To be able to modify headers in a testing environment is a great thing to have. It allows control over your application as one can bypass authentication, set cookies, and so on. In this article, Nafees Nehar explores some methods which allow modification of headers in an automation testing setup.
Read more…
HTTPS is a must for every website nowadays: Users are looking for the padlock when providing their details; Chrome and Firefox explicitly mark websites that provide forms on pages without HTTPS as being non-secure; it is an SEO ranking factor; and it has a serious impact on privacy in general.
Read more…
The landscape for the performance-minded developer has changed significantly in the last year or so, with the emergence of HTTP/2 being perhaps the most significant of all. No longer is HTTP/2 a feature we pine for. It has arrived, and with it comes server push!
Read more…
Web applications, be they thin websites or thick single-page apps, are notorious targets for cyber-attacks. In 2016, approximately 40% of data breaches originated from attacks on web apps — the leading attack pattern. Indeed, these days, understanding cyber-security is not a luxury but rather a necessity for web developers, especially for developers who build consumer-facing applications.
HTTP response headers can be leveraged to tighten up the security of web apps, typically just by adding a few lines of code. In this article, we’ll show how web developers can use HTTP headers to build secure apps. While the code examples are for Node.js, setting HTTP response headers is supported across all major server-side-rendering platforms and is typically simple to set up.
Read more…
For quite some time, the venerable gzip algorithm has been the go-to solution for reducing the size of page assets. A new kid on the block has been gaining support in modern browsers, and its name is Brotli. In this article, Jeremy Wagner will get hands-on with Brotli by writing a Node.js-powered HTTP server that implements this new algorithm, and will compare its performance to gzip.
Read more…
SSL is the “S” in HTTPS. It adds a layer of encryption to HTTP that ensures that the recipient is actually who they claim to be and that only authorized recipients can decrypt the message to see its contents. In this article, Emerson Loustau will show you how to upgrade your website to HTTPS to improve your website, protect users and participate in the advancement of the Internet. And it won’t cost you anything!
Read more…
Smashing Magazine is known for lengthy, comprehensive articles. But what about something different for a change? What about shorter, concise pieces with useful tips that you could easily read over a short coffee break? As an experiment, this is one of the shorter Quick Tips-kind-of articles — shorter posts prepared and edited by our editorial team.
Read more…
WordPress does make it really easily to completely customize a website. Unfortunately, any modifications made to a theme will be lost once the theme is updated by the developer — which is also bad for security. A much better idea is to use a child theme. This allows you to make any number of changes to a website without touching any of the original theme files. In this article, Nick Schäferhoff will take a detailed look at what WordPress child themes are, how to create them and how to use them to customize your website — the right way.
Read more…
Term meta data allows you to save meta values for terms in a similar way to post meta data. This can be used to add ratings to comments, indicate your mood while you were writing a post, attach prices to product posts, and various other information you think is relevant to your content. As of the newest version of WordPress, meta data can now be added to terms which allows us to create features like default category thumbnails in a standardized way. Thomas Maier knows many projects that already save meta information for custom taxonomies. A lot of them are probably going to update and use the new meta data logic once WordPress 4.4 is widely used. In this tutorial, Thomas will show you how you can edit, update and retrieve these meta data for terms.
Read more…
When we shop for a theme, do we get what’s on the tin? Some themes aren’t as fast as what is advertised on the demo websites. When running small tests on themes for other CMS’, like Joomla, Philip Blomsterberg had the same findings. The theme he started out with seemed very good, offering speeds that were quite good, especially for a news website or portal. He tested the theme with demo content; however, regardless of how hard he tried, speeds and scores never reached those on the vendor’s website. This led him to believe that theme vendors sometimes set up demos to make their websites appear faster than they really are.
Read more…
