abstraction of web-specific implementation details including client-server protocols, event handling, graphics support, graceful degradation (or progressive enhancement), and URL handling. The API is widget-centric, like Qt and other toolkits.
Unlike many page-base frameworks, Wt was designed for creating stateful application that are at the same time highly interactive (leveraging techniques such as WebSockets, and Ajax) and accessible (supporting plain HTML browsers), using automatic graceful degradation or progressive enhancement. Things that are natural and simple with Wt would require an impractical amount of effort otherwise: switching widgets using animations, while being perfectly indexed by search robots with clean URLs, or having a persistent chat widget open throughout, that even works in legacy browsers like Microsoft Internet Explorer 6.
Wt can acts as a stand alone Http(s)/WebSocket server or integrates through FastCGI with other web servers.
Typical Use Scenario
- High performance, complex web applications which are fully personalized (and thus cannot benefit from caching), fully Ajax enabled and at the same time entirely accessible and Search Engine Optimized.
- Web-based GUIs for embedded systems benefit from the low footprint of a C++ web application server.
- Web-based GUIs that require integration with (existing) C++ libraries, for example for scientific or engineering applications, or existing C++ desktop applications.
- Develop web applications using familiar desktop GUI patterns.
- A single specification for both client- and server-side validation and event handling.
- Optionally, use XHTML and CSS for layout and decoration.
- Generates standards compliant HTML or XHTML code.
- Portable, anti-aliased graphics optimized for web usage (using inline VML, inline SVG, HTML5 canvas or PNG images), which can also be used to render to PDF.
- Avoid common security problems since Wt has complete control over the presentation layer and proactively filters out active tags and attributes, does not expose business logic, and simplifies authentication using a stateful design.
- Ultra-fast load time and low bandwidth usage, which are affected only by screen complexity, not application size. Wt implements all the common tips and tricks for optimizing application responsiveness and even optimizes per browser.
- A simple API with a robust cross-browser implementation for server-initiated events aka server push (using comet or WebSockets).
- Use the built-in httpd for easy development and deployment, or use the FastCGI/ISAPI connectors to deploy in existing web servers.
- Supports major browsers (Firefox/Gecko, Internet Explorer, Safari, Chrome, Konqueror, and Opera) but also plain HTML browsers (Links, Lynx).
- Develop and deploy on Unix/GNU Linux or Microsoft Windows (Visual Studio) environments.
- Integrated Unicode support and pervasive localization.
- Efficient rendering and (very) low latency.
- Support for browser history navigation (back/forward buttons and bookmarks), pretty URLs with HTML5 History if available, and search engine optimization with a unified behavior for plain HTML or Ajax sessions.
- Configurable session tracking options that include URL rewriting and cookies.
- High performance, allowing deployment on low-end embedded devices, or energy-, space- and budget-friendly deployment of Internet or extranet web sites.
- Completely based on event-driven async I/O: sessions are not tied to threads, and neither do open connections block threads. Instead, threads are needed only to improve concurrent request handling or for reentrant event loops.
- Uses a modern typesafe signal/slot API for responding to events.
- Listen for keyboard, mouse and focus events, and get event details (such as mouse position, modifier buttons, or keyboard key).
- Automatic synchronization of form field data between browser and server.
- Drag&Drop API.
- Timed events and server-initiated updates (“server push”)
- Uses plain HTML CGI, Ajax or WebSockets
Native Painting Support
- Unified painting API which uses the browsers native (vector) graphics support (inline VML, inline SVG, or HTML5 canvas), or renders to common image formats (PNG, GIF, …) or vector formats (SVG, PDF).
- Supports arbitrary painter paths, clipping, text, images, transformations, drop shadow.
GUI component is composed of various widgets. For comprehensive examples, you can visit this link.
- Kernel-level memory protection protects against privacy issues arising from programming bugs, since sessions can be completely isolated from each other (in dedicated-process mode).
- Supports encryption and server authentication using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) through HTTPS.
- Enables continuous use of HTTPS through low bandwidth requirements (fine-grained Ajax).
- Built-in Cross-Site Scripting (XSS) prevention. Rendered text is always filtered against potentially malicious code, making XSS attacks against Wt applications (close to) impossible.
- Not vulnerable to breaking the application logic by skipping to a particular URL, since only those events exposed in the interface can be triggered.
- Session hijacking mitigation and risk prevention
- DoS mitigation
- A built-in authentication module implements best practices for authentication, and supports third party identity providers using OAuth 2.0, and (later) OpenID Connect
Object Relational Mapping Library
Wt comes with Wt::Dbo, a self-contained library which implements Object-Relational mapping, and thus a convenient way to interact with SQL databases from C++. Although features like optimistic concurrency control make this an ideal technology for a database driven web application (and it provides good integration with Wt’s MVC classes), the library can also be used for other applications, and does not depend on Wt. The ORM library has the following features:
- No code generation, no macro hacks, no XML configuration, just modern C++!
- Uses a templated visitor pattern which requires a single template method to provide the mapping: DRY and as efficient as conceivable!
- You can indicate surrogate auto-incremental keys or map natural keys of any C++ type, which may also be composite (i.e. require more than one database field).
- Supports optimistic concurrency control using a version field.
- Maps Many-to-One and Many-to-Many relations to STL-compatible collections.
- Provides schema generation (aka DDL: data definition language) and CRUD operations (aka DML: data manipulation language).
- Prepared statements throughout.
- Each session tracks dirty objects and provides a first-level cache.
- Flexible querying which can query individual fields, objects, or tuples of any these (using Boost.Tuple).
- Use a single connection or share connection pools between multiple sessions from which connections are used only during an active transaction.
- Comes with Sqlite3, Firebird, MariaDB/MySQL and PostgreSQL backends, and an Oracle backend is also available on request.
Wt library abstracts different deployment options as connectors libraries, which connect Wt with the outer world. Switching deployment option is a matter of relinking to one of these connector libraries.
- Simple, high-performance web application server (multi-threaded, asynchronous I/O) based on the C++ asio library.
- Supports the HTTP(S) and WebSocket(S) protocols.
- Supports response chunking and compression.
- Single process (convenient for development and debugging), and embeddable in an existing application.
- Supports deployment behind a ProxyPass’ing (and if needed, load-balancing) web server.
- Available for both UNIX and Win32 platforms.
- Integrates with most common web servers (apache, lighttpd).
- Different session-to-process mapping strategies.
- Hot deployment: new sessions use the new application version while older sessions may continue with their application version.
- Available only for UNIX platforms.
- Integrates with Microsoft IIS server.
- Uses the ISAPI asynchronous API for maximum performance.
- Available for the Win32 platform.