Reading List

The <picture> element

I proposed it 2.5 years ago. Loads of cleverer people worked hard on it. The RICG is holding a fundraiser to pay developer Yoav Weiss to code it in Blink and WebKit. Opera (my employer) contributed $1000, dozens of individual developers – people like you – pledged money as well.

The inital target of $10,000 has been reached, but don’t let that deter you from contributing – it means Yoav can work for longer, and maybe even have a break for a coffee and a piss now and then. (Coders, eh?)

Standards ‘n’ Shiz

Industry n Stuff


Notes on accessibility of Web Components

At Edge Conference on Friday, Peter Gasston unmasked me as a secret accessibility wanker by saying “For a proper in-depth look at a11y in web components, see @brucel – he’s just spent weeks researching it for a talk next week.”

Well, not weeks, but I confess to reading around the subject (A lesson on rendering trees, emerging technologies and tacos), and had some chats with the ever-helpful Addy Osmani and The Mighty Steve Faulkner as well as (gasp) thinking a bit.

(If you plan to attend my talk at Funka conference in Stockholm on April 8, please stop reading now. Or read on, and go to someone else’s talk.)

If you don’t know what Web Components are, I recommend starting with Peter Gasston’s A Detailed Introduction To Custom Elements or his excellent introduction to web components at Edge Conference.

Very, very crudely: Web Components will allow us to extend existing HTML elements, and create our very own not-HTML-but-they-look-like-it elements with JavaScript.

“Real” HTML elements have built-in behaviours. Something like a <button>, for example, can be focussed; it can be activated by the keyboard, and when it’s activated it does something. Developers don’t need to add anything to the button element to get these behaviours; they’re given to us.

However, some developers love wheel-reinvention (it can make a diverting break from yak-shaving). So we get vile messes like this, that emulate <button> but which aren’t <button>. Therefore, to make it accessible, it requires tabIndex to make it focussable, JavaScript to listen for clicks and needs ARIA roles to let assistive technology know what this tag bukkake is supposed to be:

<DIV id=:rk class="J-K-I J-J5-Ji L3 J-K-I-JO" tabIndex=0
unselectable="on" closure_hashCode_l16mgm="182" act="">
<DIV class="J-J5-Ji J-K-I-Kv-H" unselectable="on">
<DIV class="J-J5-Ji J-K-I-J6-H" unselectable="on">
<DIV class=J-K-I-KC unselectable="on">
<DIV class=J-K-I-K9-KP unselectable="on">&nbsp;</DIV>
<DIV class=J-K-I-Jz unselectable="on">Search Mail</DIV>

(The example is from Steve Faulkner’s 2010 article HTML5 and the myth of WAI-ARIA redundance. “Tag bukkake” is defined as “nastier than tag soup, and far more in your face”.)

In The Future™, you’d be able to extend <button>, so add all kinds of extra <div>s for hanging styles off etc, but without having to reinvent the base element. You’d need JavaScript, to define and register your omg-look-at-my-sexy-button element of course, but your basic markup would be

<button is="omg-look-at-my-sexy-button">

and User Agents that didn’t support JavaScript would fallback to showing a <button>.

You can also make your own custom elements with no fallback, too. But whichever way you choose, you need to add all the ARIA information and tabindex yourself. I don’t think this is misuse of ARIA; the ARIA spec says

WAI-ARIA is intended to augment semantics in supporting languages like HTML and SVG… It clarifies semantics to assistive technologies when authors create new types of objects, via style and script, that are not yet directly supported by the language of the page, because the invention of new types of objects is faster than standardized support for them appears in web languages.

Given that the whole point of Web Components is to add “new types of objects, via style and script, that are not yet directly supported by the language of the page”, this seems to me a pretty good fit.

But enough theorising – how well are Web Components supported in assistive technology?

The answer is, pretty well (although Some stuff that doesn’t work between the DOM and Shadow DOM).

That’s actually not too surprising; although Web Components and Shadow DOM can hide things from the “real” DOM of the page (by design), the browser mashes them all together to render them, and assistive technologies sit on top of browsers. Of course, if the developer couldn’t be bothered to add ARIA information etcetera, they may not be accessible – but the fact they’re encapsulated in a component doesn’t make it better or worse than if they’re in the page in the traditional way.

The primary impediment to accessibility on the Web isn’t technical, it’s social. It’s that many (most?) developers don’t give a toss. One aspect of Web Components is that they can be shared and imported into the HTML – think of server-side includes, but client-side.

  <link rel="import" href="/path/to/imports/stuff.html">

(More at HTML Imports #include for the web.)

I had a vision of a big CDN (like Google’s Web Fonts or hosting of jQuery) but Addy Osmani told me that including from third party CDNs could be a performance problem. Nevertheless, we can expect lots of Web Component libraries to spring up, and people saving them locally, using their build processes to check they have the latest versions in their directories for inclusion at run time.

I don’t think it’s necessary for me to urge developers to put the source code of the Web Components they write onto Github for forking and collaboration. Please do that, and make it easy for people to contribute, so that people who notice accessibility holes can send pull requests.

A while ago, on this blog, I got an email from a screenreader user telling me that the live comment preview below the comments box needed an ARIA live region to be accessible. It was a WordPress plugin, with the source code on Github. I sent a pull request and, a couple of days later, the developer merged my one-line change latest version of the plugin. That’s my site, and 43,410 others, made more accessible through one pull request.

Christian Heilmann recently wrote that we need more “passion” in accessibility, “Not another library to add ARIA to badly thought-out HTML“.

I disagree. If passionate evangelism were enough, the web would be perfectly accessible now. My message to accessibility advocates is “passion – great. But with pull requests, please.”


Reading List

Reading List

Monday meh: Android “fragmentation”

Welcome to the first in an occasional series called “Monday meh”, in which I briefly fulminate about something that made me a bit grumpy.

Occasionally, web pundits complain about Android fragmentation. “Fragmentation” is Punditese for “oh dear me, I hate diversity because it makes my job so hard”.

If there were only iPhones, the job of web developers would be much easier. But, of course, most people in the world would then have no access to the Web. Call me “Captain Priority of Constituencies” if you want, but denying most of the world access to the Web in order to make a few people’s lives easier is what computer scientists term “getting it wrong” and “missing the point”.

It’s like being a bartender and complaining that your job would be so much easier if no customers ever bothered you while you’re polishing glasses and reading your Mixology books.

Disagree? Please meh my meh.

Reading List

Bridging the gap between native and web



Reading List

Regions to be cheerful?

The Web has been buzzing with the news that Blink has said “nope” to Adobe’s CSS Regions spec. Here some hand-picked links about that, and the general state of CSS Regions spec.

Other suggestions for text fragmentation are available, such as CSS Overflow Module Level 3, CSS Fragmentation Module Level 3 and (related) CSS Figures.


Scampi Bug Yeti

As Mike Taylr points out, “Scampi Bug Yeti” is an anagram of “Spec Ambiguity”. Sometimes, people moan that the specification process of web standards is grindingly slow and laborious with too much detail etc. But the reality is that specs that are amibiguous or not tightly defined cause problems with interoperability. For example,

Reading List

Articles that I’ve tweeted this week. Not necessarily fact-checked, or endorsed.


Browsers, techniques, resources

I’m taking a break to get some sun and even a bit of culture. Blog comments are disabled to stop comment spam. See you in a little while. XXX

Thoughts on monetising user data

Aral Balkan asked me to “cut to the chase, Bruce: do you find anything wrong with the business models of Facebook & Google (monetising data)?”

It’s something I’ve been thinking a lot about, but it needs more than 140 characters, so here goes. Note that these are my personal opinions. I work for Opera, which has business relationships with Google, Facebook, and its own advertising arm of the business.

But I also use Google and Facebook services privately so have my own views as a user; again, these are my opinions, not those of my employers.

I work on the web, but at home on my own, so I use Facebook and Twitter a lot. Not only is it useful for discussing work, but it’s my “watercooler”. I don’t mind that the personal stuff I write is publicly available, although I keep my location secret and no longer put the names of my kids online. (Facebook stuff isn’t public. I only really use it as it’s where non-geek real-life friends are.)

I don’t much mind that Google tracks my searching habits around the Web (although I would pay money not to have to watch Treehouse Woman again on YouTube, because she’s too shinyhappy, and puts her coffee down on a wooden surface without using a coaster).

The annoyance I find is offset by the fact that I understand why they do this; it’s how they make money to support the services I use for free, which are primarily Search, Gmail and YouTube. (I get no benefit from Google+.)

In short – I understand that “I am the product being sold”, and am OK with that. Similarly, I’m fine with getting tailored money-off vouchers for products that I use, sent to me by supermarkets who know what I use because they monitor it. I opt in, because I see value in that. You may not; that’s fine.

As long as the companys’ privacy settings are both clear, and honoured by the company, I don’t see this data gathering and data mining as inherently intrusive. I’m not sure that all companies privacy settings are sufficiently clear, however; I read a case study some years ago in which a good-sized sample of people were asked what privacy settings they had on their social networking, and it was compared with the actual setting – very few matched. The Facebook Android app permissions are certainly opaque.

Perhaps companies that do monetize data could make their privacy settings more transparent, and be even more obvious that the price of free is your data. But I think the latter is pretty obvious to those who give it a little thought; we can’t always handhold stupid people. There should certainly be a simple method to delete all one’s data and history from public view, and which will be removed from the company’s server/ archive within a defined period of time.

What annoys me most is when people or organisations use my data without my permission. For example, a few years ago, my wife had a minor car accident. Somewhere in the chain of insurance company, loss adjusters and repairs garage, our phone number was given to an unauthorised third party and occasionally I receive a phone call from a call centre trying to sell me “no win, no fee” ambulance-chasing legal services.

But beyond annoyance, what alarms me is secretive State intrusion into my life through my digital tracks. I assume that all companies – whether a supermarket loyalty scheme or a social network – regularly comply with warrants from law-enforcement agencies going about their legitimate work.

Let’s assume that the social networks and search engines, as they claim, don’t just hand over all their data to the governmental snoops. It then seems to me that, unless they’ve been fantastically lax with their security – which is certainly possible, but unlikely, given that it’s their core cash-generating asset – they can’t be blamed for the actions of the government.

We know from Edward Snowden that some companies’ data is just wholesale hacked by NSA, GCHQ and other state bodies. The legality of this is being debated in courts at the moment. The morality of this is clear (to me): it’s wrong. “If you’ve nothing to hide, you’ve nothing to fear” is the refrain of the KGB, the Gestapo and every despot across the globe.

Government intrusion isn’t new. When I was a teenager, I joined a communist party. My letters from them were always opened (and no others). Presumably, this was done actually by the UK Post Office on police orders – that is, complete collusion, even thought there was no warrant or reason to fear an idealistic but naive 17 year old. It’s also long been rumoured that the voting slips of all UK communist voters were cross-referenced against their counterfoils and the names of communist voters given to Special Branch and MI5.

In short, to answer Aral’s question: I don’t feel that commercial organisations using data that I’ve opted to provide them, for the purposes they said they’ll use if for, is wrong. It’s part of modern capitalism, which contains plenty I have to hold my nose about, but that’s a much longer blog post which I can’t be bothered to write.

The worrisome aspect is states illegally stealing our data from those companies, and putting us under constant surveillance, justified by keeping us safe from this year’s bogeymen.

But those same social networks and web companies allow us to share information on what they’re doing and organise in order to protest against it. The tension between individual liberty (I believe privacy is an integral part of liberty) and state control is not new. The threat may be greater because of technology, but the platform to fight it from is greater, too.

I met the TAG

Last night I dragged my carcass down to London in order to meet the W3C Technical Architecture Group (TAG). This is the group that advises other W3C working groups on architectural matters – most notably (for Web developers) API design.

Co-chair Dan Appelquist blamed me for this event; after the inauguaral Meet the TAG last June, I suggested that follow-up events be more structured and have a public Q&A, if only so the TAG Team didn’t have to answer the same questions repeatedly as they mingled.

On stage, but not expecting the Spanish Inquisition, were Anne van Kesteren (Mozilla), Sir Tim Berners-Lee (W3C Director and Olympics opening ceremony eyecandy), Alex Russell (Google), Yehuda Katz (Ember.js, Ruby on Rails and jQuery Core Teams) and Dan Appelquist (Telefonica). Other taggers in the audience were Peter Linss, Dame Jeni Tennison, Henry Thompson and Sergey Konstantinov.

Anne introduced the TAG as saying that it attempts to ensure that W3C APIs are designed in adherence with some core principles. I asked what those principles actually are. The reply (mostly from from Alex Russell, Tim BL and Yehuda Katz) was that many older APIs don’t feel particularly webby; that’s because they were generally designed by those who code browsers in C++, and C++ isn’t the same as JavaScript. As we’ve progressed, we’ve generally got better but there are still inconsistencies and weirdnesses from time to time.

We have lots of high-level APIs but we need to get to what’s underneath. For example, every browser has image decoders (that turn PNG, JPG, GIFs into bitmaps) but how can we access them? We can’t. Where is the API that allows us to tell an <img> element to defer loading? There isn’t one.

So we need to do what Alex Russell called “archeology” – define each layer in terms of a lower layer. Yehuda used HTML5 appcache as an example; it does a whole bunch of things but, if those turn out not to be what you want, you’re stuffed. This is why Service Workers were invented, and it’s important to note that it’s possible to write AppCache’s higher-level functionality in ServiceWorkers. This layering is described in the Extensible Web Manifesto (which isn’t a TAG document, but which is signed by many TAG members as well as the glitterati of the standards world).

Tim BL pointed out that access to very low level was common in native app programming languages, and becoming so on the web but more parity is needed. The fact that we’re now calling it “Web Platform” is more than a marketing-led rebrand.

Then followed an unedifying discussion about DRM – Digital Rights Management – or Encrypted Media Extensions as the extension to HTML is delicately called. (Contrary to unpopular belief, it’s not part of Core HTML.)

I say it was unedifying because it has nothing to do with TAG. But as few people have opportunity to ask Tim BL questions, it was a chance for them to ask the director of W3C about it. Trouble is, it’s a discussion that goes nowhere. If TAG’s disapproval of EME could abolish DRM from the world, I’d be all for discussing it (although I’d prefer they focus their new superpowers of abolition on hunger and war). But whether TAG likes it or not, Big Hollywood will implement DRM anyway.

Then I went for a pee and missed a bit about making up your own tags with XML (and/ or RDFa) is evil, but making up your own elements with Web Components is great. Anyone else catch the detail of that part? (Update: Jeremy Keith did.)

Jo Rabin suggested that it was incorrect to see the web as being for browsers only (for Web Component require JavaScript). Alex (from Google) countered that even inside Google, the search engineers aspire to make the Googlebots see the web as we humans do – that is, through browsers – because web pages are written by people, for people.

One thing everyone agreed on was the we all love URLs (or URIs, as Tim called them; is there a difference?).

All in all, it’s good to see TAG becoming a proxy for web developers, ensuring that APIs are sane for JavaScripters. It’s refreshing that they’re open for Q&A, too. Thanks to them, and Google Campus for hosting.