The Sad State of Web Development is an interesting if slightly ranty read about the current state of web technologies. Some interesting points worthy of consideration, even if you decide you disagree with them. If you read it, you should probably take one of the final sentences into consideration before getting angry if you happen to think his opinions are wrong:
I originally wrote this anonymously. Yea I was pretty frustrated. It’s all good. Let’s ship some awesome stuff for people!
One of my favourite (and most quotable) bits is the portion on SPAs:
Don’t fucking build a SPA
Really all I’m saying is don’t build a SPA. A SPA will lock you into a framework that has the shelf life of a hamster dump. When you think you need a SPA, just stop thinking. Just don’t. Your users just don’t fucking care.
If I see a section on my app that is really hard to with Pjax/Turbolinks and jQuery, I’ll bring in a library/framework like Vue.js, *cough* React, Angular. All good choices for doing really complex forms(although I find Angular to be the best at this), with a ton of conditional validation. You know what though, these are the outliers in my experience, not the norm.
Maybe 1 or 2 pages on your app will have really complex UI, but the other 95% of the app does not. So you pay a huge penalty doing a SPA. You’re typically writing all the basic CRUD stuff in a SPA from scratch. The backend framework you’re using can’t help you in any way. So my advice is to use Rails, Django, Play Framework, Laravel, or Phoenix to develop most of the app, because they help you with most of the boilerplate stuff, and bring in the flavor of the month on a page that needs it. So when the next flavor of the month comes out you’re entire app is not knee deep in the last flavor of the month. You can just re write that one page.
Ever since support ended for Windows XP I’ve developed something of an involuntary habit of spotting XP systems in the wild while going about everyday life. Hospitals and medical facilities (optometrists and so on) always seem to have a high hit rate. Sometimes I say something, and sometimes I don’t. When I say something it’s usually in a lighthearted manner, and it’s almost always met with a “So?” attitude.
What’s the worst that could happen, right?
Well, things like this are what can happen: Royal Melbourne Hospital attacked by damaging computer virus.
The more that time progresses the more attacks of this nature are going to be available to attackers, with little or no defense available due to XP being out of support. This is just one example (but it’s a good one), there’s been more in the past, and there’s going to be many more to come, and as someone who’s been accused of being a bit of a doom merchant about things like this, it’s handy to have a few citable examples handy.
If you want to know more, then check out episode #395 of Risky Business which has more coverage on the story, as well as being the best security related podcast out there (unless you happen to enjoy someone named Steve reading blog posts verbatim at you slowly over a period of 2-3 hours, in which case there’s another podcast you’d probably like more).
If you’re currently running Windows XP, then please, upgrade.
Microsoft is reacting to angry OneDrive users and allowing people to keep their 15 + 15 GB of free storage. However, it’s not done automatically – you need to visit this website in order to claim your storage: https://preview.onedrive.com/bonus/
As I’ve written a lot in the past about Windows Live Writer, it’d be remiss of me to not mention that an open source fork is now available. I blogged briefly about this back in June of this year, and it’s great to see that it has finally happened.
The current version is dubbed “0.5”, so may not be stable for use by everyone, but it seems fine to me so far. This release seems to be mostly about tidying things up by removing outdated functionality, and simply getting a release out (version 0.5 sucks, ship it anyway), but there’s some exciting stuff in the roadmap.
As a long time Windows Live Writer user, this makes me very happy! Thanks to everyone who worked on this, as it clearly took a lot of organising and collaboration.
Link: Open Live Writer
Link: Announcing Open Live Writer - An Open Source Fork of Windows Live Writer
This is a weird collection of useful links that I’ve had sitting in open tabs for a couple of weeks. I’ve been trying to turn any of them into their own posts, but it just hasn’t happened – however, they are useful, so I’m posting them here for my own reference and in the hope that someone else gets value out of them.
Posting raw JSON to Web API – when I needed to do this I found it quite strange that I hadn’t needed to do so sooner. In a world where it’s pretty easy to cast your JSON to an object and work with it that way it’s understandably uncommon to need to do this, however if you end up needing it you’ll probably find the link useful.
<%$, <%@, <%=, <%# … what's the deal? The more I work on MVC applications the more I find my brain trying to drop WebForms Eval syntaxes from my brain. If you’re in the same boat, then this is a helpful cheat sheet.
How to clear HSTS Settings in Major Browsers – if you’re working with an app which sets HSTS settings then you may find it useful to know how to clear them. They can be somewhat persistent.
Why is the IIS default app pool recycle set to 1740 minutes? An interesting piece of IIS related history, for those drawn to such things.
Over the weekend I was “lucky enough” to need to build a couple of new Windows boxes, and the timing coincided nicely with the release of Windows 10 build 1511. For those who didn’t pick up on it and who also happen to care, the 1511 is a combination of “2015” and “11 – November”.
The first thing I noticed during the installs is that you’re now prompted during install to select your options for some of the more contentious privacy related options in the OS. By these I mean the sharing of typing and writing data with Microsoft, the open sharing/joining of wireless networks, and the torrent-like sharing/seeding of Windows updates with other Windows users. Being prompted for these during installation felt appropriate, and should reduce the amount of privacy rage that these options were generating previously – however I should note that I was installing the Enterprise edition of Windows 10, so it’s possible that other editions don’t have these prompts during installation (I really hope they do).
Once installed it didn’t take long to notice the new window snapping options! As someone with large monitors, I use the window snapping a lot, and the improvements here are very welcome. The main one is being able to resize 2 snapped windows at once by dragging the joined border. This is a neat little feature which is really going to save me a lot of time. I also ended up in the Multitasking options and disabled “When I snap a window, show what I can snap next to it” which probably existed before now, but I’d never found it. The combination of the new resizing feature plus disabling the suggestion option makes snapping feel much more productive.
In the “features I’m never going to use” category, nested virtualization was added in this update. This means you can run Hyper-V servers inside virtual machines that are running under Hyper-V, which should be great for anyone looking to simulate Inception using virtual machines.
In the same category, you can now show more tiles on the start menu. Personally, this isn’t something I’d ever want to use, but it’s optional so maybe it’ll make someone happy. Go to “Settings > Personalization > Start > Show more tiles” if you’re that someone! On top of this there’s a few subtle visual changes to the taskbar/toolbars which seem to work nicely.
A word of warning is that upgrading apparently resets/changes the file associations for some people. As I was performing completely new installs, this wasn’t something I ran into, but others have reported it, so be prepared to re-associate all the things.
Overall the new release feels stable so far, and although there’s nothing major that’s been added, the small refinements feel good and there’s apparently a bunch of bug fixes that have been done under the hood. ARS Technica sums it up by saying “If you were holding back waiting to take the plunge and make the upgrade, now is probably a good time to do it”, which seems like a good summary to me.
This is one that I’m writing down here for future reference, as it’s a keyboard shortcut that I need to use on my Macbook only a few times a year, and consequently I can never remember it.
So, the magic combination is:
Just putting this out there, because even though there are workarounds (trace flag 272!) this behaviour feels broken to me: Failover or Restart Results in Reseed of Identity
Aka “Why the fuck are my identity columns jumping by 1000 all the time in SQL Server”.
It feels even more broken if the gap in time between your server upgrade and the first time you notice this issue happens to be a few months apart, and isn’t consistent across all applications, which ends up making it harder to determine whether this is a problem in code or a “functioning as designed” style issue.
I’m always keeping an eye out for interesting SublimeText addons, of which there’s a *lot* to go through. The lists below are all things which aren’t too useful to me personally (as I usually do this sort of work using Visual Studio), however there’s some handy looking stuff in there for anyone using SublimeText for front end development, so they’re worth posting.
How to Add Sass Support in Sublime Text – also contains a rather handy tip:
You can avoid this by installing the SublimeOnSaveBuild plugin, which will automatically execute the default build action whenever you save changes to a file. (It’s also handy when you’re working with CoffeeScript.)
5 Sublime Text Plug-ins for Frontend Development – some handy stuff in here, Emmet looks pretty useful (I’d imagine that something like that could be handy for all sorts of other things including GTD / writing type work).
From the green padlock news desk:
Twitter is Moving t.co to HTTPS only for new links – t.co in general is a really bad idea, that breaks the usability of the web. However, if you’re going to break the web like that then I guess it’s better to break it securely. This one will be of note to anyone who relies on Analytics tracking and receives a large number of inbound traffic from Twitter. If that’s you, and your site isn’t running over SSL, then you’re going to lose your referral info:
Non-HTTPS sites may notice what appear to be lower referral numbers from Twitter as a result of the change. Web browsers drop the Referer header from a request by default when downgrading from an HTTPS t.co link to an HTTP destination in compliance with the HTTP specification for the Referer header.
Chrome finally kills off the HTTP-HTTPS “mixed content” warning – in a move designed to "encourage site operators to switch to HTTPS sooner rather than later", Chrome will now treat sites with any mixed content as if they were standard HTTP. I can’t help wondering if this is going to make HTTP downgrade attacks a lot easier to perform.
The writing is really on the wall – get all your sites running over HTTPS as soon as possible.