background preloader

40 useful APIs for web designers and developers

40 useful APIs for web designers and developers
An application programming interface (API) is a set of rules and specifications that software programs can follow to communicate or ‘interface’ with each other. As developers are well aware, there are hundreds of APIs out there for doing almost anything you could imagine online. Some are better than others, and some are definitely more useful than others. Below are forty of the most useful APIs out there. Please share with us which APIs have you found most useful and feel free to recommend others that we may have missed… The Google APIs Google offers dozens of APIs for web designers and developers. Some are specifically related to popular Google products, like Gmail and Analytics, while others are more specialized and aren’t part of public programs. All are free to use, of course. Feed API – The Google Feed API lets you download any public feed (including RSS, Media RSS, and Atom) and then combine them into mashups. The Yahoo! Like Google, Yahoo! More APIs Yahoo! Which APIs do you use?

OAuth 2.0 – The Good, The Bad & The Ugly In a world dominated by social media, it's hard to not come across a client application which you have used to access restricted resources on some other server, for example, you might have used a web-based application (like NY Times) to share an interesting news article on your Facebook wall or tweet about it. Or, you might have used Quora's iPhone app that accesses your Facebook or Google+ profile and customizes the results based on your profile data, like suggesting to add/invite other users to Quora, based on your friends list. The question is, how do these applications gain access to your Facebook, Twitter or Google+ accounts and how are they able to access your confidential data? Before they can do so, they must present some form of authentication credentials and authorization grants to the resource server. OAuth is often described as a valet key for the web. However, OAuth is not a new concept, but a standardization and combined wisdom of many well established protocols.

Isotope protocol design - Efficient and stateless anti-forgery method - Cryptography Stack Exchange If you don't want to store the anti-CSRF tokens on the server, for most purposes it is sufficient to simply store the token as an HTTP cookie on the client. The OWASP wiki calls this technique "Double Submit Cookies". The reason this works is that, in the standard CSRF attack scenarios, the attacker cannot directly read or modify the user's cookies. Indeed, if the user's authentication credentials are also stored in cookies (as is very commonly done in modern web applications), any leak of cookie data already implies a much more fundamental security failure than a mere CSRF attack. Of course, an attacker might be able to gain (full or partial) access to the user's cookies via an XSS or other injection attack or through session fixation, but this is mostly outside the scope of CSRF prevention and must be addressed by other means. Let: When creating a form, calculate the anti-CSRF token T as T = \operatorname{MAC}_K([U, S, F, D])

Make an Editable/Printable HTML Invoice I always like how in FreshBooks to edit invoices you literally just click and interact directly with a web page that looks like an invoice. I got to thinking it would be a kinda cool idea to create an editable HTML invoice of my own. This of course can't do nearly all the awesome stuff FreshBooks can do, but it might be useful to some of you with extremely lightweight invoicing needs. View Demo Download Files A bunch of <textarea>s You can pre-set values of textarea elements in HTML just by putting text in between the opening and closing tag. Why the heck would you do this with HTML and not with regular desktop software that is built for this kind of thing? Good point, voice in my head. It's pretty trivial to print to PDF these days, so ultimately while you are printing it, you could alternatively save to PDF which gives you a real document for emailing or archiving or whatever. Clean Prints If you want to get a totally clean print of this thing, check out these print options from Firefox:

angularjs - How to test endpoints protected by csrf in node.js/express Great jQuery plugins for fresh websites One can only imagine how tough it was to practice web design back when everything seemed so new — during the days of Netscape Navigator and Microsoft FrontPage. Looking back, it seems like such an archaic time in the history of web design. It was almost impossible to design something of supreme and intelligent creativity. Back then, you were seen as creative if you had an awful flashing background or colored scrollbars. There wasn’t a ton of flexibility really when it came down to the nitty gritty of design. Tables were the norm and those weren’t too flexible. Now… Fast forward to now, and we can pretty much design anything the way we want to, in whatever we want to. The advances in web design can be contributed to the ongoing evolution of different coding languages. One of the greatest developments in, well, development and design has been the usage of jQuery. The plugins jQuery doesn’t just up the ante of your actual design but it makes for smoother user experiences. jQuery grid mobile

Social Login Buttons Aren’t Worth It I stumbled across a very disturbing number in our analytics earlier this year. From April 12 to May 12, 2012, we had 340,591 failed login attempts. That’s the total number of times someone tried to get into MailChimp to get their work done and couldn’t remember their username and/or password, or simply mistyped. Think of how much wasted time and frustration that translates to. These numbers were depressing to the User Experience team. These compelling stats and sound logic convinced us (and so many others) that adding social login buttons to our app were essential to improving our depressing failure rate. "I feel strongly about this." I was blown away and dumbfounded by the value of social login buttons. "The login screen is the first impression people have when they use our app, and their first impression is too many options. I was, um, not super happy to get that email. The secret to our success So that big drop in login failures? Social login buttons can hurt brands Is it worth it?

What’s new for designers – January 2012 The January edition of what’s new for web designers and developers includes new web apps, frameworks, jQuery plugins, color tools, and a number of great new fonts. Many of the resources below are free or very low cost, and are sure to be useful to a lot of designers and developers out there. As always, if we’ve missed something you think should have been included, please let us know in the comments. And if you have an app or other resource you’d like to see included next month, tweet it to @cameron_chapman for consideration. Cuepoint JS Cuepoint JS is an open source plugin for adding subtitles or cue-points to HTML5 video. jRumble jRumble is a jQuery plugin that makes any element you choose rumble, vibrate, shake, and rotate. Circle Menu Circle Menu is a jQuery plugin that emulates the menu in the Path application, and includes various animation options for opening and closing menus. Hovercard Sharrre Flow Slider Flow Slider is a jQuery plugin that lets you slide HTML content in a variety of ways.