2016/2017 Must-Know Web Development Tech: Watch this if you want to be a web developer

Taking control of the Browser Security Model

This past weekend at the Devsigner Conference held in Portland, Oregon, Dylan Tack gave an excellent presentation entitled “Taking control of the Browser Security Model”:

Since the birth of the web, the browser security model has remained nearly static. Recent evolutions make it possible for site operators to fine-tune the security model, and enforce mandatory access controls. This session will focus on Content-Security-Policy, and other browser security features like Strict Transport Security and Public Key Pins.

47% of all web applications have a cross-site-scripting vulnerability, and this potential security flaw ranks in the top three classes of all vulnerabilities. [ White Hat Security, 2015 Website Security Statistics Report ]

A Content Security Policy is a systematic way to block these attacks, by whitelisting allowed sources of script, style, and other resources. The holy grail – blocking “unsafe-inline” code – offers the strongest defense, but can be a big surprise for front-end developers when inline scripts and styles stop working!

If you are developing for the web you need to take a look at his slide deck. If you have any questions, feel free to let let me know.

IBM Bluemix Weather Company API with Python

Here is a simple example of calling the IBM Weather Company REST API using Python. The program asks for a US ZIP code and then displays some of the data. A perfect program for an intro to programming class. Also, on GitHub.


# Using the IBM Bluemix Weather Company API
# Bruce Elgort
# July 9, 2016
# Version 1.0
# IBM Weather Company Docs: https://console.ng.bluemix.net/docs/services/Weather/weather_rest_apis.html#rest_apis

import requests
import json

def get_weather(zip):
    username = 'your username'
    password = 'your password'

    watsonUrl = 'https://twcservice.mybluemix.net/api/weather/v1/location/' + zip + ':4:US' + '/observations.json?language=en-US'

    try:
        r = requests.get(watsonUrl,auth=(username,password))
        return r.text
    except:
        return False

def display_weather(results):
    print()
    print('Here is the weather for {0}'.format(results['observation']['obs_name']))
    print('{0:20} {1:<10}'.format('Current Temperature:',str(results['observation']['temp']) + '° and ' + results['observation']['wx_phrase']))
    print('{0:20} {1:<10}'.format('Feels Like: ',str(results['observation']['feels_like']) + '°'))
    print('{0:20} {1:<10}'.format('Low Temp: ',str(results['observation']['min_temp']) + '°'))
    print('{0:20} {1:<10}'.format('High Temp: ',str(results['observation']['max_temp']) + '°'))
    print('{0:20} {1:<10}'.format('Winds:',str(results['observation']['wspd']) + ' mph coming from the ' + results['observation']['wdir_cardinal']))

def get_weather():
    zip = input('Enter US ZIP code to get weather for:\n')
    results = get_weather(zip)
    if results != False:
        results = json.loads(str(results))
        display_weather(results)
    else:
        print('Something went wrong😦')

if __name__ == '__main__':
    get_weather()

Learn to Program with Python

I Do Not Agree

Going to shit

2015 is when web development went to shit. Web development used to be nice. You could fire up a text editor and start creating JS and CSS files. You can absolutely still do this. That has not changed. So yes, everything I’m about to say can be invalidated by saying that.

Read “The Sad State of Web Development” >

Using the Slack API with Python – A Simple Example

Here is a simple Python program that can be used to:

  • Test the API
  • Get a list of Slack Users
  • Get a list of Slack Channels
  • Get information about a Slack Channel
  • Post a message to Slack Channel

Students in my Intro to Programming and Problems Solving class at Clark College learn how to build this and other things using Python.

Have fun with it!

On Github >

# CTEC 121 / Intro to Programming and Problem Solving
# Lab - Using the Slack API
# by Bruce Elgort, 2016

# pip install slackclient to install SlackClient library
from slackclient import SlackClient
import json

def test_slack(sc):
    # use for debugging
    print("Testing API")
    print(80 * "=")
    print (sc.api_call("api.test"))

def get_channel_info(sc,channel):
    # get info about the channel
    print("Getting Channel Info")
    print(80 * "=")
    print (sc.api_call("channels.info", channel=channel))

def get_list_of_channels(sc):
    print("Getting List of Channels")
    print(80 * "=")
    # get list of channels
    channels = sc.api_call("channels.list")
    channels = json.dumps(channels)
    channels = json.loads(str(channels))
    return channels

def display_channels(channels):
    print("Display Channels")
    print(80 * "=")
    for i in channels['channels']:
        print("Channel:",i['name'])

def post_message(sc,text,channel,icon_url,username):
    print("Posting Message to Slack")
    print(80 * "=")
    # post a message into the #general channel
    print (sc.api_call("chat.postMessage",channel=channel,text=text,username=username,icon_url=icon_url,unfurl_links="true"))

def get_users(sc):
    print("Get Users")
    print(80 * "=")
    #call the users.list api call and get list of users
    users = (sc.api_call("users.list"))
    users = json.dumps(users)
    users = json.loads(str(users))
    return users

def display_users(sc,users):
    print("User List")
    print(80 * "=")
    # display active users
    for i in users['members']:
        # don't display slackbot
        if i['profile']['real_name'] != "slackbot":
            # don't display deleted users
            if not i['deleted']:
                # display real name
                print (i['profile']['real_name'])
def main():
    # define variables
    token = "your token"
    channel = "a channel id"
    username = "Username to use display for message function"
    icon_url = "icon url for message function"
    # connect to Slack
    sc = SlackClient(token)
    # test slack
    test_slack(sc)
    # get channel info
    get_channel_info(sc,channel)
    # get list of channels
    channels = get_list_of_channels(sc)
    # display channels
    display_channels(channels)
    # post message
    post_message(sc,"Visit http://slack.com",channel,icon_url,username)
    # get users
    users = get_users(sc)
    # display users
    display_users(sc,users)

main()

Getting Started with IBM Bluemix

What is Node.js Exactly? – a beginners introduction to Nodejs

Something all Application Developers Should Consider Reading

Front-End Architecture: A Modern Blueprint for Scalable and Sustainable Design Systems by Micah Godbolt

With CSS preprocessing, icon fonts, grunt workflows, pattern libraries and JavaScript MVCs, the front-end workspace is anything but simple. This complex stack of tools can no longer be pieced together on a whim. Front-End Architecture needs and deserves the same attention given to content strategy, data migration, or server configuration. This practical book helps you explore all of these important decisions—right at the stage of the project where they need to be decided.

You’ll learn about the rewards gained from early, informed decisions, and the risks incurred if choices are made too hastily, or too late. Whether you are a front-end developer or a project owner, this book will inspire you.

Micah is a friend of mine who is the author of this fabulous book on front-end architecture. You can pre-order the book on Amazon or you can purchase the early release draft from O’Rielly. I highly recommend this book. I personally have learned a tremendous amount from it.

You can also find Micah on the Sass Bites podcast.

More fun with the Slack API

Earlier today I blogged about integrating the IdeaJam API with Slack and now I built another integration using the New York Times Top Stories API (JSON):

Screenshot 2015-11-07 08.51.27

By default the /nyt slash command returns the top stories from the home page however, users can get a list of the sections available by typing /nyt list:

Screenshot 2015-11-06 13.26.57

Follow

Get every new post delivered to your Inbox.

Join 2,039 other followers