The goal for the W3C Web payments working group is standardization of the flow, APIs and messages for online payments. These standardizations are meant to be payment method agnostic. On September 15, working drafts for the HTTP API and messages specifications were released for public comment.
Mozilla has launched their website security analysis tool. Dubbed Observatory, the tool helps to spread information on best security practices to developers and sys admins in need of guidance.
NGINX Plus R10 has been released, with a focus on improving application security, and network integration. The release supports API authentication by validating JSON web tokens (JWT), and improved SSL/TLS performance in production with support for elliptic curve crypto (ECC) certificates.
Microsoft has published their guidance for creating “RESTful” APIs. Roy Fielding calls them HTTP APIs that have little to do with REST.
Postman is a popular Chrome application used to test, build, and document web APIs. InfoQ interviewed Abhinav Asthana, the founder and CEO of Postman, about the latest release to give our readers a better understanding of what Postman is, how it was created, why it’s popular with API developers, and what’s new in 3.0.
Google has recently announced that they will propose their experimental transport layer network protocol QUIC as a IETF Standard. Furthermore. Google has provided the first available figures about the improvements in page load time that QUIC makes possible.
Mozilla has released Firefox 37, bringing native playback of HTML5 video for Windows, and many security changes.
HTTP/2 specifications have been approved for publication, according to the IETF. 15 years after the launch of HTTP/1.1, IETF have gone through over 200 design issues, 17 drafts, and 30 implementations to get the specification approved to be published as standards-track RFCs.
Mark Nottingham, chair of the HTTP Working Group, asks the question What is the Web? As he mentions, this simple question has some complex and perhaps unexpected answers depending upon your perspective. A common approach would be to say that it has to be rooted in the Web browser, but that has some interesting consequences, not all of which are useful for non-browser stakeholders.
W3C published a new version of the HTML5 Differences from HTML4 working draft. The latest version describes the differences of W3C HTML5 and HTML4, and a comparison between WHATWG HTML and HTML4 is no longer covered.
Wesley Beary, a member of the API team at Heroku, has compiled a list of guidelines for creating HTTP+JSON APIs presented in a condensed form here.
Jesper Richter-Reichhelm, Head of Engineering at Wooga, spoke at GOTO Amsterdam 2014 about some of the challenges teams face developing mobile games with a continuous delivery mindset. In particular Jesper stressed how lack of control over the software delivery process on mobile nearly crashed their business.
During the recent GlueCon 2014 conference in Colorado, Tony Tam, the creator of Swagger and CEO of Reverb, gave a well attended talk on Swagger APIs for humans (and robots), where he announced the Swagger 2.0 Working Group and an early version of an online code editor offering a dynamic YAML to Swagger UI conversion.
The Google Dart team has announced Dart SDK 1.3 which improves the performance of asynchronous server-side code to the point that Dart VM is on par with Node.js, the later using another Google technology, the V8 engine.
QUIC (Quick UDP Internet Connections, pronounced 'quick') is a multiplexing transport protocol running over UDP with the main goal to have 0-RTT connectivity overhead.