Web Development Reading List #152: On Not Shipping, Pure JS Functions, And SameSite Cookies

This week’s reading list consists of a lot of little, smart details that you can use on websites. From tweaking the user’s reading experience during page load to pure JavaScript functions and verifying the integrity of external assets. And finally, we see some articles on thinking differently about established working habits — be it working on AI without data or the virtue of not shipping a feature.

Please note that I’ll be on vacation for the next four weeks, so please don’t expect any new Web Development Reading List before October, 7th. Enjoy September, your work, your life!

General Link

• Jason Zimdars explains why not shipping a feature can be a virtue¹. An article about hidden costs and why shipping does not equal success.
• While many think Apple isn’t in the Artificial Intelligence game, this exclusive look gives some insights² into why Apple handles things differently. An interesting read that reveals how Apple tries to do Artificial Intelligence with less user data and without tracking you — contrary to the industry’s big players.

³

Concept & Design Link

• The Web Methodology Project⁶ is a fresh guide to building web projects, and even though it’s still a work in progress, it already looks very useful. So keep an eye on it.

Tools & Workflows Link

• Google’s Closure Compiler is one of the best tools out there to compile JavaScript, but so far has only been available as a Java platform tool. Now, the team released a JavaScript version of Closure Compiler⁷ designed to run in Node.js environments. Available on GitHub⁸ or npm⁹.

Security Link

• It’s now possible to mitigate MIME confusion attacks in Firefox¹⁰ by sending the header X-Content-Type-Options: nosniff to the browsers.
• I’ve already shared some thoughts on using SRI, but now Troy Hunt explains why it’s important to use it right now¹¹ if you reference external third-party scripts, for example jQuery, from its CDN.
• When using cookies on a website, you should set the SameSite option to stop cross-site timing attacks¹².

Accessibility Link

• Mischa Andrews on why making websites and web apps accessible is not super-hard¹³ yet neglected so often and how we can get out of this mess.

¹⁴

JavaScript Link

• André Staltz explains the importance of pure functions¹⁷ in JavaScript.
• React.js comes with its own component model already built-in. However, it can still make sense to use Web Components in React.js¹⁸ applications as they offer some more advantages of the web platform and are a native web standard.

CSS/Sass Link

• Michael Scharnagl shares some neat techniques to reduce content shifting during page load¹⁹ to ensure a smooth reading experience for users. By setting intrinsic ratios for media, font-size-adjust, or new techniques such as scroll anchoring, you can improve the situation enormously.

Work & Life Link

• Mercedes De Luca explains how false urgency harms productivity²⁰.

And with that, I’ll close for this week. If you like what I write each week, please support me with a donation²¹ or share this resource with other people. You can learn more about the costs of the project here²². It’s available via email, RSS and online.

— Anselm

Footnotes Link

1. 1 https://m.signalvnoise.com/not-shipping-is-a-virtue-b880badb623c
2. 2 https://backchannel.com/an-exclusive-look-at-how-ai-and-machine-learning-work-at-apple-8dbfb131932b
3. 3 https://m.signalvnoise.com/not-shipping-is-a-virtue-b880badb623c
4. 4 https://m.signalvnoise.com/not-shipping-is-a-virtue-b880badb623c
5. 5 https://m.signalvnoise.com/not-shipping-is-a-virtue-b880badb623c
6. 6 http://webmethodologyproject.com/guide/
7. 7 https://developers.googleblog.com/2016/08/closure-compiler-in-javascript.html
8. 8 https://github.com/google/closure-compiler-js
9. 9 https://www.npmjs.com/package/google-closure-compiler-js
10. 10 https://blog.mozilla.org/security/2016/08/26/mitigating-mime-confusion-attacks-in-firefox/
11. 11 https://www.troyhunt.com/protecting-your-embedded-content-with-subresource-integrity-sri/
12. 12 https://www.igvita.com/2016/08/26/stop-cross-site-timing-attacks-with-samesite-cookies/
13. 13 https://medium.com/@MischaAndrews/the-inaccessible-web-how-we-got-into-this-mess-7cd3460b8e32
14. 14 https://medium.com/@MischaAndrews/the-inaccessible-web-how-we-got-into-this-mess-7cd3460b8e32
15. 15 https://medium.com/@MischaAndrews/the-inaccessible-web-how-we-got-into-this-mess-7cd3460b8e32
16. 16 http://adamvanwinden.tumblr.com/
17. 17 http://staltz.com/is-your-javascript-function-actually-pure.html
18. 18 http://staltz.com/react-could-love-web-components.html
19. 19 https://www.smashingmagazine.com/2016/08/ways-to-reduce-content-shifting-on-page-load/
20. 20 https://m.signalvnoise.com/its-urgent-really-8050dfe3b921
21. 21 https://wdrl.info/donate
22. 22 https://wdrl.info/costs/

↑ Back to topTweet itShare on Facebook