304 private links
A valid minimal HTML page
- avoid uneccessary default features
- use specialized lighter crates
The migration schematics automate code changes between angular versions
I have the same idea for a node js backend serving a fancy UI :)
It would be better to split the UI and the server while developing to benefit from hot reloading.
Example: https://git.sr.ht/~pyrossh/rust-embed/tree/master/item/examples/axum-spa/main.rs
- relying on shared mutation
- treat the compiler as something trying to help
- ignoring proper module organization
You have to unlearn a few habits.
- Writing Rust code like other languages
- Neglecting the most important 20% of Rust. Trying to learn everything at once: you don't need to learn all at once. Focus on the 20% that gives the 80%.
- Being a productive procrastinator: watch a video or read a blog post.
- Thinking you can vibe code Rust like JS...
Hands on practice! The programmer has to internalize the concepts of Rust. Getting a grasp is not enough.
A points on many HTML tags (aside, mark, section, hgroup, video, progress, base): how to use them. Many good tips or rules to follow.
The CSS @import rule, [attr$=value] is a CSS selector for suffix values, box shadows with inset, cursor: zoom-in
Translated pages with <link rel="alternate"> and hreflang
Some usages such as HTML in script to reuse them as <template />, gpt or instappaper_ignore class names
The web is big and messy and bloated, and there are lots of reasons to be pessimistic about the state of modern web development – but there are also lots of people doing cool and interesting stuff with it.
Replace the standard DefaultHasher to ahash::{AHashMap, AHashSet} to gain 18% improvements.
[Summary generated by ChatGPT]
The article provides an overview of the JOSE (JSON Object Signing and Encryption) framework, a family of standards for securing JSON-based data and communications. It explains the major JOSE components and how they work together.
Key Components
-
JWS (JSON Web Signature): Adds a digital signature to JSON data to ensure integrity (the data wasn't altered) and authenticity (it came from the expected sender). A JWS contains a header, payload, and signature. It does not encrypt the content, so anyone can read it.
-
JWE (JSON Web Encryption): Encrypts JSON content to provide confidentiality. The article describes the typical process: generate an encryption key, encrypt the payload, encrypt the key for the recipient, and package everything into a JWE structure containing metadata, encrypted key, initialization vector, ciphertext, and authentication information.
-
JWK (JSON Web Key): A standardized JSON representation of cryptographic keys. JWKs can represent RSA, EC, symmetric, and other key types, and include metadata such as key type, algorithm, usage, and key ID. They are used by JWS and JWE for signing, verification, encryption, and decryption. ([Medium][1])
-
JWT (JSON Web Token): A compact token format commonly used for authentication and authorization. A JWT consists of:
- Header (algorithm and token type)
- Payload (claims/data)
- Signature (verification data)
JWTs allow systems to securely transmit user identity and permissions without repeatedly querying a database. The article emphasizes that JWTs should still be used over secure channels such as HTTPS.
-
JWA (JSON Web Algorithms): Defines the cryptographic algorithms used by JWS and JWE for signing, encryption, and key management.
Security Goals Addressed by JOSE
The framework is designed to support four common security objectives:
| Objective | Provided By |
|---|---|
| Integrity | JWS |
| Authenticity | JWS |
| Confidentiality | JWE |
| Non-repudiation | Primarily via digital signatures |
([Medium][1])
JWE vs. HSM
The article briefly compares JWE with Hardware Security Modules (HSMs):
- JWE protects data in transit through encryption.
- HSMs are physical devices that securely store and manage cryptographic keys and perform cryptographic operations.
They solve different security problems and are often complementary.
Main Takeaways
- Use JWS when you need proof that data has not been modified.
- Use JWE when the data must remain secret.
- Use JWK to exchange and manage cryptographic keys in a standardized format.
- Use JWT to package claims or identity information in a compact, signed (and optionally encrypted) token.
- JOSE provides interoperable, language-agnostic standards that are widely adopted across industries for secure API and application communication.
In one sentence: JOSE is a toolkit of standards that lets developers sign, encrypt, manage keys, and securely transmit JSON-based information in a consistent and interoperable way.
I don't understand some things here
A transition to open or close a modal
Width and height in CSS does not work properly, The parent height takes priority over the child height.
In order for something like height: 50% to work, the parent’s height can’t depend on the child’s height.
A fixed height works just fine. There is one thing to consider though
when we tell
to have height: 50%, that percentage isn’t based on the parent element’s total size, it’s based on the parent’s “content box”. This is the space inside the element, within its border and padding.
It doesn't work with min-height because the size of the element is dynamic.
CSS Grid's children will grow to fill their grid cell as if they have a height: 100%. Another approach is to use flexbox with flex: 1 on the child.
Layouts are mini-languages indeed. See https://shaarli.lyokolux.space/shaare/TPKfkQ