Wednesday, February 19, 2020

Brought New Router? Here's 5 WiFi Basics You Should Know

If you have bought yourself a new Wi-Fi Router then here are some basics that you need to know in order to make your Wi-Fi Router and internet connection more secure: Use strong encryptionSometimes when you buy a new router then it may be having some sort of encryption or it may not have any...

[ This is a content summary only. Visit our website https://ift.tt/1b4YgHQ for full links, other content, and more! ]

by Web Desk via Digital Information World
Posted by at No comments:
Labels:

Listen to a page's DOM as it changes

#428 — February 19, 2020

Read on the Web

Frontend Focus

Understanding CSS Grid Template Areasgrid-template-areas is one of my personal favorite parts of CSS Grid as it lets you specify layouts in the form of strings of text that visually represent the outcome you want. This is a thorough introduction to the idea.

Rachel Andrew

Why JavaScript is Eating HTML — The idea of JavaScript and HTML remaining separate and never the twain shall meet is now decidedly old-school and HTML-in-JS (a la JSX) is definitely A Thing™. Here’s a tour of all the parts involved.

Mike Turley

Designing High-Impact Dashboards for BI — Embedded analytics can transform your product, but terrible presentation can get in the way of great data. Design expert Laura Klein shares UI/UX guidelines and tips to improve your application’s dashboards, analytics, and reports.

LOGI ANALYTICS sponsor

A Complete Guide to Web Links and Buttons — A great resource from CSS Tricks with a lot to digest here. Starts with the basic implementation of both but quickly moves into accessibility, UX flourishes, and styling.

Chris Coyier

While You Weren't Looking, CSS Gradients Got Better — Unless you are some sort of CSS gradient expert, you are going to learn something here. Avoiding repetition by not having to repeat colors anymore is a huge win, IMHO.

Ana Tudor

'Scroll To Text Fragment' Now in Chrome 80+ — Last year we mentioned the Text Fragments spec which will let you link directly to specific content within Web pages that doesn’t have an associated anchor element.. and Chrome now supports it although the formatting of the fragment name isn’t particularly elegant.

Chrome Platform Status

First Public Working Draft for Resize Observer — An interesting new spec from the W3C (based on the same concept as MutationObserver or IntersectionObserver) that lets you observe for changes to an element’s size.

W3C

💻 Jobs

Senior Frontend-Focused Engineer in Munich — Do you love working with React, TypeScript, GraphQL, and working in a user-centred team? Then you're in for a treat. 🍪 Let's protect some businesses together. 🙌

Finanzchef24

Find a Dev Job Through Vettery — Vettery is completely free for job seekers. Make a profile, name your salary, and connect with hiring managers from top employers.

Vettery

📙 Tutorials & Opinion

Same HTML, Different CSS — This is a step-by-step tutorial based on a concept from the old CSS Zen Garden site: Creating different designs via CSS while never touching the markup.

Ahmad Shadeed

Building a Performant Front-End Architecture — A technical writeup of the key things to consider performance-wise when building a front-end.

DebugBear

ImageCon 2020 Innovating the Visual Web — Uploading, managing, optimizing and delivering media slowing you down? Learn about serverless media best practices.

Cloudinary sponsor

Four Creative Ways to JavaScript Timing in Browsers — Interesting alternatives for setTimeout, setInterval, and requestAnimationFrame.

Omar Alshaker

How to Make a WebGL-Powered US Counties Map with D3 and Three.js — Creating a simple SVG-based map is one thing, but if you want the best performance, leaning on WebGL and your GPU is a good option. This tutorial covers how to approach moving from SVG to WebGL by way of Three.js.

Mika Iriarte

How to Build a Tinder-like Carousel in Vanilla JavaScript

Simone Manzi

Building an Image Gallery using PixiJS and WebGL — This goes beyond your typical image gallery with an interesting 3D effect. Lots of bits and pieces here to learn.

Luis Torres

Aborting a Fetch API Request — The Fetch API didn’t have the ability to abort a request in its early days (unlike XMLHttpRequest) but AbortController and AbortSignal can help you get the job done on all modern browsers.

Ganapati V S

How to Apply CSS3 Transforms to Background Images — A neat trick for applying CSS3 transforms (rotating and skewing elements) to your backgrounds.

Craig Buckler

(Please) Use a:visited in Your CSS Stylesheet — Help your visitors know which links they already visited. I can’t really argue with this.

Evert Pot

Don't Touch My Clipboard — You can (but shouldn’t) change how people copy text from your site.

Alex Ellis

An Accessibility Review of Squarespace, Wix, and Weebly — If you’re reading this newsletter you’re probably building your own pages from scratch or with a framework, but have you ever wondered just how good pages produced by tools like Squarespace or Wix are?

Terrill Thompson

Four Reasons to Still Use Sass in Your Frontend Project

Sonny Recio

Web Font of the Week

JetBrains Mono

From the creators of many a popular IDE comes a free and open source font specifically aimed at developers. I admit I'm a sucker for a monospaced font on the Web, but your mileage may vary.

🔧 Code, Tools and Resources

A Neumorphism/'Soft UI' CSS Shadow Generator — A simple online tool for creating elements matching the new design trend/fad.

Adam Giebl

Utopia: Tools for Fluid Responsive Design — There are two nifty tools here, a type scale calculator, and a CSS generator - both designed for scaling type and space without breakpoints.

James Gilyead and Trys Mudford

plink-plonk.js: Listen to Web Pages As Their DOM ChangesThis is really cool. Run this code at a console on a ‘busy’ Web page with lots of DOM changes and updates and you’ll be able to ‘hear’ them taking place.

Tom Hicks

Croppola: Quick Web-Based Image Cropping — These sorts of quick online tools sometimes seem a dime and dozen but this is so quick and simple, I had to recommend it.

Croppola

Axe 3.5: Accessibility for Development Teams — The popular accessibility testing toolkit is now at 3.5. Includes a better color contrast test, several new rules, bug fixes, and Danish localisation.

Wilco Fiers

   🗓 Upcoming Events

ConveyUX, March 3-5 — Seattle, USA — This West Coast user experience conference features over 65 sessions across three days.

POSTPONED: W3C Workshop on Web & Machine Learning, March 24-25 — Berlin, Germany — Hosted by Microsoft, this free event aims to “bring together providers of Machine Learning tools and frameworks with Web platform practitioners”.

ImageCon, April 22-23 — San Francisco, USA — Learn the latest in innovative approaches to the visual web.

by via Frontend Focus
Posted by at No comments:
Labels: ,

How to Increase Your LinkedIn Engagement: 4 Tips

Want a highly engaged LinkedIn following? Looking for tips to spur engagement? In this article, you’ll discover how to cultivate a following on LinkedIn. #1: Prepare Key LinkedIn Profile Components to Make a Good First Impression People see your LinkedIn headline when you share a post, comment on someone else’s post, or send an invitation […]

The post How to Increase Your LinkedIn Engagement: 4 Tips appeared first on Social Media Marketing | Social Media Examiner.


by Biron Clark via Social Media Marketing | Social Media Examiner
Posted by at No comments:
Labels:

Instagram CEO Reveals Shocking Secret About the Platform

Recently Instagram CEO Adam Mosseri decided to hold an AMA (ask me anything) on his social media, and he did this by responding to user queries via the Stories feature on his personal profile. The main reason for him doing this probably had something to do with the fact that he wanted to give users...

[ This is a content summary only. Visit our website https://ift.tt/1b4YgHQ for full links, other content, and more! ]

by Zia Muhammad via Digital Information World
Posted by at No comments:
Labels:

Bite Toothpaste Bits

Bite Toothpaste Bits
The plastic-free + all natural way to replace the paste you've used your whole life.Please see these pages:- bitetoothpaste.com/sustainability- bitetoothpaste.com/products/brush
by via Awwwards - Sites of the day
Posted by at No comments:
Labels: , , ,

Tuesday, February 18, 2020

Forms, File Uploads and Security with Node.js and Express

Forms, File Uploads and Security with Node.js and Express

If you’re building a web application, you’re likely to encounter the need to build HTML forms on day one. They’re a big part of the web experience, and they can be complicated.

Typically the form-handling process involves:

  • displaying an empty HTML form in response to an initial GET request
  • user submitting the form with data in a POST request
  • validation on both the client and the server
  • re-displaying the form populated with escaped data and error messages if invalid
  • doing something with the sanitized data on the server if it’s all valid
  • redirecting the user or showing a success message after data is processed.

Handling form data also comes with extra security considerations.

We’ll go through all of these and explain how to build them with Node.js and Express — the most popular web framework for Node. First, we’ll build a simple contact form where people can send a message and email address securely and then take a look what’s involved in processing file uploads.

A contact form with email and message with validation errors

As ever, the complete code can be found in our GitHub repo.

Setup

Make sure you’ve got a recent version of Node.js installed. node -v should return 8.9.0 or higher.

Download the starter code from here with Git:

git clone -b starter https://github.com/sitepoint-editors/node-forms.git node-forms-starter
cd node-forms-starter
npm install
npm start

Note: The repo has two branches, starter and master. The starter branch contains the minimum setup you need to follow this article. The master branch contains a full, working demo (link above).

There’s not too much code in there. It’s just a bare-bones Express setup with EJS templates and error handlers:

// server.js
const path = require('path');
const express = require('express');
const layout = require('express-layout');

const routes = require('./routes');
const app = express();

app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'ejs');

const middlewares = [
  layout(),
  express.static(path.join(__dirname, 'public')),
];
app.use(middlewares);

app.use('/', routes);

app.use((req, res, next) => {
  res.status(404).send("Sorry can't find that!");
});

app.use((err, req, res, next) => {
  console.error(err.stack);
  res.status(500).send('Something broke!');
});

app.listen(3000, () => {
  console.log('App running at http://localhost:3000');
});

The root url / simply renders the index.ejs view:

// routes.js
const express = require('express');
const router = express.Router();

router.get('/', (req, res) => {
  res.render('index');
});

module.exports = router;

Displaying the Form

When people make a GET request to /contact, we want to render a new view contact.ejs:

// routes.js
router.get('/contact', (req, res) => {
  res.render('contact');
});

The contact form will let them send us a message and their email address:

<!-- views/contact.ejs -->
<div class="form-header">
  <h2>Send us a message</h2>
</div>
<form method="post" action="/contact" novalidate>
  <div class="form-field">
    <label for="message">Message</label>
    <textarea class="input" id="message" name="message" rows="4" autofocus></textarea>
  </div>
  <div class="form-field">
    <label for="email">Email</label>
    <input class="input" id="email" name="email" type="email" value="" />
  </div>
  <div class="form-actions">
    <button class="btn" type="submit">Send</button>
  </div>
</form>

See what it looks like at http://localhost:3000/contact.

Form Submission

To receive POST values in Express, you first need to include the body-parser middleware, which exposes submitted form values on req.body in your route handlers. Add it to the end of the middlewares array:

// server.js
const bodyParser = require('body-parser');

const middlewares = [
  // ...
  bodyParser.urlencoded({ extended: true }),
];

It’s a common convention for forms to POST data back to the same URL as was used in the initial GET request. Let’s do that here and handle POST /contact to process the user input.

Let’s look at the invalid submission first. If invalid, we need to pass back the submitted values to the view (so users don’t need to re-enter them) along with any error messages we want to display:

router.get('/contact', (req, res) => {
  res.render('contact', {
    data: {},
    errors: {}
  });
});

router.post('/contact', (req, res) => {
  res.render('contact', {
    data: req.body, // { message, email }
    errors: {
      message: {
        msg: 'A message is required'
      },
      email: {
        msg: 'That email doesn‘t look right'
      }
    }
  });
});

If there are any validation errors, we’ll do the following:

  • display the errors at the top of the form
  • set the input values to what was submitted to the server
  • display inline errors below the inputs
  • add a form-field-invalid class to the fields with errors.
<!-- views/contact.ejs -->
<div class="form-header">
  <% if (Object.keys(errors).length === 0) { %>
    <h2>Send us a message</h2>
  <% } else { %>
    <h2 class="errors-heading">Oops, please correct the following:</h2>
    <ul class="errors-list">
      <% Object.values(errors).forEach(error => { %>
        <li><%= error.msg %></li>
      <% }) %>
    </ul>
  <% } %>
</div>

<form method="post" action="/contact" novalidate>
  <div class="form-field <%= errors.message ? 'form-field-invalid' : '' %>">
    <label for="message">Message</label>
    <textarea class="input" id="message" name="message" rows="4" autofocus><%= data.message %></textarea>
    <% if (errors.message) { %>
      <div class="error"><%= errors.message.msg %></div>
    <% } %>
  </div>
  <div class="form-field <%= errors.email ? 'form-field-invalid' : '' %>">
    <label for="email">Email</label>
    <input class="input" id="email" name="email" type="email" value="<%= data.email %>" />
    <% if (errors.email) { %>
      <div class="error"><%= errors.email.msg %></div>
    <% } %>
  </div>
  <div class="form-actions">
    <button class="btn" type="submit">Send</button>
  </div>
</form>

Submit the form at http://localhost:3000/contact to see this in action. That’s everything we need on the view side.

Validation and Sanitization

There’s a handy middleware called express-validator for validating and sanitizing data using the validator.js library. Let’s add it to our app.

Validation

With the validators provided, we can easily check that a message and a valid email address was provided:

// routes.js
const { check, validationResult, matchedData } = require('express-validator');

router.post('/contact', [
  check('message')
    .isLength({ min: 1 })
    .withMessage('Message is required'),
  check('email')
    .isEmail()
    .withMessage('That email doesn‘t look right')
], (req, res) => {
  const errors = validationResult(req);
  res.render('contact', {
    data: req.body,
    errors: errors.mapped()
  });
});

Sanitization

With the sanitizers provided, we can trim whitespace from the start and end of the values, and normalize the email address into a consistent pattern. This can help remove duplicate contacts being created by slightly different inputs. For example, ' Mark@gmail.com' and 'mark@gmail.com ' would both be sanitized into 'mark@gmail.com'.

Sanitizers can simply be chained onto the end of the validators:

// routes.js
router.post('/contact', [
  check('message')
    .isLength({ min: 1 })
    .withMessage('Message is required')
    .trim(),
  check('email')
    .isEmail()
    .withMessage('That email doesn‘t look right')
    .bail()
    .trim()
    .normalizeEmail()
], (req, res) => {
  const errors = validationResult(req);
  res.render('contact', {
    data: req.body,
    errors: errors.mapped()
  });

  const data = matchedData(req);
  console.log('Sanitized:', data);
});

The matchedData function returns the output of the sanitizers on our input.

Also, notice our use of the bail method, which stops running validations if any of the previous ones have failed. We need this because if a user submits the form without entering a value into the email field, the normalizeEmail will attempt to normalize an empty string and convert it to an @. This will then be inserted into our email field when we re-render the form.

The post Forms, File Uploads and Security with Node.js and Express appeared first on SitePoint.


by Mark Brown via SitePoint
Posted by at No comments:
Labels: , , , , , , , ,

Zuckerberg defends Facebook to be the reason of societal division in the Munich Security Conference

In this digital era, it is hard for users to avoid any information that they see on social media. Since the Presidential Election of 2016, Facebook has long been in the talks due to its influence on people about changing their opinion, creating a social division and angst, etc. However, Facebook’s...

[ This is a content summary only. Visit our website https://ift.tt/1b4YgHQ for full links, other content, and more! ]

by Madiha via Digital Information World
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)