I've been dying to share this for weeks now… Introducing the page transition API!
It's still in-development, but you can play with it today. I'm really happy with where this API is heading. I hope you like it too!
HTTPS = "Is the response untampered & from the expected sender?"
CORS = "Can I access the content of this resource?"
CSP = "Only allow requests that look like this…"
SRI = "Only allow content that looks like this…"
CORB = "Don't allow my data into another origin's process"
If people with "unlimited" time off tried to actually take unlimited time off, they'd quickly discover what they actually have is "undefined" time off.
scoop: Microsoft employees are getting unlimited time off. Microsoft will no longer require US employees to formally record vacation later this month, and they're getting a payout for any unused days. Details here:
@Joanna__Hardy
Although the best one is when she woke me up, shaking me and shouting my name again and again.
Her: JAKEJAKEJAKEJAKEJAKE
Me: What? What is it?
Her: I think we should go to sleep now [rolls over and starts snoring]
Big life update: I've resigned from Google to take on an exciting new role. I'll share more details soon, but first, a nice long break between jobs 😴 …
Today's my first day as an engineer at
@Shopify
😀
Getting the band back together with
@DasSurma
and
@_developit
, and looking forward to meeting lots of new folks.
🎥 How the event loop works.
➡️ How stuff gets from other threads into JS.
➡️ Why infinite loops block rendering.
➡️ Why setTimeout loops don't.
➡️ rAF vs setTimeout.
➡️ Is rAF before or after paint?
➡️ When microtasks happen.
I got myself into a mess with some code on Friday, couldn't finish it. Deadline is Monday. It's been stressing me out all weekend.
Just sat down in a tired, slightly hungover state, and fixed it all like it was the easiest thing in the world.
WHY IS CODING LIKE THIS??
📝 How to win at CORS! Not just how CORS works, but also the history and reasons behind it.
Includes the hot new app everyone's talking about: The CORS playground!
It still seems weird to me that Prettier will turn <br> into <br />.
The / is there from XHTML - a standard that became redundant in the late 2000s.
The space before the / is there for compatibility with Netscape Navigator 4 - an engine that was dropped in the late 90s.
Huge congratulations to the Edge team for shipping service workers. With that, service workers are available in *all* modern browser engines.
And thanks to
@abraham
for this PR to …
Customer: Can I see the menu?
Waiter: One moment…
*time passes*
Customer: What's taking so long?
Waiter: Oh, we can't give you the menu until we've prepared one of each dish. Then, when you choose, we'll be able to give you it *instantly*.
Don't let websites launch like this.
I got my first paid web job in 2004.
In 2007 my JS was running on most BBC pages.
In 2008 I gave my first talk.
In 2012 I wrote about appcache.
In 2013 I got involved with Service Workers.
…In 2018 I shared a link to localhost.
Phases of coding:
1️⃣ My code looks like something from a "beginners' JavaScript" book, because that's all I know.
2️⃣ I know things, and I want those who see my code to realise I'm a great knower of things.
3️⃣ I want my code to look like it's from a "beginners' JavaScript" book.
📝 When avoiding <img> layout shifts, what's best? aspect-ratio, or width & height attributes?
There's some misinformation & misunderstanding around this stuff, so here's a bunch of demos and spec digging to explain how it works.
📝 Who has the fastest website in F1? A deep-dive on:
🏁 How to test for performance.
🏁 How to interpret WebPageTest results.
🏁 How to optimise images.
🏁 Analysing code coverage.
🏁 How to avoid common performance pitfalls.
📝 Introducing Background Fetch.
➡️ Perform long-running fetches in the background.
➡️ Hear about the result in your service worker.
➡️ User can see progress and pause/cancel.
Demo & docs:
This is a huge bug. On OSX, Safari users can (temporarily) switch to another browser to avoid their data leaking across origins. iOS users have no such choice, because Apple imposes a ban on other browser engines.
🎉 SPA view transitions have landed in stable Chrome!
But, this is just the start! We've got more view transition features planned. Here's what we're looking at next:
Whenever I need to clamp a number between a `min` and a `max`, it takes me ages to convince myself this implementation is correct.
But yeah, it's easy! I just want the min of the max of the num and the min and the max.
📝 Don't use functions as callbacks unless they're designed to be callbacks, and the same goes for option objects!
It might work fine today, but could break in the future.
Through a multi-step process, an individual took the records of at least three educators, decoded the HTML source code, and viewed the SSN of those specific educators.
We notified the Cole County prosecutor and the Highway Patrol’s Digital Forensic Unit will investigate.
📝 Third party CSS is not 'safe'.
➡️ Yes, in some situations CSS can 'keylog' password fields, but it's the tip of the iceberg.
➡️ Don't use third party content you don't trust.
TIL ResizeObserver & IntersectionObserver need to be manually disconnected, else they leak memory through their callback.
This happens in all browsers.
MutationObserver and event listeners don't have this issue.
Make sure you manually disconnect resize/intersection observers!
@svpino
Nah, this is silly. They may have gotten the info they need from many other sources.
When I ask "any questions for me?" I also say "I don't factor this into my rating. You don't get points for smart questions, you don't lose points for 'dumb' questions - it's entirely for you"
📝 New post! I stumbled across a serious browser security bug & I can finally talk about it. The post covers:
➡️ An exciting new logo.
➡️ Range requests.
➡️ "No-cors" requests.
➡️ Sneaking past origin security.
➡️ The importance of standards.
We're baaaaaack! Me and
@DasSurma
have a new podcast: Off The Main Thread! (google wouldn't let us have the other name, whatever)
In this episode,
@DasSurma
talks through the architecture of GPUs, and I look at browser 'ideologies' over the past decade.
Me, when asked to do something I don't really believe in:
Aged 18-25: Yes absolutely!
25-35: I'm really sorry, I don't think that really fits in with the theme & direction of the project.
35+: No.
Front-end Software Engineers -
Don't list HTML first on the Skills section of your resume!
HTML is an assumed skill
(if you're applying for a FE web development role).
Put your unique skills first.
1. React
2. TypeScript
3. AWS
@johnmcdonnellMP
*polls show public want to remain in EU*
Ah yes, that must mean you want Brexit.
*polls show public think the referendum was a mistake*
Ah yes, that must mean you want Brexit.
*huge losses for Brexit-supporting parties vs remain*
Yes, you want Brexit. Message received.
I feel like CSS modules are overlooked in the whole CSS vs JS debate.
➡️ You write .css files
➡️ Can use preprocessors like Sass
➡️ Encourages flatter CSS (like BEM and similar conventions)
➡️ But you can still use the cascade
➡️ Unique class names
➡️ Tree-shaking
➡️ .css output
📝 How to correctly encode data for POST requests.
GitHub Copilot gets this wrong, so here's how to get it right. Also covers some tricks with URLSearchParams, and FormData.
For those of you who weren't around back then: "web 2.0" was this nebulous thing championed by grifters and influencers. Everyone who actually understood web tech considered it a joke.
This web3 stuff is _on brand_.
🎮
If you like minesweeper, you'll like this. Because it's the same.
➡️ 20k to interactive.
➡️ Also works on $15 KaiOS phones.
➡️ Keyboard & screen reader accessible.
Had a lot of fun building this! What are your fastest times?
Has web dev grifting suddenly gotten worse or is Twitter just putting it in my timeline more?
Loads of fancy graphics full of misinformation like "the event loop is like a while loop except it fires an event 🎉. Sign up to my course!" and the guy has like 300k followers.
I don't understand the hate for this.
A single script that builds differently for the server and client is great.
A thing that turns a function into a URL is cool.
formAction is a web standard, and accepts a URL.
The sql template tag is a smart way to prevent injection.