ericclemmons

Using <details> in GitHub

Suppose you're opening an issue and there's a lot noisey logs that may be useful.

Rather than wrecking readability, wrap it in a <details> tag!

<details>
 Summary Goes Here

samthor

// UPDATE: In 2023, you should probably stop using this! The narrow version of Safari that
// does not support `nomodule` is probably not being used anywhere. The code below is left
// for posterity.

/**
 * Safari 10.1 supports modules, but does not support the `nomodule` attribute - it will
 * load <script nomodule> anyway. This snippet solve this problem, but only for script
 * tags that load external code, e.g.: <script nomodule src="nomodule.js"></script>
 *
 * Again: this will **not** prevent inline script, e.g.:

mathiasbynens

List of features that are supported by Opera 12 but not by Opera 15 due to the switch to Blink/Chromium:

• xhr.responseType = 'json' fixed as of August 19, 2013
• Link HTTP header
• Link HTTP header for stylesheets specifically
• Pressing Enter when an element with tabindex has focus should trigger a click
• Fragment identifiers in data: URIs should be handled correctly
• CSS gradients with transparency
• Accurate SVG rendering
• [`` where foo.svg is an SVG file that contains text looks terrible](https://code.google.com/p/chromium/issues/detail?id=33

NV

stopBefore.js

2min screencast

Examples

stopBefore(document, 'getElementById')
stopBefore('document.getElementById') // the same as the previous
stopBefore(Element.prototype, 'removeChild')

mgol

Here's how to make your site not load CSS and/or JS in IE older than 11:

<!DOCTYPE html>
<html>
    <head>
        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=8,9,11">
        <title>Page title</title>
        <!--[if !IE]>-->
 

jupenur

Multiple vulnerabilities in jQuery Mobile

Summary

All current versions of jQuery Mobile (JQM) as of 2019-05-04 are vulnerable to DOM-based Cross-Site Scripting (XSS) via crafted URLs. In JQM versions up to and including 1.2.1, the only requirement is that the library is included in a web application. In versions > 1.2.1, the web application must also contain a server-side API that reflects back user input as part of an HTTP response of any type. Practically all non-trivial web applications contain at least one such API.

Additionally, all current versions of JQM contain a broken implementation of a URL parser, which can lead to security issues in affected applications.

alxhub

Tree-shakeable Tokens Docs

Status quo and issues with it

Injector structure

Currently, to provide services in Angular, you include them in an @NgModule:

@Injectable()

mgol

var ngAppElem = angular.element(document.querySelector('[ng-app]') || document);

window.$injector = ngAppElem.injector();
window.inject = $injector.invoke;
window.$rootScope = ngAppElem.scope();

// getService('auth') will create a variable `auth` assigned to the service `auth`.
var getService = serviceName =>
    inject([serviceName, s => window[serviceName] = s]);

chee

// bizarguments is a v8 anomaly

function abc() {
  return def();
}
function def() {
  return abc.arguments[0] * 2;
}

abc(50); // >> 100

mgol

import template from './my-dummy.html';
import './my-dummy.scss';

const deps = new WeakMap();

class MyDummyController {
    constructor($timeout, $q) {
        'ngInject';
        deps.set(this, {$timeout, $q});
    }