Rethinking About Cookies and CORS
Talking about the release of the Samesite policy, I think again about cookies and CORS. Are cookies really dripping? Let's take a look at some of the scenarios.
四零二曜日電子報上線啦!訂閱訂起來
Software Engineer / Taiwanese / Life in Fukuoka
This blog supports RSS feed (all content), you can click RSS icon or setup through third-party service. If there are special styles such as code syntax in the technical article, it is still recommended to browse to the original website for the best experience.
我會把一些不成文的筆記或是最近的生活雜感放在短筆記,如果有興趣的話可以來看看唷!
Talking about the release of the Samesite policy, I think again about cookies and CORS. Are cookies really dripping? Let's take a look at some of the scenarios.
React 17 released with no major updates or new features, but useEffect's clean up timing has changed quietly. This article does not explain each update one by one, but rather a note of what is worth keeping track of in the article.
As the browser can do more and more, the scope of front-end can be covered more and wider, just the term front-end, you may have multiple branches
When I'm working on the new library, I also study the person (not all of it, or an npm install will take a lifetime to look at). Because the creator of technology is human, the creator of the library is human, the creator of the framework is human, and everyone is flesh and blood.
In part1, we mentioned how to write a JSON parser and implement the function of parsing strings. Next, we add other functions. (In fact, as long as you know the fundamentals, the rest of the function implementations are just as follows)
Today we'll start with parsing JSON and explain how to build a JSON parser from scratch. Due to the simple architecture of JSON, it is a good practice.
Just after I was happy to implement smooth-scroll with svelte, I realized that I could actually achieve it with one line of CSS
Run to see the Svelte source code today,Familiar with the architecture while taking a look at any simple issue can be used to practice。
The mechanism of the feeling rollup itself is not so complete webpack
But the way Svelte is also destinated to encounter some problems,The main thing is that Svelte can not help you do too many things in the runtime。
The first time I saw Svelte, I thought, “Well... is it a new front-end framework yet?” , holding such a mood did not care too much. It began to arouge my curiosity after seeing more and more blog posts and a lot of websites being used later.
Starting with Chrome 80+, samesite in cookies is set to lax by default. We'll start with the definition of samesite and what it's useful for, and reflections on cookies, what I think about the whole thing.
Before hoping to be able to put some things on the front-end development record, but has not been started to do it, taking advantage of the Ironman race all sorted out in one breath. The series is divided into several parts, and there is a chance to continue to write about it in the future. Introduction of JavaScript Basics JavaScript with ECMAScript...
react-transition-group upgrade from v1 to v4 is more important: after the upgrade CSstransitionGroup component was removed leave becomes exit transitionName becomes classenterTimeout...
Instead of introducing the API for react-hooks, this article tries to explore the reasons behind the design from a design perspective. It is divided into sections: The Difference between Function Component and Class Component How to Reuse Similar Logic in Components for High-order Components...
This article is done by looking at Implementing a pin-to-bottom scrolling element with only CSS, and explains how to use JavaScript. Now the more often the page appears, the scroll is positioned to the bottom each time new content is added. Like Twitch...
One day while developing a page, to check that the header fields are correct, open the development tools and see a few more suspicious headers in the request: network. Have you noticed something suspicious? A closer look to find out how there are three to Sec-Fetch...
Many web pages have a variety of scripts to be executed, of course, there will be priority, such as the more important: rendering the UI, registering relevant interactive events, calling the API to fetch data, etc., are high-priority tasks, such as relatively unimportant tasks: Analytic script, lazy loading, initialization comparison Unimportant events. How to count Idle...
In the front-end, we can mainly send requests in two ways: XHR and Fetch. XHR is from, um... That had an API a long time ago. However, because it is troublesome to set up, it is often wrapped into higher-level APIs, such as Jquery getJSON, axios, RxJS ajaxObservable...
CORS and cookies on the front end is a very important problem, but most of the time in development, because the domain of the front and back end is often the same, so rarely to care for these problems. Or just ask the backend to be Access-Control-Allow-Origin...
Vue was developed in recent projects, and vuex is often used as the Single Truth of Source store to manage more complex streaming states. When building store inside vue,Are all the modules are written,Then unified into the vue root...
Array.sort analysis This article is not talking about things to note in Javascript's native sort. For example, the default sort method will convert the value to String and sort according to the char code, so the above result will appear. Today we're going to explore the implementation behind Javascript sort
Recognize the fact that table is not used as a brilliant visual, recently there is a need to use tables frequently in the background, how to design a good table for users is a challenge, especially in the case of a large number of data pens and many fields, users are easily attracted to additional elements. Actually for rendering data on, table...
react finally released v16,In fact, the introduction of the official blog is quite complete (and pleasing to the eye)。 This article serves as notes and consolidation, streamlining some of the details. ComponentDidPatch (error, info) react16's brightest part, adding errorBoundary functionality to ensure that the life cycle...
Finally, time to organize the recent interview process. Summarize some of the things that we see: Usually, company interviews only test Javascript familiarity, mostly about algorithms or interpreting prototype chains, etc., rarely examines DOM or Event operations. Almost without CSS, even if there is simply a basic question such as class and ID priority. No interview exam HTML...
ramda is a very useful library. If you have heard of lodash or underscore, you can think of ramda as functional programming lodash. Their API has many similarities, except that ramda has FP functions, any API...
Today is the last day of the Ironman race, I feel that the last part of the end of my harvest is not very good, and there are many parts that are not fully introduced because of the relationship between time.
In front-end pages, we often come across layouts that require the same height. The most intuitive way to do this is to set all elements of the container to float or inline-block. float and inline-block If you use float typesetting,Not only to stretch the parent element container (clearfix),But also for child elements set margin...
Before writing an article about their own idea of css variable,Originally not held much expectations for this attribute,Own used to SASS variables also feel like this CSS variable but like an awkward system,But if you think so people,You can refer to this article
From SASS to PostCSS about a year ago, PostCSS began to fling in the front-end ecosystem, nothing more than the so-called preprocessor features, highly customized their own plugin, the first to use cssnext function, but also with a variety of construction tools (gulp, webpack...