|
Lumpy posted:I think I can speak for all Mac users when I say "There's Edge for OS X? Why?" Oh trust me, I hear you. minato posted:I don't know the answer, but even if it was a good enough replacement, how would you know if/when that no longer becomes the case? It may be worth throwing money at a tooling like https://www.browserstack.com/ My company already provides me with a BrowserStack account (which I use), but it's slow/a pain in the rear end to debug things when streaming a browser across the ol' interwebs vs. using a browser on my actual dev machine.
|
#
?
Oct 12, 2022 15:14
|
|
|
|
| # ? May 16, 2024 18:28 |
|
|
How granular do you need to be with this QA? I've always just assumed that because Edge uses Chromium under the hood, I'd be fine by just checking Chrome.
|
|
#
?
Oct 12, 2022 15:26
|
|
|
Can we just all agree we will not be testing our sites on those stupid folding phones nor will we be fixing any display bugs on them?
|
|
#
?
Oct 12, 2022 15:30
|
|
|
kedo posted:A question for the front-end devs out there – for browser testing purposes, is the MacOS version of Edge close enough to the Windows version that I could just do my Edge testing on MacOS and ignore my Windows environment almost entirely? There are going to be differences. A big one is the way scroll bars look/work on OSX vs Windows. Depending on how pixel perfect you need to be and how much you value your windows users, I second the suggestions to look at Browserstack or a similar tool
|
|
#
?
Oct 12, 2022 15:31
|
|
|
Ah yes... scrollbars. I always forget about those. That's a good enough reason for me to continue using Browserstack. Dang. Thanks for the brainpower, goons.
|
|
#
?
Oct 12, 2022 16:10
|
|
|
prom candy posted:Can we just all agree we will not be testing our sites on those stupid folding phones nor will we be fixing any display bugs on them? Sir roughly 4% of people use stupid folding phones. That's 4% profit you're potentially wasting.
|
|
#
?
Oct 12, 2022 19:37
|
|
|
Vincent Valentine posted:Sir roughly 4% of people use stupid folding phones. That's 4% profit you're potentially wasting. no loving way, really? i've never seen someone using one
|
|
#
?
Oct 12, 2022 20:17
|
|
|
Vincent Valentine posted:Sir roughly 4% of people use stupid folding phones. That's 4% profit you're potentially wasting. But none those people have iPhones so it’s really like 0.01% revenue
|
|
#
?
Oct 13, 2022 00:35
|
|
|
prom candy posted:no loving way, really? i've never seen someone using one No, I made the number up. I was trying to roleplay as the product management guy who wants some extremely esoteric thing supported and gives a number on how much money we're losing by not supporting it and it's clearly untrue because as the guy above me said, the type of device massively dictates how much someone is spending.
|
|
#
?
Oct 13, 2022 05:13
|
|
|
Vincent Valentine posted:No, I made the number up. I was trying to roleplay as the product management guy who wants some extremely esoteric thing supported and gives a number on how much money we're losing by not supporting it and it's clearly untrue because as the guy above me said, the type of device massively dictates how much someone is spending. Okay thank god, I was worried they were actually catching on
|
|
#
?
Oct 13, 2022 05:25
|
|
|
Kind of getting off topic but the ads for the flip phones are even more confusing than the phones themselves. I don't want a phone that folds and won't fit in my pocket, that sounds super dumb. But the ads don't tell me why I would want one, they just say "well obviously you want one, just go get one!". I don't understand!!!
|
|
#
?
Oct 13, 2022 14:13
|
|
|
camoseven posted:Kind of getting off topic but the ads for the flip phones are even more confusing than the phones themselves. I don't want a phone that folds and won't fit in my pocket, that sounds super dumb. But the ads don't tell me why I would want one, they just say "well obviously you want one, just go get one!". I don't understand!!! 
|
|
#
?
Oct 13, 2022 14:59
|
|
|
camoseven posted:I don't want a phone that folds and won't fit in my pocket, camoseven posted:But the ads don't tell me why I would want one Maybe the ads aren't for you.
|
|
#
?
Oct 13, 2022 17:22
|
|
|
The Dave posted:Maybe the ads aren't for you. That can't be right, I'm a white American male between the ages of 18 and 35
|
|
#
?
Oct 13, 2022 17:30
|
|
|
Oh drat fair enough, my apologies.
|
|
#
?
Oct 13, 2022 17:36
|
|
|
Flip phones own and if they don't fit in your pants then you're a weirdo who wears skinny jeans in 2022
|
|
#
?
Oct 16, 2022 20:14
|
|
|
One of my clients forwarded a spam email they got warning that their site is vulnerable to "clickjacking" and that they need to add an "iframe destroyer" to the site header. How much is this an actual thing? Do I need to do it?
|
|
#
?
Oct 17, 2022 10:47
|
|
|
fuf posted:spam email 
|
|
#
?
Oct 17, 2022 11:04
|
|
|
Is clickjacking a theoretically possible attack? Yes, it absolutely is. Can someone meaningfully target your site with it to do something beneficial to them? That depends. But it's really trivial to add an X-Frame-Options header or whatever, so if there are any privileged actions on your site that would be bad if they were triggered by an unauthenticated attacker then I'd probably just add it instead of burning a lot of time trying to quantify the exact impact. If the spam email tells you add a script tag pointing at their special "iframe destroyer" js file then obviously do not do that.
|
|
#
?
Oct 17, 2022 11:30
|
|
|
spam email was maybe too strong but you know, one of those "dear sir we have found vulnerabilities on your website" emails.Jabor posted:if there are any privileged actions on your site that would be bad if they were triggered by an unauthenticated attacker There's a link to the login page of one of their internal systems, so I guess it would be bad if that link got ~clickjacked~, but seems very unlikely. But yeah I guess I'll just add code:Is it gonna break any legitimate uses? This is a standard WordPress site.
|
|
#
?
Oct 17, 2022 11:51
|
|
|
fuf posted:But yeah I guess I'll just add That header tells well behaved browsers not to load YOUR site in an iframe. So whether or not that would break something depends on if someone is relying on doing that.
|
|
#
?
Oct 17, 2022 13:31
|
|
|
fuf posted:spam email was maybe too strong but you know, one of those "dear sir we have found vulnerabilities on your website" emails. It'll only break if your WordPress site loads itself in an iframe at some point. I think Content-Security Policy (csp) headers are the contemporary way to do this rather than X-Frame-Options. It's not deprecated, but made obsolete. CSP headers are a bit more complicated because you need to figure out where everything loads from scripts, styles, images, video/audio, frames, downloads, etc... rather than only for X-Frame-Options. Not having CSP will probably get the site flagged by automated audits.
|
|
#
?
Oct 17, 2022 15:34
|
|
|
fuf posted:One of my clients forwarded a spam email they got warning that their site is vulnerable to "clickjacking" and that they need to add an "iframe destroyer" to the site header. How much is this an actual thing? Do I need to do it? This is probably a beg bounty. More info here: https://www.troyhunt.com/beg-bounties/ The gist of it is someone runs a bot looking for pages without a frame/csp header, sends an email warning you of a "vulnerability" (which is totally benign) and if you respond they'll then beg for compensation. spacebard posted:It'll only break if your WordPress site loads itself in an iframe at some point. It does when you (or another wordpress site!) embeds a post.
|
|
#
?
Oct 18, 2022 08:53
|
|
|
Any suggestions for a nice audio player? I've got a client who wants to play MP3 files with something that resembles an audio player app floating at the bottom of the page (album art, play/pause button). Fast forward/rewind would be nice. I haven't looked into this in a long time, anything nice I can pop in as a starting point and customize? Edit: howlerjs looks nice.
|
|
#
?
Oct 19, 2022 15:28
|
|
|
Why does there seem to be a trend to move away from client-based single page apps towards server-side rendering that returns static html to the client, for example with Next.js?
|
|
#
?
Oct 25, 2022 22:10
|
|
|
America Inc. posted:Why does there seem to be a trend to move away from client-based single page apps towards server-side rendering that returns static html to the client, for example with Next.js? web development, like fashion, is circular, and trends come back but honestly SSR with view libraries like react has become 1000x easier with things like next and really there's no reason to not start learning SSR again. concepts like loading spinners and less-optimized SEO becoming a bad side-effect of a SPA-based website is reason enough to stop making SPAs teen phone cutie fucked around with this message at 00:37 on Oct 26, 2022 |
|
#
?
Oct 25, 2022 22:14
|
|
|
Me rewriting all my 1997-rear end Perl CGI sites in modern frameworks but changing nothing about the architecture because I think it's funny:
|
|
#
?
Oct 26, 2022 00:07
|
|
|
America Inc. posted:Why does there seem to be a trend to move away from client-based single page apps towards server-side rendering that returns static html to the client, for example with Next.js? MPAs became hard to manage when expectations for interactivity went up. Building complex pages with imperative jQuery was really difficult because you'd get yourself into impossible states frequently. Plus if you needed to be able to refresh the page and have everything right where it was it meant a lot of duplication between client side code and server side code. When React came around a lot of us were just really psyched about the interfaces we could build and we realized if we just went fully into front end we could eliminate the duplication. However, SPAs have a lot of downsides. They suck for SEO, they send a lot of JS over the wire, and they offload a lot of rendering energy to your cell phone battery. So now it's been a gold rush to build an SSR framework that can give us the best of both worlds. Some of the stuff that Next showed off today, like keeping a search box filled in even when you clicked a link to a different sub page would have been a pain in the rear end with the MPA tools of yore. They're doing poo poo that bridges client and server and seemingly delivers the UX that's expected now while still being able to server render.
|
|
#
?
Oct 26, 2022 05:51
|
|
|
Fundamentally it's an attempt to get the best of both worlds, with "It's Just Static HTML" for anything that doesn't need to be interactive (ideally with progressive enhancement functionality using, e.g. old-fashioned forms but there's still a lot of holes in that), client-side handling for interactive elements, and for it to all happen in a single framework, language, and app structure with minimal data going over the wire. It just all gets really complicated fast because (a) browsers are poo poo and take decades to add even basic UI functionality and (b) UI/UX data flow is inherently really complicated and that gets even worse when you add navigation state to it.
|
|
#
?
Oct 26, 2022 22:42
|
|
|
prom candy posted:MPAs became hard to manage when expectations for interactivity went up. Building complex pages with imperative jQuery was really difficult because you'd get yourself into impossible states frequently. Plus if you needed to be able to refresh the page and have everything right where it was it meant a lot of duplication between client side code and server side code. Can confirm on the pain of SPAs. Currently working on a 'legacy' app built as a React SPA, basically a web portal for developers. The amount of browser resources this thing takes for the amount of functionality/content of the web app is insane. Currently migrating to a MPA via NextJS, all is well with the transition.
|
|
#
?
Oct 27, 2022 00:07
|
|
|
MacMillan posted:Can confirm on the pain of SPAs. Currently working on a 'legacy' app built as a React SPA, basically a web portal for developers. The amount of browser resources this thing takes for the amount of functionality/content of the web app is insane. Currently migrating to a MPA via NextJS, all is well with the transition. Nice, I haven't used Next a ton but I'm currently rewriting our main web app (SPA with React Router) as a React Native app and then I'm hoping to use Solito and React Native Web to make a cross platform monorepo where I share like 95% of the code between RN and NextJS. If I can pull it off I'm going to feel like a genius.
|
|
#
?
Oct 27, 2022 05:58
|
|
|
So I have what is probably a common question. I want to build a web front end for a CRUD REST API that I also built. As some background, my background is in the operations side of IT, but I also have a CS degree and can pick up programming things easily, so I built a REST API using Python's FastAPI that we use in my org for managing our infrastructure. FastAPI was great because it let me focus purely on the logic of my app and FastAPI did a lot of the work for me. It's an API because we have automated systems that interact with it programmatically, but humans also need to view and update the data, hence the front end. A benefit of doing the work in FastAPI/Python is that this is built for and by operations people, and operations people are more likely to be comfortable with Python than other languages. So, I'm really not sure where I should be looking as far as a tool to build this with. My instinct is to look at something like React, but that also seems like a very heavy solution, and something that would be hard for someone else to pick up and modify. Other than me, generally speaking, the maintainers of this would be people from an "operations" background rather than a "development" background, so javascript/react skills are not something that they would be regularly exercising. I have some experience with Python's flask, and I could write something where the flask app queries the API, renders a page, and sends it to the browser. But there's still going to be a lot of HTML and still some javascript involved there, so there's going to be a skills gap with "operations" people no matter what. I'm happy to research and learn something new, I'm just having trouble even pinning down in what direction I should be looking, especially for something that feels like it should be a somewhat common use case?
|
|
#
?
Oct 27, 2022 21:22
|
|
|
As someone who got paid to write terrible SPAs that run on internal enterprise networks, I would really take a look Retool. It fits your use case perfectly, but there per user pricing is a no go for some places.
|
|
#
?
Oct 27, 2022 22:12
|
|
|
Had to do a Required Learning on what to do in the event of an active shooter situation. I'm a remote employee. I still had to answer questions like, where is your nearest escape vector. What is nearby that you could use as a weapon if all else fails. I found out that my boss had to review what I wrote, and "Novelty Sword" was an unwise answer. Also, the video opened with "You will likely not need to follow COVID protocols in this situation" and I wanted to laugh so bad at the sheer absurdity of that, but man, that really did drive home the truly dreadful state we find ourselves in.
|
|
#
?
Oct 28, 2022 07:16
|
|
|
Calidus posted:As someone who got paid to write terrible SPAs that run on internal enterprise networks, I would really take a look Retool. It fits your use case perfectly, but there per user pricing is a no go for some places. Yeah, I've looked at Retool in the past for a similar case and scope, basically where we need to grant access to over 1000 people to the form or tool, but only a handful of them will actually use it in any given time period, and actual usage would be pretty low, so their pricing would pretty quickly destroy us. I'm also not sure I could even get leadership on board with even the potential of spending money to try and open a channel to sales to see if they can work out some pricing that works for us. I spent some more time looking at React and the like and I'm pretty sure that's not the direction I want to go now, as I think the mental leap to building an SPA based on our existing skillsets is probably too high. I think in the end I'm probably looking for something much closer to static HTML with some javascript using the fetch() method to get the data. I'm once again leaning towards Flask or Starlette to build this out, mostly using that backend to handle some authentication and long term session storage, and then mostly just spitting out raw HTML that uses something like Bootstrap to render elements in a pretty way.
|
|
#
?
Oct 28, 2022 20:16
|
|
|
All this talk about SPAs out of fashion in favor of again MPAs clears up my confusion when I asked how to make the 'back button' faster in my SPA the answer was basically "just load it all from the server"
|
|
#
?
Oct 28, 2022 22:06
|
|
|
America Inc. posted:Why does there seem to be a trend to move away from client-based single page apps towards server-side rendering that returns static html to the client, for example with Next.js? I think if I wasn't writing another spa thank you God, I'd probably absolutely just use mustache and love my life again. Why would anyone think server side rendering of a react app sounds good. That is nonsense I refuse to take part in the madness. Even on Halloween.
|
|
#
?
Oct 31, 2022 21:57
|
|
|
Glad to see the web "development" community is catching up to my 2011 jank method of using a serverside php framework to generate a static site and push up the resulting html to prod upon change.
|
|
#
?
Oct 31, 2022 22:27
|
|
|
Nolgthorn posted:Why would anyone think server side rendering of a react app sounds good. All the benefits of SSR but then also the benefits of client-side React once it's hydrated
|
|
#
?
Nov 1, 2022 01:58
|
|
|
|
| # ? May 16, 2024 18:28 |
|
|
prom candy posted:All the benefits of SSR but then also the benefits of client-side React once it's hydrated Yeah, I'm actually working on an SSR NuxtJS webapp right now and I just noticed that you can literally browse it fine without Javascript enabled. It's pretty great and has defeated my curmudgeonly attitude towards SPAs in general.
|
|
#
?
Nov 1, 2022 02:50
|
|