Very insightful piece by Uday Hiwarale on ES Decorators (Class Method Decorators, Class Instance Field Decorators, and Class Decorators).
Right now (June 2018), Decorators are in stage 2 and we have Babel plugin to transpile decorators babel-plugin-transform-decorators-legacy. In stage 2, as syntax of the feature is subjected to change, it’s not recommended to use it in production as of now. In any case, decorators are beautiful and very useful to achieve things quicker.
Before going into Decorators he gives a very insightful explanation about Property Descriptors first:
To understand decorators, we need to first understand what is a property descriptor of JavaScript object property.
While testing a progressive web app for one of our clients, I bumped into a suspicious error in the browser console: DOMException: Quota exceeded.
After browsing the app a few more times, it became clear the error would occur after a small number of images were added to the cache storage by the service worker. Looking in the Chrome DevTools Application tab, the cache storage was indeed over capacity.
How could this be? There were only ~15 images in the cache storage. Something was off.
There are many great techniques out there to improve the way we write CSS, and from my experience, I found the following three techniques that make up the BIO acronym work very well together
BEM
ITCSS
OOCSS
A lot of developers/engineers already know those famous techniques but I would like to go through each of them and talk about the way I use those techniques.
I can say that this combination works really well, as it is exactly the work I have done at Small Town Heroes whilst working on their Zender product.
I first heard of the Dunning-Kruger effect at last year’s Fronteers Conference in a talk by Jessica Rose. In that talk she said that “the unskilled aren’t aware of their lack of own skill, and are unable to assess and value others’ skills”. This is known as the Dunning-Kruger effect.
This nice video goes into more detail:
How good are you with money? What about reading people’s emotions? How healthy are you, compared to other people you know? Knowing how our skills stack up against others is useful in many ways. But psychological research suggests that we’re not very good at evaluating ourselves accurately. In fact, we frequently overestimate our own abilities. David Dunning describes the Dunning-Kruger effect.
Interesting blog post by TJ Vantoll, who works on NativeScript:
In this article we’ll walk through Airbnb’s complaints in detail, and talk about how some of those same problems could’ve been handled in NativeScript. We’ll start with things that NativeScript does well (this is the NativeScript blog after all), and then move on to things NativeScript does, well, less well.
Be sure to also read “State of React Native 2018”. In that post, Facebook announced some changes it’s going to make regarding the bridge/threading:
To make React Native more lightweight and fit better into existing native apps, this rearchitecture has three major internal changes. First, we are changing the threading model. Instead of each UI update needing to perform work on three different threads, it will be possible to call synchronously into JavaScript on any thread for high-priority updates while still keeping low-priority work off the main thread to maintain responsiveness. Second, we are incorporating async rendering capabilities into React Native to allow multiple rendering priorities and to simplify asynchronous data handling. Finally, we are simplifying our bridge to make it faster and more lightweight; direct calls between native and JavaScript are more efficient and will make it easier to build debugging tools like cross-language stack traces.
Really looking forward to these upcoming changes 🙂
Jake Archibald discovered a really nice browser bug(which is fixed by now) by which he was able to steal data from remote sites by loading it in as a (fake) wav file.
The exploit works as follows:
Make a request to evil-script, using a Content-Range header to suggest there’s more data to be loaded afterwards.
Have evil-script return a valid WAV PCM header block, but also have it return a Redirect response header to the cross-origin (!) location you want to read out.
Since a Content-Range header was used, the browser will make a second request to fetch the rest of the data.
A browser susceptible to this exploit will actually make the request to the remote location defined in the Redirect header.
Good browsers will stop here, throwing a CORS error.
Store the returned data in an <audio> element.
Play back the audio fragment, and meanwhile read out its data using a ScriptProcessorNode.
Not all browsers were affected by this bug: in Firefox you could only get the length of the returned content, and it was only in Edge that Jake was able to read out the actual contents of the generated wav file. Here’s a video of Edge (warning: as it’s raw data you’ll only hear glitches and stuff … you might want to turn down the volume):
Nice find Jake!
A shame the process of reporting this bug with the Edge team didn’t go that smooth though (details in Jake’s post). I’m confident the Edge team will adjust / already have adjusted a few things internally to prevent this obstacle course from happening again.
