Professional web development standards are very high nowadays. It doesn’t matter how big your team or budget. Application Security is extremely important for project of any size. Huge software companies may even have separate departments working on security tasks only. There are manual code review of existing solutions, automation of scanning for well-known vulnerabilities by special tools, writing unit and integration tests, research the cases, implementation of modern approaches. On the other hand, if you are sole developer in your startup (or even single contributor at all), you have to spend some time playing this role as well.
Sources of the harmful code
There are a lot of hype around containers as a new best technical approach for hosting, development, deployment and testing. Docker [https://www.docker.com] is the most popular container-based solution.
Nowadays, software developers have a wide range of programming languages, frameworks and other tools to be used to implement various solutions (static web site, web service, analytics database, background workers, queues, etc.). But wait, development is only half of the story. DevOps guy checks out the solution from the repo to deploy it on the server or just to test it on another machine. “Dependencies hell” and other pure technical issues may turn this process into very complicated quest with bunch of traps. On the other hand, there would be many target platforms for deployment (development PC or laptop, cloud hosting, domestic cluster, etc.). Each of platforms may have its own additional deployment and configuration steps. The problem is a huge number of cases (the cartesian product of two sets: development stacks and hosting platforms) both the software developer and the systems administrator have to care about.
Container is a solution
The idea is not absolutely new. In the middle of previous century the trucking industry had almost the same problem of 2 sets: different sizes and shapes of cargo and plenty of transportation approaches. Standard transport container was introduced as universal wrapper for any kind of goods. The trucking industry operates in terms of these standard containers. Software as a Service applies the same idea. Docker helps developer to pack any application with all its dependencies into container and be sure it can be runned anywhere. On the other hand, system administrator have to worry about container environment configuration only and be sure it can run any application within a container.
Any new idea needs rapid prototyping. In case of startup, it is both important to reduce costs and have done current development iteration as soon as possible. Generally, there are tools to help you move this way. Bootstrap [http://getbootstrap.com] is a must-have solution, when we are talking about fast web design and prototyping, but want to avoid wasting our time on standard Usability and UI design.
A web surfing by the browser is the most valuable way Media Content Distribution provided around the World. Technically, this process is based on HTTP networking protocol. Actually, HTTP is treated as protocol of Internet. The industry is always in motion at line of new features and challenges, so HTTP protocol is waiting for its new second version. For now, HTTP/2 [https://github.com/http2/http2-spec] is approved by its creators and going to be accepted and published as RFC standard. HTTP/2 release will have huge impact on direction of many networking techniques and implementation approaches. It would be first sufficient change in Media Content Distribution since HTTP/1.1 release in 1999.
HTTP/2 is based on Google’s SPDY protocol. As you can see, there is one more Google’s technology appears modern enough to be used as standard of future. HTTP/2 is a binary protocol instead of text HTTP/1.1. There is much better performance produced by changes in architecture: header compression, multiplexing requests, requests priorities, proactive push-responses from servers side. It supports IPv4, IPv6 and NAT. There are modern security approaches. Firefox and Chrome already have HTTP/2 support in special mode. To test new protocol you need to install HTTP/2 server. There are several server side implementations by Akamai, Google, Twitter and open source.
Apple Watch (aka iWatch) has been gone on sale. There is a huge hype around this product. Keep in mind, several years ago Apple completely changed our idea about mobile phone. Their revolutionary approaches and just the best design kicked the competitors out. This year Apple is trying to reinvent another well-known thing — a watch. There is not less ambitious idea to show the world what is the watch of XXI century. There are a lot of new opportunities in iOS Development at line of new product. Simple (sport) model costs about 300 USD.
You can feel full power of Apple Watch as a campaign device for iPhone to extend general usability for social software solutions. What we usually do to check just received new incoming message? Get the device of the pocket, unlock it, tap the button to open the message. In case of Apple Watch it needs just raise your wrist to browse the message, then lower a hand to dismiss it. A reply may be sent as a pure voice or recognized text, plus simple animation to express some emotion state.
Nowadays, search engines impose much more strong requirements for web sites to be ranked on top positions or even be parsed at all. Fast rise of mobile market pushed sites to be responsive to all kinds of screen widths and input schemas. But it’s not just about support mobile devices. For any Content Management system there is very important to load the pages as fast as possible. It’s not a recommendation anymore, but rather a rule. Google and other search engines may ignore your cool web site with a bunch of modern features just because it’s too slow.
Check loading speed online
First of all, check how fast is your page loading by Google’s PageSpeed test [https://developers.google.com/speed/pagespeed/insights/]. After several seconds you’ve got pretty complete report about issues at line of loading speed and suggestions how to improve it. If you receive green checks, congratulations, you are doing Content Management in right way. As it’s a Google’s service, so we can look at this list of points as optimization plan for Google Search Engine. On the other hand, the issues and methods to solve them are common for any search engine and for user experience as a whole. There are two separated modes (workflows) of analysis: for regular usage via PC’s browser and exploring on mobile devices like smartphones.
There are several powerful technological stacks available to create any kind of web application from a set of microservices with REST API to huge enterprise solutions. They a based on appropriate programming language as a platform, like Java, C#.NET, Python, PHP, etc. All those web development platforms are completely separated. They are rather linked and even much more than you ever imagine. Trends are popular in one platform found their mirror in another and vice versa. That’s mostly because of enthusiastic activity of multi-platforms software developers. E.g., a lot of Java Development packages and approaches are converted into their C#.NET clones almost one-to-one with adding a .NET suffix.
Another example of multi-platform web development approach is micro frameworks. These are very light MVC frameworks that provides basic web application functionality out of the box. On the other hand, they need minimal code and development efforts as a whole to implement and launch ready to use application. PHP has Slim, Limonade, Lumen, Flight, Silex. Sinatra is the most popular Ruby micro-framework. Flask is for Python stack. For Java Development there is a Spark [http://sparkjava.com/].
Nowadays, there is no so huge hype around cloud computing as it was several years ago. On the other hand, cloud development is a robust part of IT industry with its own history and trends. For now, Software as a Service is not just about launching the code in the cloud and scale it in real time. Most Cloud users deploy code weekly or even daily, there are questions on Testing/QA processes, Production/Deployment workflows and more strong software security approaches. Elasticity of cloud structure the key factor to implement Big Data project in the cloud, as well as, storage, analytics and batch processing application. Large companies want more control on their Software as a Service solutions. They can build their own cloud infrastructure based on one of open source solutions. Small teams rather use well-known public clouds.
Cloud development principles
A lot of projects are moving to the cloud these days. Developers face a common set of challenges. There are basic principles to achieve the best results. Document architecture and deployment infrastructure. Designed solution should be highly cohesive and loosely coupled.
New 8-th major version of iOS platform [https://www.apple.com/ios/] was officially released a couple of months ago. Anyway, it’s the biggest event for Iflexion iOS Developers. For now it’s installed on 78% of all apple devices. So huge percentage allows us to talk about it as a standard. Let’s research it’s new cool features and API.
Before this update, iOS Development workflow pushes software developers to compose UI in one or two modes: portrait and landscape. Now, Auto Layout is a new approach to design in more universal and robust way. The main idea is to describe layout as a set of relations between UI elements. Such scheme is suitable for iPhone and iPad, portrait and landscape. As you can see, it is completely different approach. Look into it as soon as possible.