Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Releases API for Google Maps

Posted by timothy on from the google-google-google-google dept.

Elyscape writes "The Google Blog announced today the release of an API for Google Maps. While the use of the API requires a key that limits the owner to 50K pageviews a day, which is similar to but far more generous than Google's Web Search API, Google notes that they are willing to work something out with website owners who expect to breach that large barrier. This release definitely opens the door for (or, at least, eases the creation of) more advanced Google-Maps-based applications. On the negative side, it broke several current Google-Maps-based sites, such as ChicagoCrime.org. So get started! Go to the Google Maps API home, sign up for a key, and go wild! (Note: going wild may entail fixing broken sites. It does not necessarily entail actually visiting the wild.)

9 of 30 comments (clear)

  1. 50K Pageviews by Mr.Sharpy · · Score: 3, Interesting

    I suppose the question is, do they consider each tile you load from their map server a page view? If they do, it wouldn't take many users scrolling around on the maps to get their.

    1. Re:50K Pageviews by Dorktrix · · Score: 5, Informative

      A "page view" is the number of times users download the JavaScript, not the number of map tiles, so it is a fairly high limit for most sites. Also, we are not restricting use of the API to small sites -- we are just asking that sites who have more page views than 50K contact us first to ask permission so we can make sure we can handle the load.

      Bret Taylor
      Product Manager, Google Maps

  2. no geocoding ... yet by enrico_suave · · Score: 2, Interesting

    I'm a little dissapointed the geocoding functions didn't make the first release of the API (and hope they are added/included soon).

    e.

    --
    Build Your Own PVR/HTPC news, reviews, &
  3. Well done, Documentation by Free_Trial_Thinking · · Score: 2, Interesting

    That is well done, that's how documentation should be, just tell me how to do all the common things I might want to do:

    move the map
    goto a location
    blah blah

    Try finding useful information like that in under 10 minutes on almost any existing "API".

  4. Re:Technical Question from a non-programmer by Mr.Sharpy · · Score: 3, Insightful

    They obviously don't release the code for the api .. how you know that when you call a function? from the api, it's not doing something malicious? how do you know they aren't using it to track users, send malicious code, etc? granted - it's Google, but still?

    The API is written in javascript, the code for which is open by nature. The code is obfuscated/compressed, but it's easy to expand it out to readable syntax. This code is not going to do something on the clientside without everyone knowing it. That's not to say they're not doing tracking on the server side...but that's another matter entirely.

  5. Re:address lookup? by Mz6 · · Score: 4, Informative

    There are ways to do and have Google do the work for you. Try this: http://maps.google.com/maps?q=White%20House%20Wash ington%20DC&output=js This will generate a blank page, but viewing the source will reveal the XML code, including the Lat/long locations that Google found for the search term. Replace "White House Washington DC" with your street addresses and you should get the points you're looking for. From there it's trivial to parse through the XML and grab the lat/long locations.

    --
    Hmmm.
  6. Re:Technical Question from a non-programmer by Anonymous Coward · · Score: 5, Insightful

    You've got a very good point that none of the other repliers seem to have noticed.

    External Javascript somebody else supplies is *BAD*. Not "can delete your hard drive" bad, but "can rob your cookies and molest your website" bad.

    Example: You are an admin for a large company using a popular content management system. You think this is a useful addition to your website, so you add in the code. A wayward Google employee rigs some of the Google servers to transmit malicious Javascript 1% of the time. You visit the new page to check everything is working, the malicious Javascript transmits your cookies containing your admin details to an external server, and now the wayward Google employee has complete write access to your website.

    There is built-in protection from malicious Javascript. Unfortunately, it doesn't apply in these circumstances. The secure way of doing this is to copy the (known-safe through whatever means) Javascript to your own server instead of referencing Google's version. Unfortunately, this is against their terms of service.

    This is a really big security hole that people don't seem to pay attention to. I've noticed people trusting password bookmarklets written in this style and all sorts. Basically, if you include other people's Javascript in your website with <script src="http://example.com/...">, then you are implicitly trusting example.com with all of your user's cookies, etc.

  7. What about raw tile access? by inio · · Score: 2, Informative

    TerraServer USA has allowed direct access to tiles for a while now. While this release is nice, it doesn't explicitly allow programatic tile access from other environments (e.g. Flash) which could allow for new types of navigation, interaction, and cross-platform consistency.

    (full disclosure note: I wrote this about a year ago, so I've got a an interest in direct tile access.)

  8. Superb reality-check for the web by GregBryant · · Score: 2, Insightful

    They put the satellite views in! That lets everyone inject a bit of reality into their web pages. This API is so simple ... soon little maps & satellite images, with GIS overlays, will be dripping from every website.