今日已更新 270 条资讯 | 累计 21489 条内容
关于我们

标签:#web

找到 1759 篇相关文章

开发者

PDF hub complete + Office conversions now live — 61 tools across the site

Big update. The PDF hub is fully built out and a whole set of Office conversion tools just shipped. PDF hub complete (18 tools): Merge, split, compress, rotate, reorder, extract pages, remove pages, watermark, page numbers, protect, unlock, extract images, and more. Office ↔ PDF (6 tools): Word to PDF Excel to PDF PowerPoint to PDF PDF to Word PDF to Excel PDF to PowerPoint Office ↔ Office (3 tools, fully browser-side, no file upload): Word to Excel Excel to Word PowerPoint to Word Other recent updates: WordPress plugin updated to include the new PDF tools Chrome extension v1.1.0 updated with PDF support 1.6K pages now indexed on Google across 25 languages That brings the site to 61 free tools across three hubs (Image, PDF, Office), no signup required.

2026-06-05 原文 →
AI 资讯

Building a Real-Time Chat Feature with Django Channels and React

Building a Real-Time Chat Feature with Django Channels and React Real-time features have become table stakes for modern web applications. Whether it is a customer support widget, a collaborative tool, or a social platform, users expect instant communication without page refreshes. In this article, I will walk through how we built a production-ready real-time chat feature using Django Channels and React at UCDREAMS. Why Django Channels? Django is traditionally synchronous. It handles one request at a time per worker. This works fine for standard HTTP requests, but WebSocket connections require persistent, bidirectional communication. Django Channels extends Django to handle WebSockets, background tasks, and asynchronous protocols alongside traditional HTTP. The beauty of Channels is that it does not replace Django. It layers on top, letting you keep your existing models, ORM, authentication, and admin panel while adding real-time capabilities. For a team already invested in Django, this is a massive advantage over introducing an entirely separate real-time server. Setting Up the Backend Start by installing Django Channels and a channel layer. Redis is the recommended backend for production use: channels == 4.0 . 0 channels - redis == 4.2 . 0 daphne == 4.0 . 0 Configure your Django settings: INSTALLED_APPS = [ ... " channels " , ] ASGI_APPLICATION = " your_project.asgi.application " CHANNEL_LAYERS = { " default " : { " BACKEND " : " channels_redis.core.RedisChannelLayer " , " CONFIG " : { " hosts " : [( " 127.0.0.1 " , 6379 )], }, }, } Building the WebSocket Consumer The consumer handles WebSocket connections: import json from channels.generic.websocket import AsyncWebsocketConsumer class ChatConsumer ( AsyncWebsocketConsumer ): async def connect ( self ): self . room_name = self . scope [ " url_route " ][ " kwargs " ][ " room_name " ] self . room_group_name = f " chat_ { self . room_name } " await self . channel_layer . group_add ( self . room_group_name , self . cha

2026-06-05 原文 →
AI 资讯

How would you handle 80+ color palettes + granular customization without overwhelming users?

I've been working on a map poster editor as a side project. You pick a location, choose a style and color palette, and export a print-quality map. The tricky part is that each palette controls 15+ individual colors (road hierarchy from motorway down to service roads, water, terrain, buildings, text, etc.) and there are 80+ palettes organized into three categories. Current flow in screenshots: Full editor, style controls in the left sidebar Entry point with active palette preview + Browse and Fine Tune buttons Category picker (Terrain / Urban / Balanced), these are basically folders describing what the palette emphasizes Palette grid within a category, around 10 per category with swatch thumbnails Fine Tune panel with every individual hex color, grouped by section (Base, Roads, Water & Land, Buildings, Terrain) The tension is that casual users want "pick a palette, done" in one or two clicks. But power users want to tweak individual road colors or swap the water tone. Right now these are two completely separate flows and I'm not sure either one is great. Things bugging me: Two-click drill-down (category then palette) before anything changes. Is that necessary organization or just unnecessary friction? Fine Tune is hidden behind a button. People who find it love it, but is it too buried? 15+ hex inputs grouped by label. It works but feels intimidating. Are there better patterns for this? The preview problem. Right now palettes show diagonal color swatches, which are compact but pretty abstract. A mini-map preview showing each palette applied would be way more useful, but then I'd basically be replacing a clean card grid with a wall of tiny maps that are probably too small to actually read. Would a hover preview work? A single shared preview pane that updates as you browse? Or are swatches actually fine and I'm just overthinking this? If you landed on this editor cold and wanted to change the color scheme, what would you expect to see? What would you change? React + Ma

2026-06-05 原文 →
AI 资讯

Best & Cheap way to track trending TikToks, Reels, and Shorts?

Does anyone know a cheaper way to track trending TikToks, Instagram Reels, and YouTube Shorts? I’ve already looked at Apify and Virlo, but they seem too expensive for what I need right now. I’m mainly trying to find viral formats, hashtags, sounds, creators, and short-form trends without spending a lot on scraping tools. Are there any cheaper tools, APIs, open-source projects, or manual/automated workflows people recommend? submitted by /u/InternalGrab3189 [link] [留言]

2026-06-05 原文 →
开源项目

VS Code- Security Practices around VSCode Extensions.

VSCode extensions were how Github were breached earlier this year. What are people doing around VSCode security best practices around extensions. Approved Extensions Only Disable Auto update Is there anything else like minimum age or settings like that can be done? submitted by /u/ruddet [link] [留言]

2026-06-05 原文 →
AI 资讯

Alternatives to Google Places Photos API?

I currently have a website which heavily relies on the Google Places Photo API. Users can scroll through a bunch of POIs for planning trips, as well as various other things. This can mean that each user could 50+ unique photos. I understand that it’s against ToS to cache these photos and reuse them. The API costs are too high to maintain a scalable solution, but no real competitors come close to the quality of Google. At this current rate I’ll probably have to cap my users on the amount the amount of requests they can make. Is there some work around that I’m missing? Thanks submitted by /u/TWJ32 [link] [留言]

2026-06-05 原文 →
AI 资讯

How does YJS actually handle client ID reuse?

From what I hear, the client IDs are randomly assigned, and people claim that the birthday paradox prevents endless piles of new client IDs piling up in the state vector, but I don't understand how this is possible. The design seems like it would either guarantee a collision eventually, for someone in the world, if the number of random bits is small, or it would indefinitely bloat the state vector up to billions of entries (If it's large). If you have 32 bits of state, and a billion entries, more than half of new random client IDs should be unused, right? Would they not then add another entry to the state vector? Is there some undocumented cleanup method that actually can remove old client IDs? Do they just rely on most applications recreating the whole thing periodically? submitted by /u/EternityForest [link] [留言]

2026-06-05 原文 →
AI 资讯

Should AI Help Write the Tests, or Change What You Test?

You just merged an AI-assisted feature branch, the code review looks clean, and the app works in your local smoke test. Now comes the real question: do you add another traditional browser test, let an AI tool generate the coverage, or spend the time improving the observability around the existing suite? That decision is where a lot of teams get stuck. AI-assisted development changes more than coding speed. It changes the shape of bugs, the pace of UI churn, the expectations for review, and the amount of test maintenance you can tolerate. If you treat AI testing as a magic replacement for your current process, you will probably add noise. If you ignore it entirely, you miss a chance to reduce repetitive work and catch gaps earlier. The real choice is not AI vs non-AI The useful decision is usually this, should AI help create and maintain tests, should it assist human review, or should it stay out of the critical path and only support investigation? That splits into three practical modes: 1. AI assists development, but humans own test strategy This is the safest default. AI can help draft test cases, suggest assertions, summarize failing traces, or propose missing edge cases, but the team still decides what belongs in the suite. If your product has regulated flows, complex permissions, or revenue-critical paths, that ownership matters more than any automation shortcut. 2. AI generates or heals tests inside a human-defined framework This is useful when the team already knows what it wants to cover, but not every selector, fixture, or assertion has to be hand-written. AI can reduce repetitive maintenance, especially for UI-heavy apps that change often. The hidden cost is that you still need a way to judge whether the generated test reflects product intent or just mirrors the current page state. 3. AI becomes part of the evaluation and triage loop Here the value is not test creation, it is speed of diagnosis. AI can summarize logs, cluster failures, or explain a flaky pa

2026-06-05 原文 →
AI 资讯

Steering Vectors: The Hidden Control Knobs Inside Large Language Models

Hello, I'm Shrijith Venkatramana. I'm building git-lrc, an AI code reviewer that runs on every commit. Star Us to help devs discover the project. Do give it a try and share your feedback for improving the product. What if you could change how an AI thinks without retraining it? Not by rewriting prompts. Not by fine-tuning billions of parameters. Not by collecting another mountain of training data. Instead, imagine finding a direction inside the model's internal representation space and nudging the model a little in that direction. A small push. A different behavior. This idea sits at the heart of one of the most fascinating areas of modern AI interpretability: steering vectors . Steering vectors suggest that many behaviors we care about—careful reasoning, honesty, coding style, security awareness, verbosity, and more—may already exist inside a model. The challenge is learning how to activate them. Let's explore what steering vectors are, how they're created, and why they might become one of the most practical tools for controlling AI systems. 1. What Exactly Is a Steering Vector? Large language models process information through layers of high-dimensional activations. At any point during generation, the model's internal state can be represented as a vector containing thousands of numbers. Researchers discovered something surprising: Different behaviors often correspond to different regions of this activation space. For example: Writing Python code Solving math problems Speaking French Explaining concepts carefully Producing insecure code Each tends to produce distinctive activation patterns. A steering vector is essentially the difference between two activation patterns. Suppose we gather examples where the model is: Careful Methodical Thorough and compare them to examples where it is: Rushed Superficial Incomplete The average difference between these internal states becomes a steering vector. At inference time, we can add that vector back into the model's activatio

2026-06-05 原文 →
AI 资讯

I almost leaked a customer's data while screen-sharing ChatGPT — here's what I built to stop it

A few weeks ago I was on a call sharing my screen, walking a teammate through a prompt I'd been iterating on in ChatGPT. Mid-sentence I scrolled up — and there, three messages back, was a chunk of a customer's data I'd pasted in earlier to debug something. Real email, real account info, sitting right there on a shared screen. Nobody said anything. Maybe nobody noticed. But I noticed, and I spent the rest of the call only half-present, trying to remember everything else still in that thread. If you live in ChatGPT all day, you already know the problem. The thread is your scratchpad. You paste logs, keys, customer rows, half-finished internal docs — things you'd never put in a doc you planned to share. And then someone says "can you share your screen real quick" and suddenly your scratchpad is a presentation. Why the usual advice doesn't work The standard answers are all some version of "be careful": Open a clean tab before sharing. Scroll to the top. Use a separate "demo" account. These fail for the same reason all manual checklists fail under pressure: the moment you actually need them is the moment you're distracted, talking, and not thinking about hygiene. You remember after . The fix has to happen before the screen goes live, and it has to require zero discipline in the moment. What I wanted instead I wanted something that just sat there and blurred sensitive parts of a page automatically, so that even if I forgot, the leak couldn't happen. A few requirements: Local only. Whatever it does, it never sends page content anywhere. A privacy tool that phones home is a contradiction. Before, not after. It blurs while the page renders, not after I've already exposed it. Per-element, not whole-screen. A full black box is useless for a demo. I still need to show the working parts. The interesting technical bit The naive approach is to listen for some "I'm sharing now" signal and react. That's too late — there's a visible frame where the data is exposed before the blur kic

2026-06-05 原文 →
AI 资讯

Integrating Webpay Plus into a modern stack

If you've ever worked on an e-commerce project in Chile, sooner or later you bump into Transbank. There's no avoiding it. I built a reference template that use NestJS on the backend and Next.js 16 on the frontend, and in this post I want to walk you through the whole thing: what Webpay Plus actually is, why the integration looks the way it does, and how each piece fits together. Github Repository Reference: Link A bit of context Webpay Plus is one of the most important online payment methods in Chile. The user experience is straightforward: your customer enters an amount on your site, gets redirected to Transbank's branded payment page, fills in their card details there, and comes back to your site with a result. From a UX perspective it's not as slick as Stripe Elements or a fully embedded checkout — the user always sees Transbank's domain in the address bar during the payment — but from a developer's perspective that's actually a feature. You never touch card numbers. PCI scope stays minimal. Transbank handles 3D Secure, fraud rules, and bank routing. The trade-off is that the integration model is what you might politely call classical . It's built around full-page redirects and form POSTs, not modern APIs with JSON responses and webhooks. That's important to understand up front, because it shapes every decision you'll make in the code. The integration flow, step by step Before looking at any code, it helps to have a clear mental model of what's happening . There are three distinct moments where your system talks to Transbank's system, and each one has a specific shape. First Step: When the customer clicks "Pay", the backend asks Transbank to create a transaction (amount, order ID, return URL) . Transbank returns a transaction token and a redirect URL where you must send the user. Second Step: Transbank requires the redirect to be an HTTP POST with the token in a token_ws form field, so you must generate an HTML form with a hidden token_ws input and submit it prog

2026-06-05 原文 →
AI 资讯

SkillMap AI

Excited to share SkillMap AI, a platform designed to help organizations make faster and more accurate staffing decisions. The idea is simple: project requirements and candidate profiles often live in separate documents, making team allocation slow and inconsistent. SkillMap AI bridges that gap by converting project requirements into structured skill demand and matching them against candidate capabilities. ✨ Key Features • Requirement Intelligence – Transform project briefs into normalized skill requirements • Candidate Matching – Compare resumes against actual project needs, not just keywords • Skill Gap Analysis – Identify missing capabilities before project execution • Staffing Decision Support – Recommend validation, interviews, and upskilling paths 📊 Outcomes ✓ Faster staffing shortlists ✓ Reduced manual resume screening ✓ Better project-team alignment ✓ Evidence-based skill gap identification ✓ Improved workforce planning 🌐 Live Demo: https://skill-map-ai-delta.vercel.app Would love to hear your thoughts and feedback!

2026-06-05 原文 →
工具

Best practice and postman/curl

When using the Postman extension in vsCode I was wondering where all the Collections credentials and tokens are stored. Are they secure and what is best practice for its use? Should I switch to curl? And can I use environment variables like curl? The postman documentation just talks about using the postman vault but doesn't say where they are stored and how securely if you aren't using it. submitted by /u/ElectricYFronts [link] [留言]

2026-06-05 原文 →
产品设计

Question about web hosting split for solo play vs multiplayer game (same game) - see description

TLDR: I’ve built a single player browser game which is static assets and 0 cost, I plan to release multiplayer which will cost me - would you split into 2 different URLs eg “multi.myurl.gg” vs “myurl.gg” etc (placeholder URLs) Hey reddit, I’ve built a browser game in my spare time and have a question about potentially hosting on 2 different URLs. My specific issue is - right now the game is single player only + bots, and cost wise most of the game is free for me to host at any scale due to the way I’ve architected single player. This includes sharing features and things like watching replays, I could effectively have a billion users and still pay the same as when I have 1 user. This is great! But, once I introduce multiplayer, I have to pay for Cloudflare workers, storage, egress fees potentially etc for those same sharing and replay features. I’ve estimated these costs to be quite low even at scale, but I’m extremely frugal and want to always keep the single player experience alive. The multiplayer experience is more dependant on how well it performs with the public. So I was thinking of hosting single player at something like “myurl.gg” and multiplayer at something like “multi.myurl.gg” for a clean separation of concerns. Am I over-engineering here?? @mods this is not self promotion, I’ve used placeholder URLs etc submitted by /u/ComfortablePeace8859 [link] [留言]

2026-06-05 原文 →
AI 资讯

Bernini's plan before render mapping is what coding agents need too

Bytedance released Bernini for video editing. The architecture splits the pipeline into a semantic planner that understands intent, then a renderer that executes. The planner draws a semantic sketch before any pixels are committed. This is the exact structure I want from coding agents. A planning stage that understands the codebase, the constraints, the dependencies. Then an execution stage that respects that plan. Right now most coding agents skip the planning layer or treat it as advice the agent can ignore mid flight. Bernini gets around the ignore problem by making the plan structural. The semantic sketch is a contract. The renderer's job is to match it. Coding agents need the same contract: a structured task graph where each step has inputs, outputs, and exit conditions. The hardware angle is interesting too. Gemma 4 at 2GB vram means the planner can run locally while the renderer stays in the cloud. Local intent understanding plus remote execution. Latency drops. Privacy improves. I have been using verdent partly for this reason: the plan comes before execution. Coding agents should pay attention to how video generation solved the same problem. submitted by /u/SherbertDazzling3661 [link] [留言]

2026-06-05 原文 →
AI 资讯

i need so help ssl

I’m trying to set up SSL for a newly added domain on a shared cPanel hosting account. The domain is already added inside cPanel and shows under the SSL/TLS section, but the certificate status says the installed certificate does not cover the new domain. The existing certificate appears to be old/expired and was not issued by AutoSSL. When I go to the SSL/TLS Wizard, it says: “There are no SSL/TLS products available at this time. SSL/TLS providers can be enabled by the server administrator.” I’m not seeing a clear “Run AutoSSL” button anywhere in cPanel. Is this something I can fix myself from cPanel, or does the hosting provider need to enable AutoSSL / SSL providers on the server side? I’m mainly trying to get SSL working for the main domain and www version of the domain. submitted by /u/PersonalityLife6196 [link] [留言]

2026-06-05 原文 →