The HTML5 Canvas element promises web developers a web-native way to create animations, interactive charts and even full-fledged apps like image editors and complicated games. Canvas may well be the best thing about HTML5. But unfortunately, it can be kind of a pain to work with, especially for those coming from a Flash animation background.
Easel JS is a JavaScript library for working with the HTML5 Canvas element. It was created by developer Grant Skinner and his cohorts at gskinner.com. Skinner is probably best known for his work in Flash, and the Easel Library adds a number of tools that make Canvas a bit more approachable for Flash developers (and everyone else as well).
Canvas’ biggest drawback (compared to Flash or SVG) is that it has no internal concept of display objects. That means you have to manage updates manually (see our earlier posts for some more tips on working with Canvas). The gskinner blog post has some more details on what Easel JS does, but the main points are a core interaction model with a full, hierarchical display list and helper classes to simplify working with Canvas.
Easel JS is currently an alpha release, so proceed with caution. The code is available under the MIT license and full documentation can be found on the docs page. Skinner says that, once Easel reaches the beta stage, the code will be moved to GitHub and opened for outside contributions and improvements.
According to a leaked photo, Yahoo plans to close a number of services, including Yahoo Buzz, MyBlogLog and Delicious, the popular bookmarking site.
Most of the closing services are Yahoo projects that simply never went anywhere, but Delicious, which Yahoo acquired in 2005, was once the king of bookmarks and helped popularize many of the key elements of today’s social web.
Delicious (Del.icio.us in its original incarnation) popularized tags as a more flexible alternative to folders, introduced us to the idea of following other users and helped kick off the “share it with the world” trend that created today’s social websites like Twitter and Facebook.
Under Yahoo’s leadership Delicious ceased to be innovative. Delicious remains a useful service, but it hasn’t really improved on its original features in almost half a decade.
It’s unclear what will happen to Delicious. So far Yahoo hasn’t made any official announcement, nor has the company given any hint of when or how Delicious will head into the sunset, but one thing is for sure: the web will be poorer without it.
Fortunately for Delicious users its impending demise doesn’t mean your bookmarks will disappear forever. It’s actually quite easy to export your bookmarks, and there are dozens of services that can import them and replace Delicious in your workflow.
I’ve been a heavy Delicious user ever since the demise of its competitor Ma.gnolia. I bookmarked sites, scraped the API and stored the bookmarks on my own server (you can find the details of those scripts in our Django tutorial). I also relied on feeds from other people to find news, links and other tidbits for Webmonkey.
The first part of that workflow is easy to replace. I signed up for Pinboard.in, which lacks some of Delicious’ sharing features, but offers a mirror of the Delicious API. I imported my Delicious bookmarks into Pinboard, changed the root url in my scripts and effectively replaced Delicious in less than 10 minutes. If you don’t want to pay for Pinboard, Zootool, StumbleUpon and other services also make fine Delicious replacements.
But Delicious isn’t just a bookmarking service, it’s a fantastic resource for finding links, stories and the latest news about nearly anything that interested you. Its popularity make its reach extensive. You can easily tap into the minds of friends, colleagues and strangers to see what they’re reading on the web. The concept of tags makes it easy to find links related to any topic or combination of topics that interests you.
ReadWriteWeb’s Marshall Kirkpatrick likens the impending death of Delicious to “setting a museum on fire.” Where, asks Kirkpatrick, “are you going to find a reading list of the best collected written works and other multimedia about almost any given topic?”
Put simply: nowhere.
Twitter is a possibility. Delicious even used Twitter for some of its real-time search features. But Twitter isn’t dedicated to links the way Delicious is so you’ll have to put up with a lot more noise to find the same stories. Facebook may fill the gap for people. It’s also possible that Pinboard or another service will grow in the wake of Delicious’ collapse and come to offer a similar depth and breath of links.
Exactly what will happen to all those links currently stored on Delicious remains to be seen. It’s possible Yahoo may sell off Delicious, but in the absence of a statement from Yahoo, many users have already assumed the worst.
Hopefully Yahoo will at least keep the Delicious domain active, even if the service is not. Perhaps the Archive Team — which saved Geocities from death at the hands of Yahoo — can scrape and mirror Delicious.
For those that have only vaguely heard of Delicious and don’t see what the fuss is, just re-read the above replacing the word Delicious with the word Flickr or even Facebook. This is the template I’ll be using five years from now when Facebook meets the same fate.
OAuth is a great way to sidestep the dilemma of having to hand over passwords to third-party sites and apps to access user data. This is the primary reason the authentication method is fast becoming a de riguer part of today’s social APIs.
But while OAuth solves one problem, it creates another — it greatly raises the complexity of simple apps.
We’ve looked at the issue in the past, particularly with regard to Twitter’s transition to OAuth, which broke countless small scripts. The good news is that OAuth 2.0 is less complex than its predecessor and removes much of the headache for small developers. Unfortunately, OAuth 2.0 isn’t widely adopted yet, and it’s not quite ready for prime time.
But there is a solution for Twitter. SuperTweet was created by developer David Beckemeyer. The service sits between your script and Twitter, where it does the heavy lifting of OAuth for you. Even better, you don’t have to hand over your Twitter password to SuperTweet — instead, you create a password on the site, approve SuperTweet to access your Twitter account and then connect your script to SuperTweet.
The service isn’t meant for full-blown apps, nor does it support commercial uses. But for individuals and non-profits without the development resources to make the switch to OAuth 2.0, it can bring those simple Twitter scripts back to life.
Of course using SuperTweet means adding another potential failure point between your script and Twitter, but if you can live with that, using SuperTweet is easier than wading into OAuth’s waters.
OAuth is a great way to sidestep the dilemma of having to hand over passwords to third party sites and apps to access user data. This is the primary reason the authentication method is fast becoming a de riguer part of today’s social APIs. But, while OAuth solves one problem, it creates another — it greatly raises the complexity of simple apps.
OAuth assumes a particular use case — you are using a third party service that wants to access your data on some other service. Rather than handing over your username and password, OAuth has you log in to, for example, Twitter and then authorize, for example, Twitterific to access your data.
Where OAuth adds complexity is in the small developer use case, where “your app” and the user of your app are in fact just you — for example, a simple script that lives on your server, grabbing your Twitter stream and storing it on your own server. It’s much, much more difficult to hack up such a script using OAuth than it is with simple password authentication. The barrier to experimentation is astronomically higher with OAuth than with basic authentication.
As Microsoft’s Jon Udell points out on the O’Reilly Radar blog, this tradeoff — protected passwords at the expense of making development more complex — means that hacking together an quick experiment is now much more difficult.
Protecting passwords is good, and no one is arguing otherwise. But where OAuth fails is focusing on the application accessing data at the expense of the individual experimenting with their own data.
In the end, OAuth 2.0 may help ease that pain by offering a cryptography-free option for authentication that doesn’t require half a dozen redirects to get your own data. OAuth 2.0 is already being implemented by Facebook and Twitter, but it isn’t widely implemented on other sites, and it’s still a moving target — as evidenced by initiatives like OpenID Connect and step2, which extend OAuth by adding in elements from OpenID. In the mean time, hacking together a script to access Twitter or other popular OAuth-based APIs is no longer just a matter of quick, late night inspiration.
Twitter is killing support for basic user authentication in third-party apps on Tuesday morning, the company says. Instead, Twitter will now require all third-party app developers to use OAuth for user authentication.
This is a planned move Twitter first announced in December, and the company has posted a help page on its developer site with some resources meant to ease the transition to OAuth.
The Twitter API team has been dialing down the number of requests an app can make using the basic authorization method. That number will hit zero at 8AM Pacific time Tuesday.
Some bloggers have given the event the catchy name, “OAuthcalypse” — a bit of a mouthful, but so is “user authentication protocol” — the implication being that when basic authentication is switched off, it will break old software and leave users in the dark. But since Twitter has given developers ample warning of the change, the switch will only lock out a small number of apps.
Twitter’s move mirrors a broader trend on the social web, where basic authentication is being ditched for the more secure OAuth when services and applications connect user’s accounts.
In basic authentication, a website or app will say, “Hey, do you want to share whatever you’re doing here with your friends on Twitter? Give me your Twitter username and password and I’ll hook up your accounts.” By passing along your info, you’re giving that app or website unlimited access to everything in your Twitter account. Pretty dangerous, and not secure.
In OAuth authentication, the website or app will send you to Twitter where you sign yourself in, then Twitter will tell the website or app “Yeah, they are who they say they are.” The website or app only gains the ability to do certain things with your account — post, read, reply, search — while staying locked out from the more sensitive stuff.
The HTML5 Canvas element promises web developers a web-native way to create animations, interactive charts and even full-fledged apps like image editors and complicated games. Canvas may well be the best thing about HTML5. But unfortunately, it can be kind of a pain to work with, especially for those coming from a Flash animation background.
According to a leaked photo, Yahoo plans to 
Browse Our Tutorials
Cheat Sheets
Color Charts
Cut & Paste Code