Web Development

Hello, I have a problem with CORS and I think this is right community to get help.

When I use this code:

import { LemmyHttp } from 'lemmy-js-client';
const client = new LemmyHttp('https://lemmy.ml');
const { posts } = await client.getPosts({
    limit: 10,
    page: 1
});

to get posts from lemmy.ml (using lemmy-js-client), I get:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://lemmy.ml/api/v3/post/list?limit=10&page=1. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 400.

I have tried to add header like this:

const client = new LemmyHttp('https://lemmy.ml', {
    headers: {
        'Access-Control-Allow-Origin': '*'
    }
});

but result is the same.

Can someone help me with this?

so im looking to make a login for a website using PHPmyadmin, im pretty new to the whole SQL PHP thing, i can get the tables setup and everything working for the most part, having some issues getting the

session_start(); $DATABASE_HOST = ‘’; $DATABASE_USER = ‘’; $DATABASE_PASS = ‘’; $DATABASE_NAME = ‘’;

part figured out, i know the host is the server IP/location, its the user/pass/database tags im confused about, there is an ANY account on my database admin page that can read data from the databases but is it possible to set it up so that way its an account that only has the ability to read the accounts table? like:

$DATABASE_USER = ‘login’; $DATABASE_PASS = ‘*’; $DATABASE_NAME = ‘Accounts’;

also the database name need to be the name of the database not the table correct? stupid question but just want to be 100% sure i know how some languages can be lol.

also, is it possible to take a users public PGP key, encrypt a random string of text and serve it to them, and have them verify the text with their private key as a way to authenticate identity?

I recently rebuilt a moderately sized jQuery application/component using Lit, with the end result being 6-7 components spread over around 2,000 lines of code.

We currently have no automated testing at all but I'd like to implement it, especially now as the markup/styles have been moved into JavaScript. It's much better overall - but it feels riskier.

But I have no idea where to even begin. Do I set up end to end tests using Playwright on site? Can I test the components individually? Keeping in mind as well that we don't use a build system/any sort of CI.

Just wanted to get people's thoughts/experiences here.

I see this more and more lately: go to log in to some site, and they only show the username field. Enter username, click Submit, then a password field appears. Enter password, click Submit again, and then we're logged in.

This makes using a password manager super annoying, because I have to trigger the autofill twice.

Is there some security-related reason more sites are doing this? Is it an anti-bot thing? I'm just really curious, because it seems so pointless on its face, but it seems to be spreading.

For a while I've noticed that many people use dotenv in a suboptimal way, so yesterday I took the time to write a short article about better usage patterns (pretty basic stuff, so if you are an expert it's likely that you will find it boring):

Here’s a quick summary of the different ways you can load a website.

SSR (Server Side Rendering): The classic way. Browser makes request to server, server creates an HTML/CSS/JS bundle, sends it to browser.

CSR (Client Side Rendering): The vanilla React way. Browser makes a request to server, server sends back JS code which runs on browser, creating the HTML/CSS and triggering browser to further make requests to load all assets.

SSG (Static Site Generation): The “gotta go fast” way. Server creates an HTML/CSS/JS bundle for web pages at build time. When browser requests a page, the server just sends this pre-built bundle back.

ISG (Incremental Static Generation): The “imma cache stuff” way. Server may create some HTML/CSS/JS bundles for web pages at build time. When the browser requests a page, the server sends this pre-built bundle back. If a pre-built bundle doesn’t exist, it falls back to CSR while it builds the bundle for future requests. The server may auto-rebuild bundles after certain time intervals to support changing content.

ESR (Edge Slice Re-rendering): The “cutting edge, let's get latency down so low it's practically in hell” way. Server does SSG and tells the CDN to cache the bundles. Then, it instructs the CDN to update the bundle in the event that page content needs to change.

In order of performance, usually: (SSG = ISG = ESR) > CSR > SSR

In order of SEO: (SSR = SSG = ISG = ESR) > CSR

In order of correctness (will users be shown “stale” information?): (SSR = CSR) > ESR > ISG > SSG

The results of this year Stack Overflow survey have been published: https://survey.stackoverflow.co/2023/ There is a lot to go through, so if you prefer it in a video format, these kinds of videos can help and also provide some comments on the raw data that you see.

Is this a growing product market? Will this lower the barrier to entry for less technical communities, much like the wave of turn-key WordPress hosting solutions did for the general public starting in the mid 2000s?

Looks like there are instance options for Mastodon, Lemmy, but not yet Kbin:

• https://elest.io/open-source/mastodon
• https://elest.io/open-source/lemmy
• ?

Does anyone know of similar competitors to Elestio in this sub-market?

Theo, a former Twitch employee, that now is one of the larger tech streamers on Twitch, made a video where he quickly goes over both react-email and Resend. Resend is a new service hat makes it easy to set up email for your website, and it is very affordable for small projects. It even comes with a free tier.

Time to migrate I guess.

I could list some real production tools like:

https://earth.google.com/web/

https://www.tinkercad.com/

https://www.figma.com/

https://www.construct.net/en

https://create.arduino.cc/editor

https://www.wevideo.com

https://mastershot.app

Can you add some more ?

I love the weird one-off internet: those tiny little fan projects made by someone with a true passion and something in their mind that's probably hard to pronounce.

Any fun corners of the internet out there still beyond social media? Or do you build anything yourself?