Pastecard S

A major update to the main Pastecard web app went out this week, which I’m calling Pastecard S. Much like the iPhone hardware updates of the same designation, the experience should more or less look and feel the same, with everything souped up under the hood. I also call it Pastecard S because all the new features (can be forced to) start with S.

Security

All of Pastecard’s web traffic is over SSL now: start your URLs with https instead of http! A mere four months ago, I figured this would be impossible to do on an operating budget of zero dollars. Not so! My utmost and sincere thanks to Let’s Encrypt for providing SSL certificates absolutely free of charge. And bonus thanks to my web host for having a one-click deploy for the Let’s Encrypt certificate. It was literally one click, that cost me nothing, to get this done. I’m a dummy.

Service Workers

In another moment of dumb laziness four months ago, I decided making the switch from App Cache to Service Workers would be impossible, as they require https traffic. Once that first piece was in place, creating a simple service worker that did everything the old app cache did was easy – there are plenty of tutorials and even generators online for this. However, that first service worker only, um, worked for the single-user version of the app I put on Github, where the root is an index.html file.

The Pastecard web app has an index.php root, which takes the username from the URL as a parameter. It took me longer than I’d like to admit to figure out how to pass that parameter to the service worker itself, and then instruct it to cache that vanity URL as the root. All of this is to say, Pastecard should still work offline, whether you use it at pastecard.net or your own updated install from Github, as it did before. Only now it’s using a modern caching technology instead of one that was deprecated from the start.

Signups

Consider this my GDPR update, coming in right under the wire! Inspired by Overcast’s related update, I no longer collect email addresses at signup. I initially thought they would be useful to have, in case:

• Someone emailed a support question, and I could identify their account
• Someone created a bunch of accounts, foolishly using the same email address each time
• I wanted to email the whole user base about something

Guess what? None of those situations ever happened. So I no longer write any data to disk other than your username, your card text, and time stamps when anything happens. I am not a lawyer, but I think I’m good? (Please don’t come after me.)

So long, div

From day one, the underlying HTML structure of Pastecard was a div representing the card out of edit mode, and a visually-identical textarea representing the card in edit mode. This led to a lot of extra code to translate between HTML in the div and plain text in the textarea, among other minor annoyances. As I upgraded the offline caching to a modern method with service workers, I figured I could simplify the whole app by getting rid of the div entirely, and instead apply the similarly modern (to me, at least) readonly attribute to the textarea when it’s not in edit mode. So, that’s what I did. It might have resulted in the biggest code deletion in Pastecard’s (public) history.

There it is, Pastecard S. Leaner, safer, and future-proof. All while looking and feeling the same. Okay, I made the trademark blue border a little bigger.