This post is best described as a technology demonstration; it melds together web servers, plugins, WebAssembly, Go, Rust and ABIs. Here’s what it shows:

How to load WASM code with WASI in a Go environment and hook it up to a web server.
How to implement web server plugins in any language that can be compiled to WASM.
How to translate Go programs into WASM that uses WASI.
How to translate Rust programs into WASM that uses WASI.
How to write WAT (WebAssembly Text) code that uses WASI to interact with a non-JS environment.

source: L

The purpose of the <keygen/> element was to allow a web browser to generate a private/public keypair upon submitting a form, in a way that allowed a web browser to be enrolled in a new client certificate.

source: L

Charts.css is a modern CSS framework. It uses CSS utility classes to style HTML elements as charts.

source: L

This is not the first time my blog has been subject to right-to-be-forgotten (RTBF) takedowns. See, e.g., this post (scroll down for the updates). But every time the RTBF is applied to my blog, it’s probably a wrongful application of a misguided policy and worth relaying here.

essentially the text of the label will be colored white if perceived-lightness<0.453 and black otherwise. However, when the perceived-lightness is very close to the threshold, we don’t trigger the min or max and actually get some sort of grey color for the label.

source: HN

The carrot basically is: if you have a well-behaved feed reader, you will continue to be able to discover a new post on my feed in a reasonable amount of time. This is most people. Most people do it right. Thank you for that.

The stick is: if you do not, you will not. It will take considerably longer to notice something’s different out here.

We’d managed to get from ‘some quite strange things are happening to the header, beta banner and buttons’ to ‘text wraps unnecessarily within intrinsically-sized elements when using certain fonts and the inner HTML of the element contains a new line that is not preceded by a space’.

source: HN

I spent the last two months (roughly ~150 hours) porting Zelda Classic to run in a web browser.

I hope my efforts result in Zelda Classic reaching a larger audience. It’s been challenging work, far outside my comfort zone of web development, and I’ve learned a lot about WebAssembly, CMake and multithreading. Along the way, I discovered bugs across multiple projects and did due diligence in fixing (or just reporting) them when I could, and even proposed a change to the HTML spec.

Weird how there’s bugs everywhere one looks.

Trailing dots on host names in URLs is the gift that keeps on giving. Let me take you through a dwindling story of how the dot is handled differently in different places through the stack of an Internet client. The evil trailing dot.

source: L

An interactive experience!

source: DF

But there is a whole bunch of lesser-used attributes that I was sure I’d forgotten about, and probably a whole bunch of attributes I didn’t even know existed. This post is the result of my research, and I hope you’ll find some of these useful to you, as you build HTML pages in the coming months.

source: HN

The state of getting the “real client IP” using X-Forwarded-For and other HTTP headers is terrible. It’s done incorrectly, inconsistently, and the result is used inappropriately. This leads to security vulnerabilities in a variety of projects, and will certainly lead to more in the future.

source: HN

Admittedly, the API is a bit behind the times when it comes to state-of-the-art 2D drawing. Fortunately we’ve been hard at work implementing new features in Canvas2D to catch up to CSS, streamline ergonomics and improve performance.

source: HN

Like Google Mail, Google Docs almost entirely consists of obfuscated JavaScript, some of it common between the two. Its HTML structure is quite simple, though it uses hidden iframes for various purposes (one for key input and another for calculating word widths, amongst others). Over the course of the couple of months I identified over 30 distinct issues that needed fixing, and I’ll discuss the more interesting ones in the second section of this blog.

As with Gmail, I believe Flow is the only browser engine written after Google Docs that can run Google Docs.

source: HN

This is most annoying when the most important keyboard shortcuts are inaccessible. A very common shortcut is / for accessing search functionality. Unfortunately, there is no /-key on most international layouts. Adding modifiers to produce this key with your layout rarely helps. For example, on my German layout, / is produced via Shift+7. Most web applications will ignore this. Similarly painful is when Electron apps use [ and ] for navigating backwards and forwards.

If you use a US layout, you might be surprised to hear about these problems. But rest assured, they are not new and I am not the only one who is affected. We are at a point where it is easy to find users complaining about this for almost any popular web application.

source: HN

The episode captured Medium in all its complexity: a publishing platform used by the most powerful people in the world; an experiment in mixing highbrow and lowbrow in hopes a sustainable business would emerge; and a devotion to algorithmic recommendations over editorial curation that routinely caused the company confusion and embarrassment.

As part of a Zoom call today, I tried to sign up for a $10 monthly subscription on a Substack page to test the user journey. I paid $2,023.

When I’ve clicked my card details in 1Password, it’s entered my expiry year in the hidden, custom subscription amount box (I’m not sure why - is this a 1Password bug?). Because this box has now changed value, the Substack UI has automatically selected this option. I’ve then hit “Subscribe” before I had time to notice and 💸 $2,023.

source: HN

The term “CDN” (“content delivery network“) conjures Google-scale companies managing huge racks of hardware, wrangling hundreds of gigabits per second. But CDNs are just web applications. That’s not how we tend to think of them, but that’s all they are. You can build a functional CDN on an 8-year-old laptop while you’re sitting at a coffee shop. I’m going to talk about what you might come up with if you spend the next five hours building a CDN.

It’s useful to define exactly what a CDN does. A CDN hoovers up files from a central repository (called an origin) and stores copies close to users. Back in the dark ages, the origin was a CDN’s FTP server. These days, origins are just web apps and the CDN functions as a proxy server. So that’s what we’re building: a distributed caching proxy.

Knowing that the majority of readers doesn’t click buttons does not mean you shouldn’t use any buttons. Knowing that many many people will ignore your tooltips doesn’t mean you shouldn’t use any tooltips. All it means is that you should not hide important content behind interactions. If some information is crucial, don’t make the user click or hover to see it (unless you really want to). But not everything is crucial and 15% of readers isn’t nobody. So there is a lot we can do with interaction, and I am going to point out three examples below.

source: Dfly

In response to Australia’s proposed new Media Bargaining law, Facebook will restrict publishers and people in Australia from sharing or viewing Australian and international news content.