Menu Search
Jump to the content X X
Smashing Conf San Francisco

We use ad-blockers as well, you know. We gotta keep those servers running though. Did you know that we publish useful books and run friendly conferences — crafted for pros like yourself? E.g. upcoming SmashingConf San Francisco, dedicated to smart front-end techniques and design patterns.

Web Development Reading List #150: Less Code, GitHub’s Security, And The Morals Of Science

There is a lot to learn this week. It starts with non-technical things like going for a walk to refresh your mind and finishes with how to prevent reverse XSS attacks in forms. But it doesn’t matter whether you learn how to build self-contained web components using the new specification or to maximize the efficiency of your Angular 2 app or just how you can write less code. What matters is that you keep asking questions and that you try to get better and smarter at your craft.

Further Reading on SmashingMag: Link

General Link

  • Heydon Pickering shares tips on writing less code5 to make your developer life easier. Something we all should remember.

Tools & Workflows Link

  • Nucleus96 is certainly not the first living style guide generator but it’s still worth sharing. The Node.js module fits into existing projects, follows the Patternlab splitting by default, and has a nice layout where you easily find the things you’re looking for.
  • If you ever lost a stash in git, here are a few tips on how to recover dropped stashes7.
Nucleus8
Nucleus96 is a living style guide generator that fits in well in both new and existing projects.

Security Link

  • Matthew Green asks himself if Apple’s cloud key vault is a crypt backdoor10. In his explanatory answer, he shares why Apple’s method of using Hardware Security Modules is pretty clever and maybe worth learning more about if you’re interested in storing sensitive user data behind weak user-set passwords.
  • Using social engineering by pretending to be a valid website in the URL bar is easy with the RTL feature of Chrome and Firefox and this little trick11. I’m sure this type of attack is successful since most normal users do check if a URL is correct but they can’t see anything bad in it. A good reminder that we need to find better ways to let users know that the URL they visit is safe.
  • When we look into the source code of forms at github.com, we’ll find some interesting markup in there12. Its purpose: preventing XSS attacks. In this blog post we can learn about the tricks that GitHub uses13 to maximize the security of their web application.
  • Troy Hunt wraps up how our personal data is usually leaked14 and why security is a design process, not only an implementation process. Also a good primer on how to design a password recovery feature.
Address bar spoofing15
Who’s really behind the URL? Ray Baloch uncovers an address bar spoofing vulnerability16 in Chrome and Firefox. (Image credit: Rafay Baloch17)

Web Performance Link

  • Nolan Lawson wrote about the cost of small modules18, analyzing how much code is used when you build your codebase with a lot of small modules. The article reveals interesting stats and compares modern minifiers and JavaScript bundlers, as well as execution times of such bundles in various browsers.

JavaScript Link

Work & Life Link

Going Beyond… Link

  • Bill Gates shares what he learned from his school teacher24 and how only later he realized that students should ask teachers more questions. If we ask more, we will learn from others. It’s always harder to proactively communicate knowledge to other people than being asked for it.
  • Phillip Rogaway shares a paper on “The Moral Character of Cryptographic Work25” (PDF). An interesting read on the shift of power and why cryptography is often a political tool that demands high morals and ethical fundamentals of those who build it. Anyone who ever discussed the topic of morals and ethics in science should read this.

And with that, I’ll close for this week. If you like what I write each week, please support me with a donation26 or share this resource with other people. You can learn more about the costs of the project here27. It’s available via email, RSS and online.

— Anselm

Footnotes Link

  1. 1 https://www.smashingmagazine.com/2016/12/front-end-performance-checklist-2017-pdf-pages/
  2. 2 https://www.smashingmagazine.com/2017/01/styled-components-enforcing-best-practices-component-based-systems/
  3. 3 https://www.smashingmagazine.com/2016/02/making-a-service-worker/
  4. 4 https://www.smashingmagazine.com/2016/12/mistakes-developers-make-when-learning-design/
  5. 5 http://www.heydonworks.com/article/on-writing-less-damn-code
  6. 6 https://holidaypirates.github.io/nucleus/
  7. 7 https://stackoverflow.com/questions/89332/how-to-recover-a-dropped-stash-in-git/7844566
  8. 8 https://holidaypirates.github.io/nucleus/
  9. 9 https://holidaypirates.github.io/nucleus/
  10. 10 http://blog.cryptographyengineering.com/2016/08/is-apples-cloud-key-vault-crypto.html?m=1
  11. 11 http://www.rafayhackingarticles.net/2016/08/google-chrome-firefox-address-bar.html
  12. 12 https://chloe.re/2016/07/19/protect-against-html-extraction/
  13. 13 https://chloe.re/2016/08/15/lets-look-at-some-of-the-security-at-github/
  14. 14 https://www.troyhunt.com/website-enumeration-insanity-how-our-personal-data-is-leaked/
  15. 15 http://www.rafayhackingarticles.net/2016/08/google-chrome-firefox-address-bar.html
  16. 16 http://www.rafayhackingarticles.net/2016/08/google-chrome-firefox-address-bar.html
  17. 17 http://www.rafayhackingarticles.net/2016/08/google-chrome-firefox-address-bar.html
  18. 18 https://nolanlawson.com/2016/08/15/the-cost-of-small-modules/
  19. 19 http://blog.mgechev.com/2016/08/14/ahead-of-time-compilation-angular-offline-precompilation/
  20. 20 https://medium.com/@addyosmani/offline-storage-for-progressive-web-apps-70d52695513c
  21. 21 https://developers.google.com/web/fundamentals/primers/shadowdom/
  22. 22 https://shift.newco.co/how-a-single-conversation-with-my-boss-changed-my-view-on-delegation-and-failure-ae5376451c8d
  23. 23 http://zenhabits.net/walk/
  24. 24 https://www.gatesnotes.com/Education/A-Teacher-Who-Changed-My-Life
  25. 25 http://web.cs.ucdavis.edu/~rogaway/papers/moral-fn.pdf
  26. 26 https://wdrl.info/donate
  27. 27 https://wdrl.info/costs/

↑ Back to top Tweet itShare on Facebook

is a freelance front-end developer and architect and cares about sustainable front-end experiences and ethical choices in life. He curates the WDRL, a weekly handcrafted web development newsletter that thousands of developers love, subscribe to, and donate for.

  1. 1

    Michel Parpaillon

    August 23, 2016 11:02 am

    Thanks for your work Anselm

    1
  2. 2

    This article gives a good ideas for developing a website more innovative ,this post gives useful messages for us to develop a website ,in our site also provides a innovative and interactive web and app development services
    if you want more ideas refer our site web and app development thanks for sharing your ideas.

    0

↑ Back to top