Security of users’ passwords is one of the most important aspects of developing your web application. Unfortunately, making a good authentication script, which will safely store your data is not a piece of cake. It’s incredibly easy to get it wrong. The best way is not to store passwords at all, but… sometimes you have to. Let’s think how to make it as safe as possible. Read More
Angular 1 has been a phenomenal success in the world of Single-Page Applications (SPA). This was in part due to its simplicity and easy to understand syntax. It was also aided by the fact that it is a Google backed product which instills some level of confidence in developers. After the team at Google decided to come up with version two of the popular framework, they decided to change things drastically. Angular 2 takes a very different approach in building single-page applications. Let this not stop you from diving into it because Angular 2 is geared towards using some of the best tools out there in the industry from some of the most brilliant companies. For example, Angular 2 fully supports typescript as a first class citizen. Even though typescript is not required to use the framework, I must admit that the framework feels easier and more intuitive to use when used with typescript. In addition to that, you tend to write less code. Also, a lot of the examples and blog posts out there are mostly written in typescript, so that alone is a reason to stick to using it when just starting out. Another adoption is the new angular-cli which is based on the already brilliant ember-cli. The command line helps with rapid development and shields you from having to make many small decisions upfront.
In light of that, we will be using typescript and the angular-cli to build a conference browsing application. Read More
If you’ve ever used Microsoft Excel to visualize data into charts and graphs, you’ve probably also encountered some frustration with popular spreadsheet software. The strategic use of accessible data visualization is not only common sense but also provides a significant competitive advantage. There are entire startups dedicated to building Web Applications that create compelling visual representations based off metrics and various KPI’s. Big data isn’t only valuable to accountants and C-Level executives. Metrics can provide insight into a company’s performance but they really shine when you add a layer of interactivity as you visualize your data. Thanks to Mike Bostock, developers now have an Open Source option for crafting Excel-like data visualizations. We can use D3.js for manipulating documents based on our data and visualizing that same data using SVG’s, HTML and CSS.
At the core of D3 we have a framework that allow us to associate any object or array of data with elements on a page, binding them together for further manipulation. Update data and we visually update the object tied to that data within our document, in real time. We can use any number of visualizations to interpret data, display it as a graph, a chart, an eye catching animated SVG, or as patterns and gradients. These are just the most common examples. Once the data and the object are linked, the possibilities of visualizing them are endless. We’ll cover D3.js version 3, but it has since been updated to 4.0.
Security audit is the final and the most important step in implementing security defenses. When you build your service, you always have to remember to make it as safe as possible. The bigger it is, the most important its security is. The first step is to run a risk analysis in order to find possible holes and find out what type of attacks you can expect. The second step is to develop a proper policy to defend against them. Finally, you undertake a security audit to check if it really works.
If you need a NoSQL database which work with JSON data, has full support for realtime searching and has a mix of paradigms between SQL and NoSQL, a good option is RethinkDB.
This is a open-source database, which all JSON’s data is persisted into tables like a conventional SQL database, allowing you to run queries among multiple tables using the classic join command. But you can also persist arrays and sub-documents like you are used to do it in MongoDB, CouchDB or PostgreSQL.
JS13K JavaScript HTML5 Competition
Jscrambler will be sponsoring Js13kGames, a JavaScript coding competition for HTML5 Game Developers. The fun part of the compo is the file size limit set to 13 kilobytes. The competition will start at 13:00 CEST, 13th August and will end at 13:00 CEST, 13th September 2016. Theme will be announced on 13th August. Save the date!
There are some great ways for programmers to stay in touch with the latest news about JavaScript and web development community, like reading blogs, websites or even searching for a specific question on forums such as Quora. But, for those who want to really dive into the web development business the best thing to do is to attend JavaScript conferences.
Besides giving a glance of the new products, tools and innovative ideas in firsthand, these kind of event are a really good deal for networking with some of the best professionals and companies in the field and share some experiences.
And there are no excuses for those who don’t want to leave their city, state or country to participate: these events may happen in many parts of the world and on many different dates (there might be one happening close to you right now!).
So, in case you don’t want to miss your spot when they get to your city or country, stay tuned for the most popular JavaScript conferences and events dedicated to web developers around the world:
As a Javascript developer you’re no doubt painfully aware of some of the common vulnerabilities in web applications which are made possible by the language; most notably, XSS (Cross Site Scripting) attacks.
At the root of XSS attacks is a simple premise; the injection of malicious code into your website or web application.
The first line of defence against XSS usually involves sanitizing user input, particularly anything which is later echo’ed back to the page. Content Security Policy is a subtly different approach to defending against similar types of attack. In this article we’ll look at it in more detail.
Note that CSP is not a replacement for input sanitization, which remains as important as ever. Rather, it complements the best practices you’re already (hopefully!) following.
JavaScript is here to stay. First shipped in September 1995, over the last two decades has become the most popular programming language on earth. As of today, in 2016, over 88% of all websites use JavaScript and they do not show signs of stopping. You will find it also on mobile sites, games and web applications.
Single page applications or SPAs are in trend. SPAs put emphasis on a thick JavaScript client with a thin back end. Node.js takes this further with JavaScript on the client and on the server. Given the popularity of JavaScript, polyglot programming got put aside. What if I told you that the same code that runs on the server, also runs on the client? Yes, welcome to isomorphic programming in JavaScript. In this take Iʼll introduce a bar tab app using isomorphic principles. This idea takes “code reuse” to new heights. Read More