LATEST FROM OUR BLOG

Take your daily dose of (only) relevant news, useful tips and tricks and valuable how to's on using the latest web technologies shaping the digital landscape. We're here to do all the necessary information sifting for you, so you don't have to, to provide you with content that will help you anticipate the emerging trends about to influence the web.

HTML5 security - Cross domain messaging
HTML5 is a technology for the next generation web applications and has come with a lot of new features to the web. In the mobile app world HTML5 applications are widely used. Besides a lot of features, HTML5 has brought to the table various attack vectors. Before talking about security concepts of cross domaing messaging, we need to understand the basics of the HTML implementation of cross domaing messaging. Cross domain messaging Because of the same origin policy restrictions before HTML5, sending messages between Windows was only possible if both Windows used the same protocol, port, and host. With the introduction of HTML5, all those restrictions are gone and we can now pass messages across domains without having to worry about Same Origin Policy restrictions. HTML5 has a new method called postMessage(). Using this, we can pass messages between windows regardless of their origin. Below is the syntax of postMessage(). Sending window otherWindow.postMessage(message, targetOrigin, [transfer]); ‘otherWindow’ is a reference to another window. ‘Message’ is the message to be passed to the receiving window. ‘targetOrigin’ refers tothe URL of the receiving window. If we don’t have any specific preference, we can specify it as “*”. Specifying “*” as ‘targetOrigin’ has some security implications we will discuss in later sections of this article. ‘Transfer’ is optional. Receiving window When otherWindow.postMessage() is executed, a messageEvent will be dispatched at the receiver window. We can receive the message dispatched by the sender using the following code snippet. window.addEventListener("message",receiveMessage, false); function receiveMessage(event){ if (event.origin !== "https://goo.gl/Brmfny") return; // ... } From the above code snippet, we can access the data and origin of this message as shown below. ‘event.origin’ gives the origin of the message (the URI from which we are receiving this message). ‘event.data’ gives the actual message being sent. Now, we have got some basic knowledge of what cross domain messaging in HTML5 is and how it is implemented in the applications. Let us now see the security implications of cross domain messaging. For demonstration purposes, we have set up the following lab. A: https://goo.gl/SN1Ow B: https://goo.gl/MTtd As we can see, we have two different ports on the above two URLs. The first URL is running on port 8387 and the second URL is on the default port 80. So, it is obvious that they have two different origins, since the port numbers are different. In our lab setup, A is the message sender and B is the receiving window. We are going to load the second URL https://goo.gl/MTtd as an iframe in the first URL. I can send messages from the domain https://goo.gl/SN1Ow to the domain https://goo.gl/MTtd using the postMessage method. We can check it by clicking the “Send Message” button as shown below. The iframe which is loaded into the first URL is from a different origin, but we are able to send a message to it using HTML5’s postMessage() method. Now, let us look at some scenarios where this postMessage() implementation can introduce vulnerabilities into our applications. Case one Code at sender: receiver.postMessage('Hi There..!', '*');< When the sender has the above code where he specifies the target origin with a wildcard “*”, an unintended recipient (window) can receive this message from the sender. Since the receiving window is listening for incoming messages, anyone can load it into an iframe and can listen for the messages coming to it. So, it is a bad idea to give a wildcard when passing sensitive data to the receiving windows. How to fix this: It is possible to fix this just by adding the specific target in the target field. So, in this case https://goo.gl/MTtd is the only origin that can receive this message. This is as shown below. receiver.postMessage('Hi There..!', ' two Code at receiving window: function receiveMessage(e) { do something..! } In the above code, we are receiving the message from the sender and directly processing it without checking who sent this message. It is always important to check the origin of the message to prevent receiving messages from unauthorised senders. How to fix this: function receiveMessage(e) { if (e.origin !== "") return; do something..! } Always validate the origin from which you want to receive the messages. In our case, we want to receive messages only from . So, we are making a simple check to see if the message is coming from using the property event.origin. If this is not matching, we won’t receive the message. Case three The next attack vector is the infamous cross site scripting. Both the sender as well as receiver should always validate the messages being passed. If the data is inserted into HTML DOM without proper validation, then the application becomes vulnerable to DOM based cross site scripting. The following code snippet shows how an application may become vulnerable when a malicious message is received from the attacker and it is inserted into the receiver’s HTML DOM using innerHTML property. Sender receiver.postMessage("< img src='x' onerror=alert(1); >", ' receiveMessage(e) { if (e.origin !== "") return; messageEle.innerHTML = "Message from localhost:8387: " + e.data; } When the above code is executed, it causes an XSS in the receiving window as shown in the figure below. How to fix this: The easiest way to fix this issue is to assign the data value to an element using textContent rather than using innerHTML. This is done as shown below. Sender: receiver.postMessage("< img src='x' onerror=alert(1); >", ' receiveMessage(e) { if ( e.origin !== "") return; element.textContent = " Message from localhost:8387: " + e.data; } When the above code is executed, we should see the text displayed in the receiving frame as “data” rather than code. Source: http://www.developer-tech.com ... Read more
Adrian Ababei / Jun 29'2016
How to Write a Clean and Scalable Angular 2 Application: Best Practices for Angular 2
Angular 2 is becoming more popular worldwide and because of that, people are starting to learn how to use it. It doesn’t matter if you’re a beginner or an advanced coder, there are some practices you should follow when using Angular 2. CLI/Boilerplate If you’re just starting with Angular 2, use angular-cli (npm i angular-cli -g). It’s based on ember-cli. You can generate a good example with ng init project-name. This command will initialize a new Angular 2 application. This application should already be following all the best practices from the official Angular 2 style guide. Besides that, it installs the required npm dependencies. It also creates unit testing and e2e testing scripts. Long story short, it does everything that is required to start a new Angular 2 application. If you don’t like the directory structure or system.js you can use the best starter kit angular2-webpack-starter or other boilerplates. Build the app Angular2 uses Rollup to build bundle there is next-generation ES6 module bundler. A good example is browserify or webpack, because there are more loaders and plugins available for support Rollup feature set eg: rollup-loader and rollupify. Rollup can make smaller code however webpack and browserify have rollup-loader or browserify rollupify transformer which you can use to shrink your bundle. In the near future, it is going to be recommended to use @angular/compiler(-cli) and @angular/platform-browser which was made with template compiler, precompiled templates, and styles. Follow this example to speed up your bundle by more than nine times! Server side (universal) rendering Universal means rendering pages on both the server and client side. It usually implies the use of frontend JavaScript and Node.js because they allow for the re-usage of libraries, allowing browser JavaScript code to be run in the Node.js environment with very little modification. As a result of this interchangeability. If you want to use Typescript in Nodejs, we don’t suggest using ts-node or any node module which hacks the require.extension. Use “browserify  – node” or webpack with the right configuration to generate server side build. IDE/Editor We use Sublime and official Microsoft plugin but we think atom and vscode (unofficial editor of Angular 2) is also ideal for development, but much slower than Sublime. If you prefer complex IDE then use webstorm which has Angular 2 Support. Linting We suggest using tslint, it’s the best when using typescript with codelyzer and ng2lint. Valor-software has a very useful lint project, tslint-config-valor contains all rules explicitly. Documentation We use typedoc for generating the documentation, there’s a great little tool that allows us to generate HTML documentation based in our TypeScript files similar to what JavaDoc does. This will compile all the documentation (classes, namespaces, functions, etc.), it will be put under the doc folder in the current directory where that command is ran. Testing Karma has an over complicated architecture. We suggest using only jasmine (mocha isn’t working yet). Never run tests on ts files, first you need to compile. Unfortunately ts-node is really slow, even with the newest versions. Our tests run with ts-node 10s long and with compiles js only 1s. TypeScript vs ES6 We use typescript in an Angular 2 based application, and we usually use rxjs too (it is also written by typescript). When you write code, which most often depends on node modules: express, node libs and middlewares use ES6, a lot of packages don’t have typing definition (d.ts). Typescript compiler (tsc) compile the fastest code, but sometimes not the standard way. Naming Conventions Naming standards help developers to understand each other’s code better and keep everything tidy. There are naming conventions for file and folder names as well as for class names and selectors. Some examples: – File and folder names should use dash-case and have a suffix which refers to their functionality, like: *.component.ts, *.service.ts *.interface.ts – Selectors should also use dash-case and have a prefix, which functions as a namespace. – Classes (components, services, directives, etc.) and interfaces should use camelCase and have a suffix which refers to the type of the class, like: *Component, *Service, etc. Directory and File Structure Directory and file structures are really difficult to keep standardized. The demands always change project by project. In the official style guide you use shared folder (for common components, styles etc.). Redux Someday your application will grow up so you have to make a good architecture not only for a big set of components and services. You must handle the states and actions. I think redux is the best container for your app, because all frontend developers know it. Performance It is important to know that if you have a component that only expects immutable data to be passed in via a property, you can further optimize rendering speed by adding changeDetection: ChangeDetectionStrategy.OnPush to the component. Reactivity Rxjs is a great library and it is much better to depend on library, than a framework. Frameworks change very often, but libraries have a more stable API. Use @ngrx extension like @ngrx/store and@ngrx/router to make a better use of reactivity. Router Don’t use the deprecated router (@angular/router-deprecated), Angular 2 is in release candidate status but also has a deprecated router too. We suggest the use of the new router (@angular/router) or @ngrx/router reactive solution, which is the greatest yet. Angular 2 is in release candidate status, but this practice will be useful in the future. ... Read more
Adrian Ababei / Jun 27'2016
How to Design a Color Blind Accessible Website: 13 Easy Tips
In today’s day and age having a colour blind accessible website is not optional, it’s a must. Colour Blind Awareness statistics state that up to 4.5% of the population suffer from colour blindness, which may not seem a high number but here are the facts: Why build a colour blind accessible website?   At the moment there are around 3.435.598.500 internet users in the world and this figure is growing rapidly. If we do the math, around 154.601.932 internet users are colour blind – this means they might have a hard time viewing and using your website. That’s a huge chunk of the population! Before you start thinking about costs and figures, let me lay it out for you: designing colour blind accessible websites doesn’t make it more expensive, on the contrary: considering the fact that you cater to ~155 million people will pay out big time in the long run.   What is color blindness? Colour blindness comes in all shapes and sizes. Some individuals may have trouble differentiating between certain colour combinations, some may not see certain colours clearly and some users can get different colours mixed up. Other factors such as glare, screen size, lighting or the quality of the screen can also influence user experience which can ultimately reduce your sales or bounce rate. As mentioned before, designing colour blind accessible websites won’t be more expensive or take ample amounts of time. Here are 13 tips on how to design or change your website in order to improve user experience: 1. Text readability Text size, background colour and text colour are factors which ultimately influence text readability. When designing a colour blind accessible website programmers need to follow specific accessibility guidelines in order to ensure user experience for individuals with colour vision deficiency. 2. Text & Background images Trying to place text over images can be difficult at times simply because the image can lack contrast with the text. A good idea is to reduce the image’s opacity which in turn can make the text easier to read by increasing the contrast. If meddling with the image is not an option, you can change the contrast of your text to achieve the desired effect. 3. Colour swatches, pickers or filters A great and simple solution to this problem is to add text labels next to the colours themselves. This little trick can also help users which don’t suffer from colour blindness as well. 4. Add descriptions to your pictures Adding descriptions to your pictures removes any guesswork for colour blind individuals. It can also help people with other eye problems. 5. Recognizing links In order for a website to be colour blind friendly, links need to be easily spottable without using any text colour. Users suffering from achromatopsia can’t see colour so it’s a good idea to add some specific text before placing a link – eg. “Click here to learn more.” 6. Colour combos Colour blind individuals see the world differently. They also see websites differently. Certain colour combinations should be avoided in order to improve user experience: • Green-black • Green-grey • Blue-grey • Light green-yellow • Green-blue • Blue-purple • Green-brown • Green-red 7. Colour-blind friendly forms Using placeholders without labels can also be problematic for some users as most colour blind individuals will not be able to see the text due to its low contrast. It’s a good idea to have forms with labels for each input line. 8. Primary buttons Designers often use colours to differentiate primary buttons. This is not necessarily a bad idea but in order to improve user experience other things such as icons, borders, size, placement and contrast can be changed in order to make them more noticeable. 9. Alerts and messaging Error messages are usually coloured red and success messages are usually coloured in green. Although most people won’t have any trouble in seeing these messages correctly, it’s a good idea to add prefix texts such as “Operation failed” or “Task failed” to your messages and alerts - It’s a whole lot easier to read and understand. 10. Required form fields Obligatory form fields should be differentiated through other means than colour alone: • Removal of optional fields • Marking certain fields with text – “required” • Marking certain fields with an asterisk 11. Colour blind friendly graphs Graphs are usually made up of different segments of colour. Placing text within each segment can make your website more colour blind friendly. On the other hand, if the segments are too small or narrow for text, you can just use a key to denote different segments. 12. Zooming is a very helpful feature when building a colour blind accessible website Zooming can improve readability for most users, not just colour blind individuals. While some designers choose to disable zooming on their websites, it’s a good idea to leave this essential accessibility feature on. 13. Relative font sizes Browsers can increase text size in order to improve readability but this is not always the case. This function can be disabled if the font size is measured in pixels for example. The key to building a colour blind accessible website is using a relative font size unit such as ems – this will help users avoid headaches caused by tiny text. It’s time for testing! How can you see if your modifications are done properly? Here’s a small list of tools which you can use: 1. Check My Colours – Simply enter your website’s URL and get some feedback 2. Colour Contrast Checker by Web Aim – Enter two colours and see if they can work together 3. I Want To See Like The Colour Blind – Name says it all. Also my personal favourite. 4. Colour Oracle – colour blindness simulator which can work on Linux, Mac and Windows. Conclusion Always remember that between looking good and functionality, most visitors would prefer the latter. ... Read more
Adrian Ababei / Jun 24'2016
How to Improve Your Page Loading Speed: 4 Tips on Designing a Website for High Performance
Website loading speed is closely related to user experience, and for good reasons – time is also more valuable than ever. Why would anyone want to waste time on a slow loading website when they can just jump ships and go to a different website? Users generally want a site that loads in 2 seconds max and a mobile website that loads in 3 seconds max, any longer than that and they will jump ships. Designers are taking more and more steps in order to ensure faster loading time but how can you create a fast loading website without removing any of its flashy features? Here are four tips on designing a website without any loading issues. Minimalistic design still works Fewer elements means less loading times and ultimately better user experience on your website. It’s a good idea to integrate a minimalistic design to your project thus making it easier and more pleasurable to use. If you’re building a website from scratch it’s a good idea to use smart design from the get-go, as it will save you a lot of time and effort in the future. It’s actually easier to build a fast website from scratch than modifying a website to become faster. Minimalistic features which reduce loading time include but are not limited to: • Using just one type of font on your website • Smaller or optimized images • Shorter web forms • More negative space • Use of hamburger menus instead of navigation bars Probably the best example of minimalism design work is Wikipedia. No wonder it’s so popular! Most searches on Wikipedia take under a second to complete and present results. The perception of performance is also important in design work The idea behind this is that you don’t necessarily need to build an extremely fast website; you just need to create a website that’s perceived to be fast in order to keep your users happy. If you are trying to optimize a website’s loading time, you don’t need to implement complex tech solutions in order to do it – you can just change the design in order to make the interface seem faster to the end-user. Google actually wants your website to be fast One of Google’s missions is to make the Internet faster – and your website is a part of that! As such, Google offers ample support to developers in building faster websites. You can go and check Google Devs’ „Make the Web Faster” page. This page will be the backbone of your optimization efforts as you can get multiple tools and tricks to help you on your way. One interesting tool and my personal favourite is the Page Speed Insights – here you can actually see what’s making your site slower than the competition and how to fix it. Detail reports, recommendations, tips & tricks – it’s all there. Simply put your URL into the required field and you’ll get a list of things to fix in order to improve your website speed as well as user experience. The more issues you fix, the faster and better your website will be! Simple enough? Let’s move on. Lazy loading is a thing Lazy loading means that your website’s objects are not rendered until it’s necessary to render them. Basically, objects will begin to load when users are on that specific part of the page. By using this technique your website will require fewer resources to function properly, thus making it much faster than a regular website which loads all objects at once. This technique is a must for long scrolling pages but it also works for regular pages as well. By implementing all these tips and techniques you can ensure a fully functional website with a great user experience to boot. ... Read more
Adrian Ababei / Jun 22'2016
CodePen and JavaScript: Powerful When Used Separately So... What If You Used Them Together?
A lot of devs are now using CodePen for a variety of front end web development tasks and tricks. CodePen can be used to create Pens which are made up of JavaScript, CSS and HTML. A great thing about CodePen is that you can see your results immediately, effectively making this tool indispensable for any front end dev. But what can we do if we combine JavaScript and CodePen? 1. Add any library you need in one place You can add custom settings to any Pen you create: you can set the External JavaScript you need or want to use. Just go to the Quick Add dropdown to do it or simply start typing the required library and a variety of choices will appear. This way you’ll be able to find thousands of CDN hosted libraries. 2. Write in ES2015 Practice your ES2015 skills with CodePen by simply enabling the Babel JavaScript pre-processor. Now you’re able to use ES2015’s features and Babel will process them into an older version of JavaScript, enabling it to work everywhere. You can also do it without using Babel whatsoever but it may lead to browser support issues. 3. You can use the console for debugging and output With CodePen, you can also use your browser’s DevTools if you set its context to demo. CodePen also features a built-in console which you can use. Keep in mind that your URL might change when you close or open different code panels. There are four numbers which stand for HTML, CSS, JS and Console respectively so the URL parameter ?editors=0001 stands for Console open while the others are closed. Replacing the last number with a 2 maximizes the console. This way you can share a Pen when the output is intentionally set only for the console. 4. Use JSX and React Babel also supports JXSX so if you add ReactDOM and React you’ll be able to build in react as well. Apart from Babel, CodePen also offers LiveScript, TypeScript and CoffeeScript. TypeScript is able to process the JSX as well. 5. You can also include other pens as resources Using JavaScript for another Pen is also possible by simply dropping the URL of your other Pen in the External JavaScript function and that’s all there is to it. You’ll be able to create multiple Pens that use the same JavaScript – this way it will be easier to update it when necessary. This little trick also works for CSS in the same way. When it comes to HTML you can include the Pen URL in triple brackets within the HTML itself. 6. Get Ajax from other Pens With CodePen you can use other Pens as resources and you can access the code from Pens located at certain URLs. If you want to access just JavaScript from another pen, you can add .js to the end of the URL you’re targeting. This technique can be especially useful when storing data in another Pen so you won’t have to meddle with the JavaScript code in the Pen you’re currently working on. 7. Learn new stuff with CodePen Devs can use CodePen as a learning tool as well – it’s real code which you can write, edit but also see the results of. You can create Pens for learning purposes specifically but our favourite is the Professor Mode which allows other devs to watch you code in real time and give pointers through the built in chat system. Collab Mode is another useful tool which can be used for teaching purposes – this mode allows multiple people to work on a Pen concurrently for hands-on teaching. 8. You can see coding errors in real time Another feature we love about CodePen is that you can see any errors in your code right in the editor itself. This feature also works for JavaScript – the lines with errors will be highlighted and a special icon will be revealed. Clicking the icon will reveal the error message which is a huge help in understanding the problem and fixing it. CodePen also tries to prevent executing infinite loops which can lock your browser and prevent you from saving your Pen. 9. Lint your JavaScript CodePen can check your JavaScript code with JS Hint as well. This is a tool which detects potential problems or errors in your code. Use this tool to uncover non execution stopping errors most devs tend to miss. If the error message doesn’t provide enough help for you to fix it, there are built-in “Google it” links to find more information. CodePen also lints your JavaScript which is great because if you’re using a pre-processor, it will lint the code for linting warnings. If JS Hint finds any issues it will show you the problems directly in the code. 10. Clean code – easier work CodePen also has a feature which can help to clean up your code. This feature works with JSX as well.   ... Read more
Adrian Ababei / Jun 20'2016
The Objectives of an Enterprise-Level Content Marketer
According to Content Marketing Institute’s latest report, only 28 percent consider their efforts effective. That’s less than B2B or B2C content marketers reported, suggesting that enterprise businesses face some unique challenges when it comes to building an effective content marketing campaign. To help combat these challenges, here are five primary objectives content marketers should target when working with an enterprise-level business. 1. Staying organized. Content marketing is a complicated task for businesses of any size, but enterprise marketers seem to have the most difficulty staying organized. Only 31 percent of enterprise marketers actually have a documented strategy. And fewer than half have a dedicated content marketing group. This likely poses major challenges for managing all the component parts of a successful content marketing campaign, such as: • Setting goals • Creating content • Managing social media • Promoting content • Analyzing your efforts Content marketing is a continuous process that only works well if all these tasks are consistently managed. Building a team that’s accountable for each task is an invaluable objective in making content marketing more effective in an enterprise environment. The team can develop and manage a documented strategy, which makes it possible to measure, adjust, and improve your efforts later on. 2. Marketing to diverse audiences. Enterprise companies have more audiences to target than any other kind of business. The average number is six, but some target more than 10. It’s good that enterprise businesses are already making the effort to develop targeted content that suits many different tastes, but diverse marketing is still a major challenge in and of itself. Enterprise content marketers need to go beyond developing several buyer personas and creating a customer journey for each with their content. They also have to make sure their efforts are properly segmented, which is not an easy task with six or more audiences to reach. That’s why it’s important for enterprise content marketers to take advantage of various marketing and segmentation tools to create the most personalized experience possible -- for their whole audience. 3. Finding the right talent. Gaps in knowledge and skills of the internal team, finding trained content marketing professionals, and producing a variety of content are all bigger challenges for enterprise marketers than other businesses. Even major companies with a large pool of employees can’t get optimum marketing results without taking advantage of the right outside talent. Inbound marketers as a whole have been increasing their use of outside talent for their marketing content: This is an important strategy that enterprise content marketers need to pay attention to if they want to overcome the gaps in knowledge of their internal team. The right freelance or agency talent can provide a quick solution to the need to create a variety of content as well. Writers, designers, programmers, social media specialists and more can be found affordably online and the potential return on investment (ROI) can be high compared to retraining current employees or hiring new ones. 4. Communicating across departments. Enterprise companies, much more than other B2B companies, say the lack of integration across marketing is a major challenge. This issue makes sense considering the traditional structure of enterprise companies – departments are often siloed, making it difficult to effectively collaborate on marketing tasks. Content marketing requires close collaboration between diverse teams, such as: • IT workers • Writers • Sales teams • Designers • Public relations Communicating across departments is an objective that enterprise-level content marketers need to focus heavily on. The task becomes easier if: • You put content marketing leaders in each department in charge of encouraging communication • You make efforts to meet regularly and discuss your campaigns with employees involved • You take advantage of marketing platforms and communication tools that simplify remote collaboration 5. Getting buy-in. Enterprise B2B content marketers also struggle with getting buy-in/vision from people in charge in their organization. This disconnect between the apparent value of content marketing and its adoption is also reflected in marketing spend based on company size: The bigger the business, the less spent on inbound strategies. The fact that enterprise companies struggle more than other businesses to get budget and buy-in for content marketing makes sense if you consider what’s involved. For a small business, it only takes one person understanding the value of content marketing to revamp the business strategy. When you’re working with business executives who’ve spent their lives marketing outbound, on the other hand, getting buy-in and budget can be a challenge. Meeting this challenge should be a major focus for enterprise content marketers who want to have an impactful strategy. The best way to do this is to demonstrate the benefits of content marketing for your business. Proving ROI is the most powerful way to get buy-in and unlock budget -- marketers who show ROI are more likely to secure bigger budgets year-to-year. Source: https://www.entrepreneur.com ... Read more
Adrian Ababei / Jun 13'2016
New Technologies That Speed up Your Website
The internet is constantly changing and speed is quickly becoming the major metric of progress and a key indicator for website developers. Here are a few new features which can help you speed up your website and reap the rewards of faster internet. HTTP/2 HTTP/2 was first published in May 2015 and has been supported since the second half of 2015 – HTTP/2 is a new and improved version of the WWW protocol. HTTP/2’s main improvement is the ability to cover multiple requests with a single connection – this improved ability, called multiplexing has the capacity to revolutionize the world of web designers forever. Current techniques used such as Data URIs and sprites won’t be used anymore. HTTP/1 used to be efficient when loading one large image but when it was necessary to load several smaller images the situation changed drastically – it simply wasn’t able to cover multiple concomitant requests. The new version improves this situation and HTTP/2 can handle multiple simultaneous requests with ease. HTTP/2 compresses headers before requested data is sent, which ultimately simplifies the transport by a great deal. This newer version is also non-textual and binary, unlike the previous version – this improves performance by a whopping 50%! The difficult thing about upgrading to HTTP/2 is not the HTTP itself but the fact that browsers only support it over SSL. So if you want to implement HTTP/2, the first thing you should do is get a SLL certificate. Once you have the SSL certificate, you can implement HTTP/2 on your own if you have administrator rights for your server. Otherwise, it depends on your server hosting or web hosting company. The SSL Certificate SSL certificates encrypt the connection between a client and a server. Getting your own SSL certificate is not as hard as you think – you can actually get one for free with Let’s Encrypt. Let’s Encrypt is a relatively new authority when it comes to SSL certificates – their ultimate goal is to eliminate all manual processes required to obtain a certificate. With Let’s Encrypt the whole process is automated and finished in just a couple of minutes. You can also get a certificate through your server hosting company or web hosting provider. Brotli Brotli was recently introduced by Google – this new compression algorithm will reduce the size of transported data, effectively increasing the speed of your website. Compared to other compression solutions, Brotli offers a 20 to 25% better compression ratio. As such, webmasters can save up to 40% on HTML files traffic and around 25% on JavaScript and CSS related traffic. Unfortunately, Brotli is only supported by Firefox and Chrome at the moment but other major browsers will follow soon. Major servers such as Node.js, Apache and Nginx all require a packet installation – there’s no server offering Brotli by default at the moment. Content Delivery Network A Content Delivery Network or CDN for short is a set of servers located in different parts all around the world. These servers all contain a replica of your website and all its assets – software, videos, images, etc. When someone accesses your website, the data is loaded from a server that’s closer to the visitor, thus increasing your website’s loading speed. Another advantage to CDN systems is the improved reliability of your website – the content is spread around many other servers which means that your hosting server doesn’t have to bear such a large load of traffic. Usually, websites that use a CDN system will load 50% faster compared to regular websites which use only one hosting server. ... Read more
Adrian Ababei / Jun 07'2016
Mobile App Development in 2016: Useful Tips and Best Practices
Since the early 2000s mobile app development began to gain a lot of attention from app development companies as well as programmers. Here are a few tips for mobile app development companies and app developers.   Mobile app development and web development Almost all mobile apps intract with an API. Mobile app development companies are very familiar with these concepts. Developers will handle all data and tech requirements necessary for mobile app development but the bottom line is that generally speaking there’s no difference between building a mobile app and building a web application. In certain cases both will use the same code base. That being said, there are a few differences worth noting – these can make the transition from web development to mobile app development much smoother. One of the most important things to take into consideration when dealing with mobile app development is the fact that web apps can be updated very quickly, whenever needed while mobile apps can take many weeks to update. Also, some mobile app users can simply opt not to update their apps.   What this means is that the API will automatically have to support multiple versions of your app. This is not a big problem as there are plenty of solutions you can implement but it’s better to keep it in mind when designing the API itself.   Another problem you can encounter with mobile app development is authentication – more and more websites are switching to token based authentication instead of cookies. Most mobile app development projects will benefit greatly from using the token-based approach.   Here is a list of pointers you should follow when building an app API: Keep in mind that users may own multiple devices and try to build your app accordingly Mobile devices tend to have slower internet so response objects should be designed accordingly Test every API updates with all supported app versions When dealing with mobile app development there are many small details you need to consider but the basics are the same with web development.   Technology for mobile app development Several frameworks can be used in order to enable certain technologies such as Javascript, CSS, HTML for mobile app development. These are called hybrid apps – most of them are written using Ionic, Phone Gap, Cordova and others. By using frameworks you’ll be able to write the app in familiar programming languages and they are also cross-platform. This is a great advantage for web developers as well as web development companies – instead of having to build an Android app and an iOS app separately, you can share the code between the two platforms, thus saving time and money in the process. That being said, hybrid apps do have some disadvantages – this is why React Native is essential. React Native was built and is currently maintained by a team from Facebook – this technology is very similar to the React framework so if you are familiar with React then you should definitely check out React Native. This technology has all the cross platform benefits of hybrid apps and runs natively, making it a top choice for mobile app developers. Also, the UX/UI can be platform specific or shared, according to the needs of the developer. This is a very powerful tool which can handle both small as well as larger projects.   Specialized web development Mobile app development is getting more popular nowadays and there’s a lot of money and interest in it but it doesn’t mean that every company needs a mobile app – having a mobile responsive website is much more important than having an app.   For certain companies, having an app might be a fad but having a fully-responsive website is a necessity. As a developer, if you’re not building mobile apps you’ll most likely still have to build mobile websites. Considering the growth and popularity of services such as Squarespace and Wix, companies need to focus more on building web applications rather than simple websites. Here is a list of tips you can implement in order to stand out in the crowd: Focus on building complex web applications rather than simple websites Try to build websites within a certain niche that has not yet been commoditized. This can include websites that provide highly customized user experience or sites focused on performance Offer other services as well – search engine optimization is best done when building the actual website Help your clients migrate content from the old website to the new one   Conclusions When dealing with mobile app development it’s always a good idea to start off small, maybe with a tiny hybrid app for testing purposes. Implementing your web development skills onto the mobile app development stage is a huge benefit for all parties involved, including the clients. ... Read more
Adrian Ababei / May 27'2016
What Tools Do Most Web Developers Use? Top 14
They say that the difference between a beginner and a pro is the tools they use. We tend to agree with this saying so we decided to come up with 14 of our favourite web development tools we use here at OPTASY. SHRINKTHEWEB.COM If you’re interested in promoting and administrating a website, ShrinkTheWeb.com is the way to go. This little tool will help you take automated screenshots of your website for free! (Restrictions and limitations may apply to size for example) Shrinktheweb.com provides the fastest capture time possible even with their free plans. For less than $10 a month you can get other interesting features as well: inside page analysis, full length previews and custom sizes. You can also schedule automated captures with any plugin you use and test responsive websites whenever you need it. Shrinktheweb.com is a great tool for beginners and pros alike! MUFFINGROUP.COM Muffin Group’s BeTheme is an elegant, easy to use and extremely versatile wordpress theme library which you can use to customize your website in any way you want. With BeTheme you get unlimited backgrounds for each section, 7 different header versions, a layout generator, 4 grid layouts and 12 predefined skins. BeTheme works with all available browsers including Opera, Firefox, Chrome, Safari, Internet Explorer – it’s 100% fully responsive and it looks awesome on any mobile device. BeTheme also features video backgrounds and parallax effects – you can upload images, text and videos in your backgrounds for awesome looking sections. BeTheme’s powerful admin panel will guide you through the designing stages, making it extremely easy to use. All themes featured on BeTheme are fully optimised, making your site very fast and easy to load. FLYZOO.CO Flyzoo features a Responsive Chat system on Mobile, meaning that the layouts used will adapt for mobile devices as well. You have 4 different mobile modes to choose from when adapting your website for smartphones. You can also create a custom page on the site and build a dedicated page for the mobile version – after that you can add custom stuff like images, text, video and menus. The best part about Flyzoo is that you don’t have to start from scratch – this tool provides you plenty of customizable templates which should help you build your page in minutes! SIMBLA.COM Simbla.com is a free website maker platform which requires no downloads or installs. You can get your website up and running in just a couple of minutes – all you have to do is sign in, choose a template you like, purchase a domain and then start writing your content. Simbla’s intuitive interface and the drag and drop system allows you to create new pages easily. ICONFINDER.COM IconFinder.com is the largest icon marketplace – here you can find material icons, flat icons, glyphs and a lot of other goodies. You can also opt for customized or personalized icons if you decide to work with a designer from Iconfinder.com. In order to get a personalized icon set, all you need to do is fill out a design brief which includes a presentation for your company, a presentation for your product and your target audience – this will help the designer build an accurate image of your needs. After finishing this step, all you need to do is set a deadline and price quotes from different designers will start pouring in. All designers on IconFinder.com are handpicked by the team so it’s a good idea to give them ample time to do their work. Payment for the designers on iconfinder is also mediated by the platform, ensuring safe and easy transactions. ACTITIME.COM ActiTime is a time tracking system designed for companies. This software counts the minutes spent on work and compiles reports, which can be very helpful to properly manage your time and budget. Actitime also provides reports on employee performance and the progress of your current project. THEMIFY.ME Themify is another great wordpress page designer with an intuitive interface. With Themify you can create multiple editable layouts while in the same time benefit from its ample features which can enhance your website’s appearance and functionality. The Live Preview mode allows you to see any changes done to your website in real time – other add ons and features include infinite background, slider pro, image pro and many others. OPTINMONSTER.COM OptinMonster’s form builder is one of the best in the industry – it’s very intuitive and easy to use, plus heavily customizable. You can change the images, colours, messages background and other things as well. OptinMonster also allows page level targeting, which can help you by segmenting your email lists into different categories which are able to see different forms on your website. OptinMonster users report a whopping 200-600% increase in email signups! PIDOCO.COM Pidoco is one of the world’s best prototyping tools. It features a library with over 400 UI shapes, project archiving, web and mobile projects, enterprise grade security, unlimited reviewers, unlimited users and unlimited screens. A subscription will set you back $12 a month for two active projects. If you need more than that you can upgrade your monthly plan for more perks. XFIVE.CO Xfive is a service made up of a team of experts from different fields such as graphic design, copywriters, content writers and programmers. They will take your ideas turn them into reality. 48HOURSLOGO.COM As the name states, this website provides users with custom logo designs in 48 hours or less. Users can even launch logo design contests to see which designer best fits their needs. BOWTIE.IO Bowtie.io is a service designed to be used by developers and programmers. Here you’ll find a wide set of integrations which can help you reduce loading time and security risks. You can also use Bowtie to build custom interfaces for your clients or for your projects. H-CODE RESPONSIVE & MULTIPURPOSE WORDPRESS THEME Themezaa offers plenty of WordPress templates to build your site. It’s pretty easy to use and fully customizable, with plenty of other useful features. With Themezaa you can change layouts, colours, fonts or build your website from scratch with the visual composer. You can also use shortcodes to make your website really stand out in the crowd. THESQUID.INK Squid Ink offers users pixel perfect icons that stand out through their clean and flat design. There are three main types of icons: solid, line and flat. The site is pretty well categorized so you shouldn’t have any problem in finding the icons you need. Feel free to write your own reviews of different tools in the comments section. Which ones are really worth the money?   ... Read more
Adrian Ababei / May 26'2016