9 Matching Annotations
  1. Dec 2019
    1. Today, my process is enjoyably unsophisticated. When I want to post something, I first write it in a text file, copy my last blog post’s HTML file, paste in my new article, make some slight adjustments, update my list of posts, add it to my RSS file, and that’s basically it. Any page on my website can be anything I want it to be, like how, for example, double clicking on this article leads to a small easter egg.

      Interesting approach on ignoring any type of site generators

    1. The combination of WordPress, React, Gatsby and GraphQL is just that - fun

      Intriguing combination of technologies.

      Keep an eye on the post author, who is going to discuss the technologies in the next writings

  2. Sep 2019
    1. it's not that there are new vulnerabilities that have been identified in the implicit flow, just that PKCE offers a more secure alternative that you should use if you have the option

      Use PKCE instead of the implicit flow if you have a chance

    2. PKCE (which stands for "Proof Key for Code Exchange" and is pronounced "pixie") was originally developed to solve a problem specific to native mobile apps using OAuth 2.0

      PKCE (Proof Key for Code Exchange) is an extension to OAuth 2.0

    3. While this has worked and continues to work for a wide range of web applications, security experts had (and continue to have) concerns that it leaves open some potential attack vectors

      Implicit flow is still simple and very secure

    4. click a button that says "Sign in with GitHub." I am then sent to GitHub to sign in and, if this is my first time, grant permissions

      The Implicit flow:

      1. The application requests authorization from the user ➡
      2. The user authorizes the request ➡
      3. The authorization server issues an access token via the redirect URI ⬅
      4. The application uses the token to call the API ➡
  3. Aug 2017
    1. Most of the UI (user interface) elements we needed already existed in our toolkit of parts, with a few modifications.

      example of a good reason to use a modular component-based approach / styleguide

  4. Mar 2017
    1. One of the strengths of Aurelia is that you can write so much of your application in vanilla JS.

      By sticking close to standards, such as upcoming EcmaScript features, Aurelia code prepares for us for the future. It encourages writing code that will be relevant 2-5 years from now, or perhaps beyond.

  5. Feb 2015