<meta property="fc:frame" content="vNext" /> <meta property="fc:frame:image" content="https://blog.flashsoft.eu/images/og/default-og-blog-opt.webp" /> <meta property="fc:frame:post_url" content="https://blog.flashsoft.eu/fc-frame-handler" /> <meta property="fc:frame:button:0:post_redirect" content="Visit Page" /> <meta property="fc:frame:button:0:action" content="link" /> <meta property="fc:frame:button:0:target" content="https://blog.flashsoft.eu/tag/javascript" /> <meta property="fc:frame:button:1" content="About Author" /> <meta property="fc:frame:button:2" content="About Blog" /> <meta property="fc:frame:button:3" content="Support Blog" />

Tag JavaScript

Pitfalls of securing SPA without backend

The only perceivable reason to want to secure a SPA without a backend is to avoid costs as much as possible. Securing without a backend is an almost impossible task. But still, you can secure some parts using browser encryption before building and deploying.

And you can avoid huge costs since you can serve millions of static high-quality requests virtually free.

But then again, what good is that? After all, without an API, or a database, you practically serve something akin to a book, and you can...

View full article

Semi-open Github Repos

If you ever had a repo and didn't want to set it completely open, then you didn't have many choices. For example, Gitlab at least lets you have a public repo with private code, but this isn't a thing for Github.

So I thought of a simple system where you have a bot that watches specific repos, and if a user stars one of those repos, then the bot will automatically invite that user to the private repo associated with the starred repo by a map.

You can take a look if you want on GitHub. The code for ...

View full article

PartyTown On SvelteKit

To start, I'll say what party town is, in a nutshell: it's a tool to get some of your execution out of the main thread and into a worker.
It's doing that by communicating between the worker and the main thread, which will primarily execute DOM updates.
More in-depth, this concept works by you marking the scripts as `not javascript` then those scripts are forwarded to the worker. If those scripts are external, they must be passed through a proxy that will get around CORS.
Now most common use for Pa...

View full article

Scrap / GET Contribution Table from GitHub

So when it comes to some products like Twitter & GitHub, there are ways to either access non-public APIs or minimum, to scrap info that we can't take easily with the official API.
For Twitter, I think it is more important because you can access a lot of data for free, but I'm not going into that in detail because methods still work for years. And I think people who found ways to scrape data from Twitter data with not much cost should continue.

About GitHub, you probably know this, for its fronte...

View full article