recentpopularlog in

mcherm : webdevelopment   299

« earlier  
A Beginner’s Introduction to Python Web Frameworks : Python
The current state of affairs with python web frameworks. Flask looks good for my purposes.
python  programming  webdevelopment  via:reddit 
5 weeks ago by mcherm
A new image format for the Web  |  WebP  |  Google Developers
Google's new image format. It's smaller than png or jpeg. It does lossless and lossy.
images  webdevelopment  webdesign  webdev 
10 weeks ago by mcherm
Virtual DOM is pure overhead
React has a "virtual DOM" -- updates are made to a data model of the DOM kept in memory in the browser and diffs are found and applied to the real DOM. This is overhead, but allows code to be organized in terms of "how to render the whole thing" instead of "what changes are needed from current state".
webdevelopment  via:HackerNews  react  javascript 
may 2019 by mcherm
Let's Build: With JavaScript - Dynamic Tabs
I found this useful in teaching me a reasonable way to build tabs in pure javascript.
javascript  css  webdevelopment  webdesign 
may 2019 by mcherm
Don’t trust the locals: investigating the prevalence of persistent client-side cross-site scripting in the wild | the morning paper
A security attack on web apps that use local storage: compromise in one visit to the site, then lock in that access for future sessions by injecting an attack into the data in local storage.
webdevelopment  security  via:HackerNews 
april 2019 by mcherm
You probably don’t need input type=“number”
In some browsers "input type='number'" mix and accidental touch to the mouse scroll wheel change the number you are entering. There is a better way to get the numeric keypad for entry on mobile devices.
webdevelopment  webdesign  via:HackerNews  programming 
march 2019 by mcherm
How to navigate the maze of JavaScript code – ITNEXT
A description of a tool, "CodeCrumbs" for dynamically exploring a JavaScript codebase.
webdevelopment  webdev  CodeCrumb  via:reddit  programming 
january 2019 by mcherm
Considering App vs. Website? It’s 2019: Build a Website.
Really good reasons to start with a web app first (even clearly documents the exceptions).
webdevelopment  mobiledevelopment  mobile  via:HackerNews 
january 2019 by mcherm
Why I no longer use D3.js – Paul Sweeney – Medium
D3 isn't necessary in all cases because modern tools and libraries let you achieve many of the same things, often without even using SVG.
d3  webdevelopment  via:reddit 
december 2018 by mcherm
Goodbye, EdgeHTML - The Mozilla Blog
Microsoft is going to base their browser on Chrome. That really reduces the number of browsers in wide use and is unhealthy for the web (in my opinion).
browsers  microsoft  google  internet  webdevelopment  via:HackerNews 
december 2018 by mcherm
CSS Stats
A site that will analyze the CSS for a website and tell you lots of things that help you to understand how complex it is, like how many different colors of text it uses.
webdesign  webdevelopment  css  useful 
november 2018 by mcherm
Idle Until Urgent — Philip Walton
A technique in JavaScript within the browser for speeding up app launch: create wrappers of slow-to-initialize objects which attempt to load during idle time, but instead load on the main thread if they are accessed.
threading  javascript  webdevelopment  concurrentprogramming  via:HackerNews 
september 2018 by mcherm
Service Workers | the frontendian
I don't know why I didn't learn about them earlier, but this is the first time I have actually read something that describes the capabilities of service workers.
webdevelopment  javascript  via:HackerNews  programming 
august 2018 by mcherm
How it feels to learn JavaScript in 2016 – Hacker Noon
This accurately (and humorously) captures the incredible mess of libraries and Frameworks that is modern day web programming.
via:reddit  javascript  librarydesign  webdevelopment 
june 2018 by mcherm
Microsoft Word Document Upload to Stored XSS: A Case Study
An XSS attack using MS Word Documents that can be uploaded and downloaded. Lists a few defenses against the attack also.
xss  security  webdevelopment  via:HackerNews 
may 2018 by mcherm
Improving URLs for AMP pages – Accelerated Mobile Pages Project
Google says they'll alter AMP (their own proprietary way to serve web pages fast) to allow the pages to appear to come from the site that actually wrote the content.
google  webdevelopment  via:HackerNews 
march 2018 by mcherm
Third party CSS is not safe - JakeArchibald.com
CSS that gets loaded from an untrusted source can do nearly as much to your page as Javascript from an untrusted source.
security  webdevelopment  css  via:HackerNews 
march 2018 by mcherm
DevDocs — D3.js 4 documentation
A copy of the D3 reference manual that isn't blocked by Capital One.
reference  d3  javascript  webdevelopment  svg 
february 2018 by mcherm
Modern CSS Explained For Dinosaurs – Actualize – Medium
A *really good* history of CSS policies and practices explaining what is going on today.
css  webdev  webdevelopment  html  history  via:reddit 
february 2018 by mcherm
I’m harvesting credit card numbers and passwords from your site. Here’s how.
It would be easy to inject malicious code into people's web pages by writing an evil library with useful effects and making it popular on npm.
security  webdevelopment  node.js  via:reddit 
january 2018 by mcherm
How to Generate Random Colors Programmatically
Generating an infinite series of visually distinct colors, like for labeling series on a graph or something.
color  programming  webdevelopment  via:StackOverflow 
january 2018 by mcherm
JavaScript Promises: an Introduction  |  Web Fundamentals  |  Google Developers
About doing promises (and thus useful concurrency) natively in JavaScript that works in nearly all major browsers.
javascript  webdevelopment  concurrentprogramming  parallelprogramming  programming 
january 2018 by mcherm
API Reference for D3
The API reference for the D3 library (for building nice interactive graphs in SVG and things like that).
reference  d3  javascript  webdevelopment  svg 
december 2017 by mcherm
Collapsible Tree - bl.ocks.org
A collapsable tree implemented in D3. I should investigate whether it can meet my needs
d3  webdevelopment  datavisualization 
november 2017 by mcherm
WebAssembly support now shipping in all major browsers - The Mozilla Blog
This is a big deal: we can now write native apps for the browser in most any language (with a cross-compiler).
internet  javascript  webdevelopment 
november 2017 by mcherm
Troy Hunt: The 6-Step "Happy Path" to HTTPS
Here are instructions on all the special headers and stuff to use to force HTTPS.
ssl  security  via:HackerNews  webdevelopment 
october 2017 by mcherm
single-spa project
A project to allow multiple single-page-apps (potentially written in different frameworks) to coexist. We are looking at it as a possible way to do components within the Angular app.
javascript  webdevelopment 
october 2017 by mcherm
The Most Efficient Way to Use Icons If You’re A Designer or Developer.
Interesting approach to generating and working with a bunch of scalable (vector graphics) icons.
webdesign  webdevelopment  via:reddit 
june 2017 by mcherm
Opinionated Comparison of React, Angular2, and Aurelia · stickfigure/blog Wiki · GitHub
The author tried 3 current web app frameworks and gives his assessment with details. His favorite was react.
webdevelopment  angular  react  programming  via:HackerNews 
april 2017 by mcherm
Scrolling on the web: A primer - Microsoft Edge Dev BlogMicrosoft Edge Dev Blog
Scrolling can (in many implementations) occur on a separate thread to make the experience smoother. Whether this works right may depend on just how you perform the scroll (touch, 2-finger sweep, scroll bar, etc).
webdevelopment  via:HackerNews 
march 2017 by mcherm
One browser now supports a Cookie flag that prevents CSRF attacks
The article over-hypes it a bit, but Chrome now support a "SameSite" attribute on cookies that prevents CSRF attacks.
security  webdevelopment  csrf  via:HackerNews 
february 2017 by mcherm
java - Should one call .close() on HttpServletResponse.getOutputStream()/.getWriter()? - Stack Overflow
What to do about wanting to set cookies or headers AFTER writing content. Can't write headers after body, so have to buffer body then flush after finishing.
java  tomcat  webdevelopment 
february 2017 by mcherm
Serverless Framework & AWS API Gateway CORS
This page helped me figure out how to deploy a REST API build on AWS Lambda (serverless) so it could be called by an angular application.
webdevelopment  webdev  security  serverless  aws  REST  angular 
july 2016 by mcherm
Complexities of an infinite scroller | Web Updates - Google Developers
An implementation of infinite scrolling, with discussion of some of the complexities. The received wisdom of Hacker News is that you probably should just do pagination instead.
webdevelopment  via:HackerNews 
july 2016 by mcherm
Serverless Data Sync in Web Apps with Bit Torrent - Tales of a Developer Advocate
I am a bit bamboozled by the idea of building full applications that run ENTIRELY in the browser, without any back end, even for storing the data.
via:HackerNews  webdevelopment  browsers  programming  serverless 
june 2016 by mcherm
How Technology Hijacks People’s Minds — from a Magician and Google’s Design Ethicist — Medium
Some anti-patterns that are unethical in the design of computer interfaces. Intermittent reinforcement; fear of missing out; using social approval to push engagement; unending lists; constant interruptions; hard to cancel;
ui  webdevelopment  ethics  programming  webdesign  via:boingboing 
may 2016 by mcherm
Target=”_blank” — the most underestimated vulnerability ever — Medium
If you open a new window then code in that window can re-navigate the parent window, and users might trust the parent window and do things like re-enter their password if prompted. Solution is to use rel="noopener noreferrer".
webdevelopment  security  via:HackerNews 
may 2016 by mcherm
Cash: An absurdly small jQuery alternative for modern browsers | Hacker News
A very small library that works like jQuery. The comments list other similar tools.
webdevelopment  javascript 
april 2016 by mcherm
Why I switched to Android after 7 years of iOS
Apple's walled-garden is really beginning to chafe for this author, who would rather be building powerful web apps. And making them look EXACTLY like a native app.
android  webdevelopment  mobile  ios  appstore  apple  via:HackerNews 
march 2016 by mcherm
What No One Told You About Z-Index — Philip Walton
Stacking of z-index doesn't work how I thought it did. Read the article to see why.
css  webdesign  webdevelopment 
march 2016 by mcherm
Choosing an HTTP Status Code — Stop Making It Hard | Racksburg
This article recommends a certain policy on the use of http response codes, and I think it actually has really good advice.
REST  http  internet  webdevelopment  via:HackerNews 
december 2015 by mcherm
Safari is the new IE
Safari is not adding support for new standards like the other browser makers. It is reaching the level where this person is advocating that we abandon Safari support.
browsers  safari  webdevelopment  webdesign  webdev  via:reddit 
july 2015 by mcherm
Google search gets 100-150ms faster
They send a prefetch hint to the browser to start fetching the slowest resources on the page the link goes to. Requires them to on w the slow resources for every page on the web. The hinting only works in chrome on mobile.
javascript  webdevelopment  performance  google 
december 2014 by mcherm
7 Principles of Rich Web Applications |
Really good advice on developing any web application.
webdevelopment  webdesign  webdev  javascript  ajax 
november 2014 by mcherm
Notes from the development of xkcd's "Pixels"
How he built the code for "infinite zooming" for an XKCD cartoon.
xkcd  via:HackerNews  webdevelopment  programming 
september 2014 by mcherm
How a new HTML element will make the Web faster | Ars Technica
The story behind how a new HTML element got added to the standard to support varying image sizes. It is really a story about how standards committees work.
ArsTechnica  standards  html  html5  webdevelopment  web  via:HackerNews 
september 2014 by mcherm
Yahoo stopping all new development of YUI | Hacker News
Yahoo is ceasing development of YUI. And some commentary about it. Few things last forever in software development.
via:HackerNews  webdevelopment  webdesign  javascript  libraries  opensource  programming  softwaredevelopment  mypostings 
august 2014 by mcherm
Nelson's Weblog: tech / good / webapps-with-json
"Hey, let's build simple JSON APIs and then put all the presentation logic in the web page via Javascript."
webdevelopment  ajax  via:NelsonMinar  NelsonMinar 
june 2014 by mcherm
The security hole I found on Amazon.com
A really good example of clickjacking. We should use X-Frame-Options: SAMEORIGIN.
webdevelopment  security 
june 2014 by mcherm
Quick tip: Improve developer habits by showing time cost of DB queries
A great idea: calculate the number of back-end calls made to render each page and display it on every page for those who have the "I am a developer" switch toggled.
softwaredevelopment  programming  via:HackerNews  webdevelopment 
april 2014 by mcherm
Fanout Blog » How to safely invoke Webhooks
Web hooks could direct you to a malicious URL that's inside your own network, causing your (privileged) machine to make a possibly destructive request. To prevent this, check the IP address before calling the web hook.
security  webdevelopment  programming  webhooks  api  APIDesign  via:HackerNews 
january 2014 by mcherm
The Noun Project
Simple black-and-white icons. Decent variety. Creative Commons licensing.
useful  webdevelopment  design  graphics  via:boingboing 
november 2013 by mcherm
Troy Hunt: Fixing ghoulish HTML behaviour after Ghostery breaks the web to block Disqus
Ghostery (a browser plugin for monitoring or blocking trackers) messed up his blog. He fixed it, but it was bad behavior on Ghostery's part.
webdevelopment  ghostery  via:HackerNews  surveillance 
november 2013 by mcherm
Smooth Online Signatures (Open Source) by ezl
A tool to let people input a signature (and make it look good).
javascript  webdevelopment  via:HackerNews 
november 2013 by mcherm
NeoCities
A site that hopes to become a successor to Geocities, hosting plain HTML of any sort for free (and anonymously).
hosting  webdevelopment 
june 2013 by mcherm
Lunatech Blog: What every web developer must know about URL encoding
Some details about how to encode URLs. Encoding can be done with %xx replacement, but other things are allowed in different parts of the URL and so technically decoding requires a syntax-aware parser.
programming  html  http  webdevelopment  webdev  via:HackerNews 
june 2013 by mcherm
Why Discourse uses Ember.js - Evil Trout's Blog
Arguments in favor of a client-side javascript framework (instead of sending HTML pages) and specifically for the library ember.js.
webdevelopment  webdev  ember.js  via:HackerNews 
february 2013 by mcherm
The stupid cookie law is dead at last | Silktide blog
That law in Europe that prohibited sites from using cookies without the user's permission? The website of the group that enforces the law now uses cookies.
law  webdevelopment  webdev  via:HackerNews 
january 2013 by mcherm
« earlier      
per page:    204080120160

Copy this bookmark:





to read