Skip to main content
CSS is fun and cool and I like it.

Articles Tagged security

It takes as much energy to wish as it does to plan. Eleanor Roosevelt
17 Articles
{
,

}
Article

HTTPS is Easy!

Avatar of Chris Coyier
Author
Chris Coyier

I’ve been guilty of publicly bemoaning the complexity of HTTPS. In the past, I’ve purchased SSL certificates from third-party vendors and had trouble installing them. I’ve had certificates expire and had to scramble to fix them. I’ve had to poke and prod hosting companies to help me ensure things were going to renew correctly, and left unsatisfied.

But I’d say in the last few years, this has really chilled out. CSS-Tricks went HTTPS around five years ago, so we’re well … Read article “HTTPS is Easy!”

Link

“Link In Bio” is a slow knife

Avatar of Chris Coyier
Shared by
Chris Coyier

Anil Dash:

If Instagram users could post links willy-nilly, they might even be able to connect directly to their users, getting their email addresses or finding other ways to communicate with them. Links represent a threat to closed systems.

On CodePen, we have a TextExpander snippet we use for every single Instagram post we schedule through Buffer and it expands to this:

Looking for the code? It’s open-source on CodePen, follow the link 🔗 in our profile and find

Read article ““Link In Bio” is a slow knife”
Our Notes   /   Read at anildash.com
Article

Detecting Inactive Users

Avatar of Mateusz Rybczonek
Author
Mateusz Rybczonek

Most of the time you don’t really care about whether a user is actively engaged or temporarily inactive on your application. Inactive, meaning, perhaps they got up to get a drink of water, or more likely, changed tabs to do something else for a bit. There are situations, though, when tracking the user activity and detecting inactive-ness might be handy.

Let’s think about few examples when you just might need that functionality:

  • tracking article reading time
  • auto saving form or
Read article “Detecting Inactive Users”
Article

Weekly Platform News: Upgrading Navigations to HTTPS, Sale of .org Domains, New Browser Engine

Avatar of Šime Vidas
Author
Šime Vidas

In this week’s roundup: DuckDuckGo gets smarter encryption, a fight over the sale of dot org domains, and a new browser engine is in the works.

Let’s get into the news!… Read article “Weekly Platform News: Upgrading Navigations to HTTPS, Sale of .org Domains, New Browser Engine”

Article

CSS Security Vulnerabilities

Avatar of Chris Coyier
Author
Chris Coyier

Don’t read that headline and get worried. I don’t think CSS is a particularly dangerous security concern and, for the most part, I don’t think you need to worry about it.

But every once in a while, articles tend to circulate and get some attention as to the possibilities of what CSS can do that might surprise or worry you.

Here’s a little roundup.… Read article “CSS Security Vulnerabilities”

Link

Firefox blocks third-party tracking cookies and cryptominers

Avatar of Robin Rendle
Shared by
Robin Rendle

This is super interesting stuff from Mozilla: the most recent update of Firefox will now block cryptominers and third-party tracking scripts by default.… Read article “Firefox blocks third-party tracking cookies and cryptominers”

Our Notes   /   Read at blog.mozilla.org
Link

What I Like About Vue

Avatar of Robin Rendle
Shared by
Robin Rendle

Dave Rupert digs into some of his favorite Vue features and one particular issue that he has with React:

I’ve come to realize one thing I don’t particularly like about React is jumping into a file, reading the top for the state, jumping to the bottom to find the render function, then following the method calls up to a series other sub-rendering functions only to find the component I’m looking for is in another castle. That cognitive load is taxing

Read article “What I Like About Vue”
Our Notes   /   Read at daverupert.com
Article

Zoom, CORS, and the Web

Avatar of Chris Coyier
Author
Chris Coyier

It’s sorta sad by funny that that big Zoom vulnerability thing was ultimately related to web technology and not really the app itself.

There is this idea of custom protocols or “URL schemes.” So, like gittower:// or dropbox:// or whatever. A native app can register them, then URLs that hit them get passed to the native app. iOS has “universal links” which are coming to the web apparently. (Atishay Jain has an excellent write-up on them.) But … Read article “Zoom, CORS, and the Web”

Article

Weekly Platform News: Favicon Guidelines, Accessibility Testing, Web Almanac

Avatar of Šime Vidas
Author
Šime Vidas
In this week's news, Google defines guidelines for favicons, a new a11y testing tool from The Paciello Group, and changes to how the W3C plans to engage the community, plus more.
Article

Weekly Platform News: PWA Issue on iOS, Performance Culture, Anti-Tracking in Browsers

Avatar of Šime Vidas
Author
Šime Vidas
In this week's news: resolving an issue when restarting progressive web apps in iOS, why The Telegraph now vets all scripts before they make it to their codebase, and Microsoft plans to add tracking prevention to the Edge browser.