More

efortis · 2026-02-16T18:05:17 1771265117

I just refactored my colors to use the light-dark function:

https://github.com/ericfortis/mockaton/commit/acf21803480412...

…and it deduplicated autocomplete suggestions in WebStorm

efortis · 2026-02-12T22:59:24 1770937164

I’ve used (and wrote) https://mockaton.com for this. It has a browser extension, which downloads all API responses in your flow.

then you can run mockaton with those mocks. you’ll manually have to anonymize sensitive parts though.

also, you can compile your Frontend(s) and copy their assets, so yo can deploy a standalone demo server. see the last section of: https://mockaton.com/motivation

mocks don’t have to be fully static, it supports function mocks, which are http handlers.

for demoing, the dashboard has a feature for bulk selecting mocks by a comment tag.

legitimate_key · 2026-02-13T11:18:04 1770981484

Thanks for the Mockaton suggestion! I like the API mocking approach - that handles the backend data cleanly.

The challenge I kept running into was the frontend side during live screen shares. Even with mocked APIs, I'd have credentials visible in browser tabs, notifications popping up with client names, or sidebar elements showing sensitive info.

Did you find Mockaton solved the full screen-share exposure problem, or did you combine it with other approaches?

efortis · 2026-02-13T16:31:04 1771000264

I’d need more details, but here are few guesses:

1. If Frontend is directly fetching from a third-party API. Maybe, you could add an env var with the base URL, so it points to the mock server.

2. If it’s a third-party auth service

2a. If the auth service sets a cookie with a JWT, you could inject that cookie with Mockaton like this: https://github.com/ericfortis/mockaton/blob/354d97d6ea42088b...

2b. If it doesn't set a cookie (some SSO providers set it in `sessionStorage`), and assuming it’s a React app with an <AuthProvider>, you might need to refactor the entry component (<App/>) so you can bypass it. e.g.:

  SKIP_AUTH // env var
   ? <MyApp/> 
   : <AuthProvider><MyApp/></AuthProvider>

Then, instead of using the 3rd party hook directly (e.g., useAuth). Create a custom hook, that fallbacks to a mocked obj when there's no AuthContext. Something like:

  function useUser() {
    const context = useContext(AuthContext)

    if (!context) 
      return {
       id_token: 'aa',
       profile: { name: 'John' }
      }

    return {
      id_token: context.id_token ?? '',
      profile: context.profile ?? {},
    } 
  }

efortis · 2026-02-12T21:07:14 1770930434

Related. A few days ago I found two broken links that had `-` instead of `-`.

https://github.com/ericfortis/ericfortis/commit/88be84b77834...

efortis · 2026-01-24T23:12:59 1769296379

Since this works

  const style = document.createElement('style')
  style.textContent = `* { font-family: Arial }`
  document.head.appendChild(style)

I'd say the `data:` URL of the font is violating the Content-Security-Policy, which should show an error in the Console.

Their CSP has `default-src 'self'` and has no font-src, so font-src is 'self' too (it would need `data:` as well)

lupire · 2026-01-25T01:36:52 1769305012

A custom browser can set its own CSP, right?

bangaladore · 2026-01-25T02:50:48 1769309448

CSP is inherently a client-side browser security feature, so yes.

efortis · 2026-01-18T16:41:26 1768754486

Renamed the "Sign In" button on the website to "Launch App". That way there’s no need to check if the user is authenticated to show the username.

IOW, I can serve the website statically. So no iframe is needed for dynamic parts, or allowing the cookie from a subdomain on the www.

efortis · 2026-01-18T16:32:42 1768753962

Prefetching critical API data on the index.html of an SPA instead of using SSR.

https://github.com/ericfortis/aot-fetch-demo

efortis · 2026-01-15T21:08:46 1768511326

A set of Wera lasertip screwdrivers.

Or, a Knipex Cobra pair of pliers.

rationalist · 2026-01-16T03:50:22 1768535422

TIL Lasertip:

https://www.wera.de/en/tools/highlights-great-tools/lasertip...

gnatman · 2026-01-17T16:20:44 1768666844

I love my wera kraftform

efortis · 2026-01-12T13:33:11 1768224791

I'm experimenting with recreating the whole DOM tree like this:

  function render() {
    restoreFocus(() => 
      document.body.replaceChildren(App()))
  }

  function App() {
    return (
      createElement('div', { className: 'App' }, 
        createElement('h1', null, 'Hello, World')))
  }

  function createElement(tag, props, ...children) {
    const elem = document.createElement(tag)
    for (const [k, v] of Object.entries(props || {}))
           if (k === 'ref')        v.elem = elem
      else if (k === 'style')      Object.assign(elem.style, v)
      else if (k.startsWith('on')) elem.addEventListener(k.slice(2).toLowerCase(), ...[v].flat())
      else if (k in elem)          elem[k] = v
      else                         elem.setAttribute(k, v)
    elem.append(...children.flat().filter(Boolean))
    return elem
  }

`restoreFocus` is here:

https://github.com/ericfortis/mockaton/blob/main/src/client/...

Results so far:

Rendering the whole DOM tree (instead of VDOMs) is a fast process. The slow part is attaching (committing) elements to the doc. For example, I have a test of 20,000 elements which takes <30ms to render, while attaching them takes 120ms.

Since the performance is mainly bound to the commit phase, with a DOM merging library, or hopefully, if we get a native API such as `document.replaceChildren(...App(), { merge: true })`, this approach could be better.

Caveats:

Although it restores focus, that's not the only thing we need to preserve, we also need to preserve scroll position and cursor position.

So to work around that, I still have to step out fully declarative, by just replacing the part that changed. For example, here I had to do manually mutate the DOM:

https://github.com/ericfortis/mockaton/blob/main/src/client/...

my_throwaway23 · 2026-01-12T13:47:45 1768225665

Looks an awful lot like https://github.com/jorgebucaran/hyperapp

efortis · 2026-01-12T13:52:11 1768225931

Both are based on the signature of React.createElement. JSX gets compiled to something like that.

https://react.dev/reference/react/createElement

efortis · 2026-01-04T19:35:35 1767555335

I have hope, but websites after Flash became boring.

Here’s a screencast of one of my favorites in 2009:

https://x.com/efortis/status/1879712687896289471

cookiengineer · 2026-01-04T19:49:15 1767556155

Pfft! My website isn't boring :P

I don't think the issue is lack of features, because audio context and canvas2d are pretty good for making things shiny and nice. The issue is pretty much the rest of the DOM that has quirks everywhere if you want to use it that way. CSS3D as a scene graph is also kind of half baked, and not really integrated well with animations, and well, also too painful when it comes to scheduling and timing and chaining any transition.

SVG animations are also only half-ass implemented among browsers, so that's not really a reliable alternative.

What I liked about the Macromedia suite was the integration cross-IDE, where dreamweaver worked really great together with Flash and vice versa, and where flash was able to load HTML content, just in a more animated manner.

I mean, this was when XHR and AJAX was the "modern" thing in web browsers. Adobe could have dominated the mobile market if they would have decided to make it an open standard. Flash was really a decade ahead of its time.

efortis · 2026-01-04T20:17:14 1767557834

I agree, the problem isn't tech capabilities.

People were more creative, and Flash had great UI/UX.

---

More 2009 flash websites:

https://www.youtube.com/watch?v=85UL3HhNq6Q

https://www.youtube.com/watch?v=zoUnzmaAV08

efortis · 2026-01-03T22:53:28 1767480808

Experimenting with native css modules. They will land in Firefox in two weeks

https://github.com/ericfortis/mockaton/issues/2