In times where Facebook announces to track all web users whenever it can, it feels weird to work on disaster management tools1. You may now ask why, but if you consider what data you work with in such a project, you’re likely to be monitored because of a lot of keywords in there. And that’s what bothers me most: That people who want to do good need to fear that they’re under complete surveillance. I like Tor and secure VPNs more than ever for that reason. Speaking about web development, here’s why using Tor or VPNs for testing performance2 is a great idea.
Further Reading on SmashingMag:
- How To Design Error States For Mobile Apps3
- High-Impact, Minimal-Effort Cross-Browser Testing4
- Automating Art Direction With The Responsive Image Breakpoints Generator5
- When 24/7/365 Fails: Turning Off Work On Weekends6
- Chrome 51 is out7 and with it, various security issues have been fixed. No big new features but more stability and improved performance for Chrome this time :)
- Peter-Paul Koch shares why he thinks that the adage “Don’t Repeat Yourself” isn’t always useful in browser contexts8. We’re building our websites for browsers, and to make the page work properly, we need to repeat ourselves, especially when using progressive enhancement9.
- It’s about raising the barrier. Jeremy Keith has talked and written about this a couple of times already, and now in times where the term “Progressive Web Apps” is shared all over the web, Jeremy says that Google makes web apps regressive10. A web app requires HTTPS, service workers, a manifest JSON and a few recent visits by the user to be installable — for most websites dealbreakers. Also the fact that the URL must not be displayed in the web app turns out to be harmful to the web itself as it depends on URLs.
Tools & Workflow Link
- Since we have widespread support for web storage solutions like Session Storage, the question arises if we still need cookies at all. James Kettle researched12 and concluded that cookies are insecure by default, and you need to set
__Host-absolutely=secure; Path=/; HTTPOnly; Secure; SameSite=strict;(source13) to make them secure while Session Storage is secure by default. On the other hand, one aspect speaks clearly for cookies: They are controllable by the client and the server.
- Facebook is already known for not respecting privacy. They now announced14: “[…] we’re expanding Audience Network so publishers and developers can show better ads to everyone — including those who don’t use or aren’t connected to Facebook.” This basically means that they now track every user who gets in touch with some Facebook tracking technology (cookies, web storage, embedded fb-scripts, etc.) without asking. For Firefox, I added the Self-Destructing Cookies201915 extension in addition to my Canvas Blocker16 and uBlock Origin17 to browse more safely. But remember that an open Facebook tab still might track you on other sites, so the browser’s private mode seems more appropriate.
Web Performance Link
- Lara Callender Hogan now published her book “Designing for Performance” for free as an online HTML book21. If you like it, consider purchasing it nevertheless to support the author.
- Accessibility is not just about morals22 and making the web usable to a small group of citizens. It’s about making the web usable to the masses.
- Since browsers don’t support multirange sliders natively very well, a polyfill is needed. But most polyfills are really hacky and bring problems with customized styles. Not so Lea Verou’s tiny, flexible polyfill for multirange inputs23.
- Alex Castillo shares how you make your web application send native web push notifications with Angular 22724.
- Many projects feature a star-rating component. But very often they are a nightmare to build properly across various browsers and most of the time the solution isn’t accessible either. Starability25 comes as an accessible, simple module to solve the issue.
Going Beyond… Link
- Do you know how the Internet works? Ars Technica dives deep into Internet infrastructure31 and provides a rare glance into a subsea cable landing site.
And with that, I’ll close for this week. If you like what I write each week, please support me with a donation32 or share this resource with other people. You can learn more about the costs of the project here33. It’s available via email, RSS and online.
Thanks and all the best,
- 1 https://twitter.com/helloanselm/status/737316074354577408
- 2 https://helloanselm.com/2016/using-vpn-tor-for-web-development/
- 3 https://www.smashingmagazine.com/2016/09/how-to-design-error-states-for-mobile-apps/
- 4 https://www.smashingmagazine.com/2016/02/high-impact-minimal-effort-cross-browser-testing/
- 5 https://www.smashingmagazine.com/2016/09/automating-art-direction-with-the-responsive-image-breakpoints-generator/
- 6 https://www.smashingmagazine.com/2010/11/when-24-7-365-fails-turn-off-work-on-weekends/
- 7 http://googlechromereleases.blogspot.de/2016/06/stable-channel-update.html
- 8 http://www.quirksmode.org/blog/archives/2016/05/dry_do_repeat_y.html
- 9 https://www.smashingmagazine.com/2013/09/progressive-enhancement-is-faster/
- 10 https://adactio.com/journal/10708
- 11 https://medium.com/@jamischarles/adding-autocomplete-to-npm-install-5efd3c424067
- 12 http://blog.portswigger.net/2016/05/web-storage-lesser-evil-for-session.html
- 13 https://twitter.com/0x6D6172696F/status/738335320467472384
- 14 http://www.theverge.com/2016/5/27/11795248/facebook-ad-network-non-users-cookies-plug-ins
- 15 https://addons.mozilla.org/en-US/firefox/addon/self-destructing-cookies/
- 16 https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/
- 17 https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/
- 18 https://addons.mozilla.org/en-US/firefox/addon/self-destructing-cookies/
- 19 https://addons.mozilla.org/en-US/firefox/addon/self-destructing-cookies/
- 20 https://addons.mozilla.org/en-US/firefox/addon/self-destructing-cookies/
- 21 http://designingforperformance.com/
- 22 https://una.im/a11y-for-the-masses/
- 23 http://lea.verou.me/2016/05/introducing-multirange-a-tiny-polyfill-for-html5-two-handle-sliders/
- 24 http://www.castillo.io/blog/2016/4/14/push-notifications-with-angular-2
- 25 https://lunarlogic.github.io/starability/
- 26 http://www.castillo.io/blog/2016/4/14/push-notifications-with-angular-2
- 27 http://www.castillo.io/blog/2016/4/14/push-notifications-with-angular-2
- 28 http://www.castillo.io/blog/2016/4/14/push-notifications-with-angular-2
- 29 https://www.smashingmagazine.com/2016/04/inspiring-ui-demos-logins-menus-toggles-and-more/
- 31 http://arstechnica.com/information-technology/2016/05/how-the-internet-works-submarine-cables-data-centres-last-mile/
- 32 https://wdrl.info/donate
- 33 https://wdrl.info/costs/