Web Development Reading List #166: Efficient Docker, CSP Learnings, And JavaScript’s Global Object

What fuels your work? What fuels your mind? What do you do on a non-productive day or when you’re sad? Nowadays, I try to embrace these times. I try to relax and not be angry at myself for not being productive.

And the fun fact about it? Well, most of the times when I could convince my mind that not being productive is nothing to feel bad about, things take a sudden turn: I get my ideas back, my productivity rises and, in effect, I even achieve more work than on an average day. It’s important to try to be human.

News Link

• I recently mentioned that most major browsers are blocking certificates from StartCom and WoSign entirely or plan to do so in the future. However, it seems that these certificate authorities still sell certificates¹. Don’t buy from them, their certificates will be useless by next month.

General Link

• Rachel Andrew recently wrote about why it’s important to reframe browser support for websites² and how you can deal with an IE9 supporting website and modern web technologies at the same time.

Tools & Workflows Link

• Harry Roberts shares why he prefers to use ack over grep in the command line³ to search for strings or regular expressions in files.
• Many of our projects are using Docker nowadays. But many Dockerfiles are written inefficiently, especially if you’re using npm. David Weinstein shares why you should use caching to improve the performance of your Docker container⁴.
• Tobias Tom explores Docker and explains from scratch how to use it⁵, including how to clean up your computer when you don’t need the image anymore.

Security Link

• A few months ago, Github shared their learnings from using the Content Security Policy at github.com⁶. Now they share more learnings in “GitHub’s post-CSP journey⁷”. The focus lies on img-src, form nonces, same-site cookies, and more.
• Whoops. We already knew that fingerprint mechanisms are easy to circumvent due to their design. However, with high-quality cameras on most smartphones, researchers now warn that your fingerprint could get stolen when you flash a ‘peace’ sign in a photo⁸. This type of attack is pretty similar to what the speaker Ursel presented at a Chaos Computer Club event in 2014 about iris scan theft from photos⁹.

Web Performance Link

• Scott Jehl shares how they improved and modernized their Progressive Enhancement delivery at Filament Group¹⁰. With HTTP/2, Service Worker, and web app manifests, there are new tools that can speed up delivery of a site non-destructively.

¹¹

Accessibility Link

• ARIA 1.1 was published and there have been some additions to the role attribute¹³. New, for example, are role=term, role=feed, and role=switch.
• Rodney Rehm updated his focus management library ally.js with SVG support and wrote a tutorial on how to manage focus in your SVG code¹⁴.

JavaScript Link

• Chart.js¹⁵ is a nice library that uses subtle animations to draw canvas charts on a page. Mixed chart types are available.
• Stefan Judis wrote about the global object in JavaScript¹⁶, variables and the issues around it. This is not only useful for people with beginner or intermediate JavaScript knowledge but also for advanced users who want to understand the topic better.
• Todd Motto published an “Angular 2+ Fundamentals¹⁷” video course in which he explains Angular, Typescript, component architecture, and other modern programming concepts.

¹⁸

Work & Life Link

• Raquel Vélez shares six tricks to leading a healthy, productive life²¹.

Going Beyond… Link

• This visual introduction to machine learning²² explains how computers apply statistical learning techniques to automatically identify patterns in data. If you’re not familiar with how machine learning works, this will give you a rough idea.
• As we’ve seen in statistics and data from the NASA before, this is, unfortunately, the truth: 2016 was the hottest year on record²³. The consequences: Nearly a quarter of the Great Barrier Reef died, Canada had to deal with the costliest wildfires ever, and the Arctic sea ice has been at its smallest winter maximum for two years now. And do you remember Hurricane Matthew? Such weather events are mostly driven by the climate change that we’re facing right now, with no trend of change over the upcoming years. Fortunately, there’s something everyone of us can do: The UN shows how we can take action, even from the couch at home²⁴.

And with that, I’ll close for this week. If you like what I write each week, please support me with a donation²⁵ or share this resource with other people. You can learn more about the costs of the project here²⁶. It’s available via email, RSS and online.

— Anselm

Footnotes Link

1. 1 https://ma.ttias.be/despite-revoked-cas-startcom-wosign-continue-sell-certificates/
2. 2 https://www.rachelandrew.co.uk/archives/2017/01/12/browser-support-for-evergreen-websites/
3. 3 http://csswizardry.com/2017/01/ack-for-css-developers/
4. 4 http://bitjudo.com/blog/2014/03/13/building-efficient-dockerfiles-node-dot-js/
5. 5 https://tobiastom.name/explains/docker
6. 6 http://githubengineering.com/githubs-csp-journey/
7. 7 https://githubengineering.com/githubs-post-csp-journey/
8. 8 http://www.japantimes.co.jp/news/2017/01/11/national/crime-legal/researchers-warn-fingerprint-theft-peace-sign/
9. 9 https://www.ccc.de/en/updates/2014/ursel
10. 10 https://www.filamentgroup.com/lab/modernizing-delivery.html
11. 11 https://www.filamentgroup.com/lab/modernizing-delivery.html
12. 12 https://www.filamentgroup.com/lab/modernizing-delivery.html
13. 13 http://www.ssbbartgroup.com/blog/differences-aria-1-0-1-1-additions-role/
14. 14 https://allyjs.io/tutorials/focusing-in-svg.html
15. 15 http://www.chartjs.org/
16. 16 https://www.contentful.com/blog/2017/01/17/the-global-object-in-javascript/
17. 17 https://ultimateangular.com/angular-2-fundamentals
18. 18 https://www.contentful.com/blog/2017/01/17/the-global-object-in-javascript/
19. 19 https://www.contentful.com/blog/2017/01/17/the-global-object-in-javascript/
20. 20 https://www.contentful.com/blog/2017/01/17/the-global-object-in-javascript/
21. 21 https://superyesmore.com/rockbots-6-tricks-to-leading-a-healthy-productive-life-8b553b6c4ac1112787d2d52d3804ea64
22. 22 http://www.r2d3.us/visual-intro-to-machine-learning-part-1/
23. 23 https://www.bloomberg.com/graphics/hottest-year-on-record/
24. 24 http://www.un.org/sustainabledevelopment/takeaction/
25. 25 https://wdrl.info/donate
26. 26 https://wdrl.info/costs/

↑ Back to topTweet itShare on Facebook