95 Matching Annotations
  1. Jul 2021
    1. How to Create a Travel Website: Types, Features, Industry TrendsTimur YilmazTech JournalistProduct GuideHomeBlogEntrepreneurshipHow to Create a Travel Website: Types, Features, Industry TrendsJul 13, 202119 min readMost people plan a journey by seeking advice from the same source — the Internet. As ending the pandemic is becoming more solvable, many of us think about where to travel next. Ironically, we tend to get easily overwhelmed by the sheer amount of tasks. What place is ok for a night stay? Which is the best camera backpack? Where to refuel? So today, we will figure out how a travel website works. We will also share tips on how to make your own travel website genuinely shine.

      Most people plan a journey by seeking advice from the same source — the Internet. As ending the pandemic is becoming more solvable, many of us think about where to travel next.

      Ironically, we tend to get easily overwhelmed by the sheer amount of tasks. What place is ok for a night stay? Which is the best camera backpack? Where to refuel?

      So today, we will figure out how a travel website works. We will also share tips on how to make your own travel website genuinely shine.

  2. Jun 2021
    1. That means if an attacker can inject some JavaScript code that runs on the web app’s domain, they can steal all the data in localStorage. The same is true for any third-party JavaScript libraries used by the web app. Indeed, any sensitive data stored in localStorage can be compromised by JavaScript. In particular, if an attacker is able to snag an API token, then they can access the API masquerading as an authenticated user.
    2. But there’s a drawback that I didn’t like about this option: localStorage is vulnerable to Cross-site Scripting (XSS) attacks.
    1. Social Network Application Development: Types, Challenges, Technologies, Costs

      We can’t imagine our lives without online communication. We use Facebook Messenger, WhatsApp, and other messengers because we want to communicate. But what about other applications? Many solutions out there have social features. Medium is a social publishing platform; SoundCloud is a social audio platform. To understand how to develop a social networking site, let’s first consider a social network definition.

    1. C2C Marketplace Development: Why Invest in Your Own Platform

      Usually, the C2C model is discussed from customers' perspective. But what makes it appealing to a marketplace founder? In this article, we will bring five reasons why it is worth launching your C2C marketplace. And whereas a future for C2C is bright, there are several pitfalls to be discussed.

  3. May 2021
    1. the majority of XSS attacks target theft of session cookies. A server could help mitigate this issue by setting the HttpOnly flag on a cookie it creates, indicating the cookie should not be accessible on the client.
    1. go-jamming is a cool looking Webmention sender and receiver, particularly for SSGs. It can be used to service multiple websites as well.

      Requires a bit of configuration and build into one's templates, but it looks pretty well documented.

    1. simpler ribozymes ('hammerhead' and 'hairpin') are RNAs that catalyse site spe-cific scission of single stranded target RNAs bearing a consensus cleavage site.
  4. Apr 2021
    1. I like how Dr. Pacheco-Vega outlines some of his research process here.

      Sharing it on Twitter is great, and so is storing a copy on his website. I do worry that it looks like the tweets are embedded via a simple URL method and not done individually, which means that if Twitter goes down or disappears, so does all of his work. Better would be to do a full blockquote embed method, so that if Twitter disappears he's got the text at least. Images would also need to be saved separately.

    1. While it is work in progress, it will live on sarasoueidan.dev. So this Web site you’re on right now will still be here while the new one comes to life. Once the new site is done, it will replace this one on the dot com domain.

      This is a fun reason to have more than one website.

  5. Mar 2021
    1. Q: Can I access my personal comment history? A: No, there will not be a way to access archived comments.

      In this instance, it's similar to a site death taking one's data off-line. This is a good reason to post one's comments on their own site first.

    1. I watched Ru work incredibly hard and diligently over many months to implement what she'd done. I wish I could do half of it, but I can definitely commiserate.

      Can't wait to see what you come up with in the coming year with the extra time you'll have gained not only from the switch, but everything else you've learned in the process.

  6. Feb 2021
  7. Jan 2021
  8. Dec 2020
    1. Serving pages and assets as pre-generated files allows read-only hosting reducing attack vectors even further. Meanwhile dynamic tools and services can be provided by vendors with teams dedicated to securing their specific systems and providing high levels of service.
    1. Because Jamstack projects don’t rely on server-side code, they can be distributed instead of living on a single server. Serving directly from a CDN unlocks speeds and performance that can’t be beat. The more of your app you can push to the edge, the better the user experience.
    2. Because Jamstack markup is prebuilt, content changes won’t go live until you run another build.
    1. Better PerformanceWhy wait for pages to build on the fly when you can generate them at deploy time? When it comes to minimizing the time to first byte, nothing beats pre-built files served over a CDN.
  9. Nov 2020
  10. Oct 2020
    1. Screenshots are disposable, but highlights are forever.

      Highlighting this sentence on the Highly blog (on Medium) ironically using Hypothes.is. I'm syndicating a copy over to my own website because I know that most social services are not long for this world. The only highlights that live forever are the ones you keep on your own website or another location that you own and control.

      RIP Highly. Viva IndieWeb!

    1. we are ending the HuffPost contributor platform

      Just another site-death...

      Ben Walsh of the LA Times Data Desk has created a simple web interface at www.SaveMy.News that journalists can use to archive their stories to The Internet Archive and WebCite. One can log into the service via Twitter and later download a .csv file with a running list of all their works with links to the archived copies.

    1. Although I’ve already got a blog (you’re reading it!), I decided not to mirror my book reviews here. I post normal content so infrequently that anyone who wanted to read the blog but wasn’t interested in book reviews would be inundated with content they didn’t want. In the end, I spun up an additional WordPress instance on my web space (something that my host, Krystal Hosting, makes very easy to do) to keep the reviews completely isolated from everything else.

      This seems to be a frequent excuse for people to spin up yet another website rather than attempting to tackle the UI subscription problem.

      Social readers would be well advised to think about this problem so people could have a single website with multiple types/kinds of content.

      Platforms should better delineate how to allow publishers and readers to more easily extract the posts that they're interested in following.

  11. Sep 2020
  12. Aug 2020
  13. Jul 2020
    1. In fact, developers often tend to forget a simple, almost elementary fact: if users want to close the application or leave a site, they will — doesn’t matter which obstacles are placed on their path to the exit-button. The more obstacles there are the more negative the user experience will be.
  14. Jun 2020
    1. Pour prévenir les atteintes aux droits de l’enfant, les programmes Educadroit et JADE ont permis de former près de 60 000 jeunes à leurs droits et aux discriminations durant l’année scolaire 2018/2019.
  15. May 2020
    1. Not necessarily. Hosting companies tend to keep your backups in the same place as your primary files. You don’t carry around a copy of your birth certificate along with the actual one – you keep the real one safe at home for emergencies. So why not do the same for your backups? CodeGuard provides safe, offsite backup that is 100% independent from your hosting provider.
    1. The folks at Netlify created Netlify CMS to fill a gap in the static site generation pipeline. There were some great proprietary headless CMS options, but no real contenders that were open source and extensible—that could turn into a community-built ecosystem like WordPress or Drupal. For that reason, Netlify CMS is made to be community-driven, and has never been locked to the Netlify platform (despite the name).

      Kind of an unfortunate name...

  16. Apr 2020
    1. The Authenticity Token is a countermeasure to Cross-Site Request Forgery (CSRF). What is CSRF, you ask? It's a way that an attacker can potentially hijack sessions without even knowing session tokens.
    2. Rails does not issue the same stored token with every form. Neither does it generate and store a different token every time. It generates and stores a cryptographic hash in a session and issues new cryptographic tokens, which can be matched against the stored one, every time a page is rendered.
    3. Since the authenticity token is stored in the session, the client cannot know its value. This prevents people from submitting forms to a Rails app without viewing the form within that app itself. Imagine that you are using service A, you logged into the service and everything is ok. Now imagine that you went to use service B, and you saw a picture you like, and pressed on the picture to view a larger size of it. Now, if some evil code was there at service B, it might send a request to service A (which you are logged into), and ask to delete your account, by sending a request to http://serviceA.com/close_account. This is what is known as CSRF (Cross Site Request Forgery). If service A is using authenticity tokens, this attack vector is no longer applicable, since the request from service B would not contain the correct authenticity token, and will not be allowed to continue.
    1. In >95% of patients who survive to reach the ED, the BAI occurs just distal to the left subclavian artery, where it is tethered by the ligamentum arteriosum (Fig. 7-24). In 2% to 5% of patients the injury occurs in the ascending aorta, in the transverse arch, or at the diaphragm
  17. Mar 2020
    1. Je souhaite connaître l’ensemble des ressources pédagogiques qui sont à disposition, comment faire?Vous pouvez consulter les sites institutionnels afin d’accéder aux ressourcesqui sont mises à disposition: site de la circonscriptionoù vous exercez, site de l’Inspection académique, site académique et site nationaux (Eduscol). Vous pouvez aussi accéder au site du CNED (https://ecole.cned.fr/). Certains sites académiques ont déjà pris des initiatives dans ce sens (Nancy-Metzet Strasbourgpar exemple).
    2. Qu’est-il attendu de moi en termes de continuité pédagogique?Chaque professeur doit pouvoir être joint soit par messagerie électronique,soit par téléphone durant les horaires habituels d’ouverture de l’école. Il doit prendre toutes dispositions utiles pour assurer la continuité pédagogique avecles élèves, en lien avec les parents. Il conserve les mêmes missions de conception de son enseignement et de mise en place d’activités pédagogiques et éducatives adaptées à ses objectifs, mais à distance. Il doit pouvoir répondre aux questions liées à l’organisation du travail des élèves et participer à la mise en cohérence de l’action de l’équipe pédagogique.Il prend appui sur l’ENT et/ou le site de l’école, quand il y en a un, et sur les sites adaptés pour communiquer et pour organiser son enseignementavec les élèves et les parents et responsables légaux.
    3. Comment puis-je être informé de l’évolution de la situation?Vous pouvez trouver les informations, régulièrement réactualisées,sur le site Internet de la circonscription, de l’école, l’environnement numérique de travail ou sur les affichages de l’école. Pour ce qui est plus général, reportez-vous aux grands sites institutionnels, notamment celui du ministère de l’éducation nationale et dela jeunesse: education.gouv.fr
    4. L’école n’a pas de site internet / d’espace numérique de travail(ENT), que dois-je faire?L’information des parents doit être prévue par voie d’affichage sur les panneaux dédiés et régulièrement actualisés.Les parents d’élèves doivent être informés régulièrement de l’évolution de la situation et des prescriptions applicables via tous les canaux usuels: courriels, SMS, téléphone, affichages extérieurs à l’entrée de l’école ainsi qu’en mairie.
  18. Feb 2020
  19. Dec 2019
  20. Nov 2019
  21. Oct 2019
  22. Aug 2019
  23. May 2019
    1. Key ideas: rebel culture; black metal; bending rules; combining ideas; AND brewers grounded in education/tradition

  24. Nov 2018
  25. May 2018
    1. A smart, common sense approach to domain intelligent IoT.”

      I'm wanting to step outside OUR language and into the language of "someone else." At the same time, I'd like it to sync up with our overall "promise."

    2. Our Edge Platform and smart devices bring process-driven domain intelligence to Industry and Environment IoT.

      A Customer Value Prop subhead. Serves to drill to an "okay" I get why I'm here.

  26. Apr 2017