(Note: The actual talk starts at 5:30, after some announcement.)
Increasingly, Web sites want to be secure and encrypted. It doesn’t matter if you’re running a huge e-commerce site or just a lowly blog; the trend is clear, that having an HTTPS-encrypted site is a good thing to do. If that’s the case, then why don’t more people do it? Part of it is the cost — to have a secure site, you need to get a certificate from a (potentially expensive) certificate authority (CA). Let’s Encrypt is a new service that aims to make it easy and free to set up an HTTPS-powered site. In this talk, Josh Aas describes Let’s Encrypt — the motivations, the technology, and the issues remaining before HTTPS can be universally available.
Security has always been an important consideration for Web developers. However, in the last few years, many sites have been pushing (or been pushed) to use only HTTPS (a secure version of HTTP) for their site. PCI regulations effectively require that a site only use HTTPS, and large sites such as Google and Facebook encourage (and sometimes demand) that a site refuse unencrypted HTTP requests. This means that many sites which could previously ignore the calls for HTTPS now need to use and install it. In this talk, Nick Sullivan introduces the ideas behind HTTPS, and walks new developers/administrators through the process of making an nginx-backed site HTTPS-compliant.
Cascading Stylesheets (CSS) is the way in which we describe the design and layout of Web pages. But is CSS a programming language, or something less than one? And have those boundaries changed over time? And what does this mean for the people creating and modifying stylesheets; what skills do they need to have? In this talk, Chris Eppstein describes what CSS has been, is, and will be, and how this will affect front-end design.
For years, front-end developers have employed “minification” to turn CSS into something that’s short, and thus faster to download, Minification techniques have improved over the years, with some providing a great degree of compression. In this talk, Ben Briggs describes the latest version of CSSNano, and how it works to minify CSS, and how it improves on previous generations of minifiers.
So, you want to download information from the Web? Great — but if the data isn’t available via an API, then you’re going to need to scrape it. That means retrieving the HTML, parsing it, and turning into data you can really use. A popular way to do so in Python is scrapy, an open-source framework for crawling and downloading data. In this talk, Karthik Ananth introduces scrapy, and demonstrates why it’s a powerful tool for creating your own crawlers, either for widespread scraping purposes for specific, single-use projects.
nginx is an increasingly popular HTTP server, in no small part because of its ability to scale massively. Because of its modular architecture, nginx is used not only on its own, but also with many third-party modules that add functionality to the core HTTP server. One module, Naxsi, provides administrators with the ability to filter (and reject) certain patterns of URLs, request headers, locations, and other suspect requests that might cause more harm than good. In this talk, Stepan Ilyin introduces naxsi and other nginx-based security techniques that, if used, can reduce the chances of someone taking down your Web application.