Skip to main content
CSS is fun and cool and I like it.
Article

HTTPS is Easy!

I’ve been guilty of publicly bemoaning the complexity of HTTPS. In the past, I’ve purchased SSL certificates from third-party vendors and had trouble installing them. I’ve had certificates expire and had to scramble to fix them. I’ve had to poke and prod hosting companies to help me ensure things were going to renew correctly, and left unsatisfied.

But I’d say in the last few years, this has really chilled out. CSS-Tricks went HTTPS around five years ago, so we’re well … Read article “HTTPS is Easy!”

Article

Weekly Platform News: Upgrading Navigations to HTTPS, Sale of .org Domains, New Browser Engine

In this week’s roundup: DuckDuckGo gets smarter encryption, a fight over the sale of dot org domains, and a new browser engine is in the works.

Let’s get into the news!… Read article “Weekly Platform News: Upgrading Navigations to HTTPS, Sale of .org Domains, New Browser Engine”

Article

Weekly Platform News: Impact of Third-Party Code, Passive Mixed Content, Countries with the Slowest Connections

In this week’s roundup, Lighthouse sheds light on third-party scripts, insecure resources will get blocked on secure sites, and many country connection speeds are still trying to catch up to others… literally.


Measure the impact of third-party code during page load

Lighthouse, Chrome’s built-in auditing tool, now shows a warning when the impact of third-party code on page load performance is too high. The pre-existing “Third-party usage” diagnostic audit will now fail if the total main-thread blocking time caused by … Read article “Weekly Platform News: Impact of Third-Party Code, Passive Mixed Content, Countries with the Slowest Connections”

Link

Secure Contexts Everywhere

Article

Content Security Policy: The Easy Way to Prevent Mixed Content

I recently learned about a browser feature where, if you provide a special HTTP header, it will automatically post to a URL with a report of any non-HTTPS content. This would be a great thing to do when transitioning a site to HTTPS, for example, to root out any mixed content warnings. In this article, we’ll implement this feature via a small WordPress plugin.… Read article “Content Security Policy: The Easy Way to Prevent Mixed Content”

Article

Just Another HTTPS Nudge

I was strongly reminded about the scariness of non-secure websites the other day.

I’m using Xfinity as an internet service provider, and they give you a device that is both a cable modem and a router.

Here’s a tiny bit of backstory. I use a VPN, and I discovered that in using their modem directly, the VPN wouldn’t work. I’m not sure why. I didn’t dig into it very far, because I have a modem of my own I’d prefer … Read article “Just Another HTTPS Nudge”