CORS (Cross Origin Resource Sharing) enables web apps to securely access communicate across origins. But it comes with a performance penalty. In this tip, we'll discuss techniques for minimizing this penalty!

Cet article a pour but d’expliquer comment exposer, sans danger, votre API sur le web… et par conséquent à votre entreprise ! Sans oublier les deux objectifs d’une stratégie de sécurisation d’application : mener la vie dure aux attaquants potentiels, tout en facilitant la vie des consommateurs légitimes.

"IntersectionObserver is a very straight-forward technology. It has a pretty good support in the modern browsers and if you want to implement it for browsers that still (or won’t at all) support it, of course, there is a polyfill for that. But all in all, this is a great technology that allows us to do all sorts of things related to detecting elements in a viewport while helping to achieve a really good performance boost."

"Once web teams have policies like that in place for popular searches that bog down web performance during beyond-peak, it’s easy enough to set up a dashboard with toggles for web teams to switch between rich and powerful searches and redirects when needed."

The Web Payments Working Group is not stopping at the Payment Request API. Work is also underway on other standards, including the Payment Handler API which will allow web applications to act as a third-party payment app.

This specification defines an API that provides the time origin, and current time in sub-millisecond resolution, such that it is not subject to system clock skew or adjustments.

This specification extends the High Resolution Time specification by providing methods to store and retrieve high resolution performance metric data.

Tutoriel de création et de configuration d'un site statique e-commerce avec Hugo (générateur de sites statiques) et Snipcart (système de gestion e-commerce par API).

"This document defines an API that can be used to capture a series of key moments (First Paint, First Contentful Paint) during pageload which developers care about."

Puppeteer is a Node library which provides a high-level API to control headless Chrome over the DevTools Protocol. It can also be configured to use full (non-headless) Chrome.

Comme beaucoup d'orientations technologiques, REST est imparfait et a ses limites : montée en charge, flexibilité, consommation de données, logs… GitHub se tourne désormais vers GraphQL, de Facebook.

Ce site a pour objectif de publier la liste exhaustive des API fournies par le système d’information des Services Publics Francais.

"This particular decision involving navigation policies exposes web browsers to a greater risk than many might think. I personally would like to see these policies locked down a bit further. It might break some websites that rely on this weird functionality that probably should not even be there in the first place."

Plus besoin de préciser le rayon dans les recherches géolocalisées, possibilités de filtrer par polygones ou intersections, des innovations qui vont faire du bien à beaucoup de monde !

"A free API for generating random user data. Like Lorem Ipsum, but for people."

"FlatBuffers isn't ready. I'm going to stick with JSON (via Gson) & protocol buffers (via Wire)."

Comment Facebook a abandonner JSON lors de ses échanges avec ses applications Android pour privilégier à la place l'usage d'à-plats de données.

Comment Meetic opère le changement technologique sur son SI, à l'aide d'une architecture d'API publique / API privée développé en Symfony.