Front-end development is popular and necessary — but it is also hampered by the fact that everything happens on the client. Perhaps “hampered” is too strong of a word, but there are times when a front-end developer wants or needs access to a server. In this talk, Martin Gontovnikas introduces “webtasks,” which can be described as a small backend application to support a large front-end application.
CSS, the layout and formatting language of the Web, is hard for many people to use. Sass is one of several CSS supersets and/or replacements that have emerged over the years, allowing us to write our CSS more expressively and concisely. In this talk, Hugo Giraudel describes many of the Sass mistakes that he has seen, and corrected, in numerous open-source projects over the last few years — and thus, indicates ways in which you can improve your use of Sass, and thus clean up your stylesheets.
Ruby on Rails makes it easy to take user-submitted parameters, and pass them along to the database via Active Record. That’s great, but raises questions about security. In this talk, Tara Scherner De La Fuente teaches us about “strong parameters,” the mechanism in Rails that ensures we only pass to our models those values that we really want and need to pass along. She gives us hints for using them, and for ensuring that our applications are as protected as they can and should be.
Security is a big problem on the Internet, and Web applications need to have security baked in almost from the first day in order to avoid being attacked and/or exploited. But security needs and concerns can be so overwhelming that a new site might decide to put off worrying about security at all. In this talk, Jacob Kaplan-Moss describes which staff members should be thinking and worrying about security (everyone), how to plan for problems, and what to document — as well as considerations regarding the implementation of security policies in code and tests. If you’re a Web developer, then you should at least think about these security issues.
Web applications generally have a database on the back end. But how should we structure that database? There are many ways to structure our database in a database, and some of them are far more efficient and manageable than others. In this talk, Andrew Godwin discusses and shows many of the different ways in which people use and abuse their databases for back-end storage, and indicates why these might be bad ideas — whether you’re using Django, or any other Web application framework.
Twitter seems like magic: You send a tweet, and it’s sent to your many followers in something closer to real time. But of course, Twitter — like all network applications — makes use of millions of networks that are not under its control. Many of those networks are slow and unreliable. How can you create a network application that appears to be seamless and reliable, working with images as well as text, when it is built on such an unreliable, unmanageable infrastructure? In this talk, Jess Garms describes the ways in which Twitter has worked to increase not just the reliability of their systems, but also the appearance of reliability for their users.
So, your Web application is running slowly. Does this mean that you need to switch languages or frameworks? Buy (or rent) a larger server, or more servers? Start tinkering with the database calls? Perhaps — but it could be that a smart cache, aka an HTTP accelerator, will help you. Caches and HTTP accelerators are no longer as simple as they once were; they can be clever about static vs. dynamic content. In this talk, Wim Godden describes ways in which Varnish and other accelerators work, but then describes where such systems are limited, and some advances that nginx has made in this direction.