16 Matching Annotations
  1. Apr 2020
    1. At the company I work at, one of our products is an embeddable commenting system. Unlike single-page applications, when we encounter bugs they’re usually on the client’s website. This raised the question, how can we embed a piece of code that will run on all our client’s websites, that will help us debug and improve our overall build experience.

      Case when userscripts apply (not extensions)

    1. Open Command tool and search for coverage

      Checking CSS coverage inside Chrome Dev Tools:

      1. [F12] (open up dev tools)
      2. Click the 3 dots next to "x"
      3. "More tools" > "Coverage"
  2. Mar 2020
    1. Javascript, APIs and Markup — this stack is all about finding middleground from the chaos of SSR+SPA. It is about stepping back and asking yourself, what parts of my page change and what parts don’t change?

      JavaScript, APIs and Markup (JAM Stack) - middleground between SSR + SPA.

      Advantages:

      • The parts that don’t change often are pre-rendered on the server and saved to static HTML files. Anything else is implemented in JS and run on the client using API calls.
      • Avoids too much data transfer (like the hydration data for SSR), therefore finds a good tradeoff to ship web content
      • Allows to leverage the power and cost of Content delivery networks (CDNs) to effectively serve your content
      • With serverless apps your APIs will never need a server to SSH into and manage
    2. Somewhere on this path to render pages on the fly (SSR) and render pages on the client (SPA) we forgot about the performance of our webpages. We were trying to build apps. But the web is about presenting content first and foremost!

      Website performance break with Client-side Rendering (SSR) and Single-page App (SPA)

    3. We were not satisfied with the basic capabilities like bold and italics so we built CSS. Now, we wanted to modify some parts of the HTML/CSS in response to things like clicking things, so we implemented a scripting language to quickly specify such relations and have then run within the browser itself instead of a round trip to the server.

      Birth of CSS - advanced styling

      (history of websites)

    4. And so was born PHP, it feels like a natural extension to HTML itself. You write your code between your HTML file itself and then be able to run those parts on the server, which further generate HTML and the final HTML gets send to the browser.This was extremely powerful. We could serve completely different pages to different users even though all of them access the same URL like Facebook. We could use a database on a server and store some data there, then based on some conditions use this data to modify the generated HTML and technically have an infinite number of pages available to serve (e-commerce).

      Birth of PHP - way to serve different content under the same URL

    1. The combination of WordPress, React, Gatsby and GraphQL is just that - fun

      Intriguing combination of technologies.

      Keep an eye on the post author, who is going to discuss the technologies in the next writings

  3. Dec 2019
    1. Today, my process is enjoyably unsophisticated. When I want to post something, I first write it in a text file, copy my last blog post’s HTML file, paste in my new article, make some slight adjustments, update my list of posts, add it to my RSS file, and that’s basically it. Any page on my website can be anything I want it to be, like how, for example, double clicking on this article leads to a small easter egg.

      Interesting approach on ignoring any type of site generators

  4. Sep 2019
    1. it's not that there are new vulnerabilities that have been identified in the implicit flow, just that PKCE offers a more secure alternative that you should use if you have the option

      Use PKCE instead of the implicit flow if you have a chance

    2. PKCE (which stands for "Proof Key for Code Exchange" and is pronounced "pixie") was originally developed to solve a problem specific to native mobile apps using OAuth 2.0

      PKCE (Proof Key for Code Exchange) is an extension to OAuth 2.0

    3. While this has worked and continues to work for a wide range of web applications, security experts had (and continue to have) concerns that it leaves open some potential attack vectors

      Implicit flow is still simple and very secure

    4. click a button that says "Sign in with GitHub." I am then sent to GitHub to sign in and, if this is my first time, grant permissions

      The Implicit flow:

      1. The application requests authorization from the user ➡
      2. The user authorizes the request ➡
      3. The authorization server issues an access token via the redirect URI ⬅
      4. The application uses the token to call the API ➡
  5. Aug 2017
    1. Most of the UI (user interface) elements we needed already existed in our toolkit of parts, with a few modifications.

      example of a good reason to use a modular component-based approach / styleguide

  6. Mar 2017
    1. One of the strengths of Aurelia is that you can write so much of your application in vanilla JS.

      By sticking close to standards, such as upcoming EcmaScript features, Aurelia code prepares for us for the future. It encourages writing code that will be relevant 2-5 years from now, or perhaps beyond.

  7. Feb 2015