Web Development Reading List #166: Efficient Docker, CSP Learnings, And JavaScript’s Global Object
And the fun fact about it? Well, most of the times when I could convince my mind that not being productive is nothing to feel bad about, things take a sudden turn: I get my ideas back, my productivity rises and, in effect, I even achieve more work than on an average day. It’s important to try to be human.
News
- I recently mentioned that most major browsers are blocking certificates from StartCom and WoSign entirely or plan to do so in the future. However, it seems that these certificate authorities still sell certificates. Don’t buy from them, their certificates will be useless by next month.
General
- Rachel Andrew recently wrote about why it’s important to reframe browser support for websites and how you can deal with an IE9 supporting website and modern web technologies at the same time.
Tools & Workflows
- Harry Roberts shares why he prefers to use
ack
overgrep
in the command line to search for strings or regular expressions in files. - Many of our projects are using Docker nowadays. But many Dockerfiles are written inefficiently, especially if you’re using npm. David Weinstein shares why you should use caching to improve the performance of your Docker container.
- Tobias Tom explores Docker and explains from scratch how to use it, including how to clean up your computer when you don’t need the image anymore.
Security
- A few months ago, Github shared their learnings from using the
Content Security Policy
at github.com. Now they share more learnings in “GitHub’s post-CSP journey”. The focus lies onimg-src
, form nonces, same-site cookies, and more. - Whoops. We already knew that fingerprint mechanisms are easy to circumvent due to their design. However, with high-quality cameras on most smartphones, researchers now warn that your fingerprint could get stolen when you flash a ‘peace’ sign in a photo. This type of attack is pretty similar to what the speaker Ursel presented at a Chaos Computer Club event in 2014 about iris scan theft from photos.
Web Performance
- Scott Jehl shares how they improved and modernized their Progressive Enhancement delivery at Filament Group. With HTTP/2, Service Worker, and web app manifests, there are new tools that can speed up delivery of a site non-destructively.
Accessibility
- ARIA 1.1 was published and there have been some additions to the
role
attribute. New, for example, arerole=term
,role=feed
, androle=switch
. - Rodney Rehm updated his focus management library ally.js with SVG support and wrote a tutorial on how to manage focus in your SVG code.
JavaScript
- Chart.js is a nice library that uses subtle animations to draw canvas charts on a page. Mixed chart types are available.
- Stefan Judis wrote about the global object in JavaScript, variables and the issues around it. This is not only useful for people with beginner or intermediate JavaScript knowledge but also for advanced users who want to understand the topic better.
- Todd Motto published an “Angular 2+ Fundamentals” video course in which he explains Angular, Typescript, component architecture, and other modern programming concepts.
Work & Life
- Raquel Vélez shares six tricks to leading a healthy, productive life.
Going Beyond…
- This visual introduction to machine learning explains how computers apply statistical learning techniques to automatically identify patterns in data. If you’re not familiar with how machine learning works, this will give you a rough idea.
- As we’ve seen in statistics and data from the NASA before, this is, unfortunately, the truth: 2016 was the hottest year on record. The consequences: Nearly a quarter of the Great Barrier Reef died, Canada had to deal with the costliest wildfires ever, and the Arctic sea ice has been at its smallest winter maximum for two years now. And do you remember Hurricane Matthew? Such weather events are mostly driven by the climate change that we’re facing right now, with no trend of change over the upcoming years. Fortunately, there’s something everyone of us can do: The UN shows how we can take action, even from the couch at home.
And with that, I’ll close for this week. If you like what I write each week, please support me with a donation or share this resource with other people. You can learn more about the costs of the project here. It’s available via email, RSS and online.
— Anselm
Further Reading
- Why You Should Stop Installing Your WebDev Environment Locally
- Progressive Enhancement Is Faster
- But The Client Wants IE 6 Support!
- The WAI Forward
(mrn)