Re: [CODE4LIB] Accordion menus & mobile web best practices

[Haitz, Lisa (haitzlm)]

I would think in terms of accessibility. A self closing menu would have to 
indicate to a blind user that it was closing the parent when the child opens, 
and/ or otherwise provide a way for the user to go back. 

Sent from my iPhone

> On Dec 18, 2015, at 3:02 PM, Kyle Breneman  wrote:
> 
> Our library website is currently being redesigned to be responsive.  The
> work is being done by an outside design firm and the project is being
> managed by University Relations, our school's PR department.
> 
> The mobile version of our responsive site has several accordion menus
> (similar to attached).  I've asked for these accordion menus to be
> self-closing; in other words, there is never more than one expansion of an
> accordion open at one time - if a user clicks to open another part of the
> accordion, the first part simultaneously slides shut.
> 
> I've been told that self-closing accordions are contrary to best practices:
> 
> "Unfortunately, no, as this isn’t best practice. Accordions should require
> a click each to open and close; in other words, nothing on your page should
> move without a user action. This is true throughout our sites. See the
> universal Quick Links in mobile."
> 
> Is it true that self-closing accordion menus run counter to best practices
> in mobile web design?  The sort of behavior that I'm asking for seems, to
> me, intuitive and expected.
> 
> Thanks for your input!
> 
> Kyle Breneman
> Integrated Digital Services Librarian
> University of Baltimore
> 

Re: [CODE4LIB] yaml/xml/json, POST data, bloodcurdling terror

[Andromeda Yelton]

I considered leaving json out of the subject line on the grounds that it's
less terrifying, but I figured anyone accepting and parsing user data in
any format who didn't already know this stuff could benefit from hearing
about it. Didn't want people to rule themselves out because "oh, I don't do
yaml or xml". The biggest security vulnerability is the one you don't know
about yet, right?

On Fri, Dec 18, 2015 at 12:48 PM, Eric Phetteplace 
wrote:

> Agreed, I thought the JSON criticism was a bit of stretch. It's hilarious
> that json.org, *created by Douglas Crockford*, mentions using eval() as a
> JSON parser, though.
>
> Best,
> Eric
>
> On Thu, Dec 17, 2015 at 8:42 PM, Brian Hoffman 
> wrote:
>
> > Thanks, this was interesting. But the JSON segment is a little less than
> > terrifying as it’s predicated on the misuse of eval(), which is commonly
> > and easily avoided.
> >
> >
> > > On Dec 17, 2015, at 11:00 PM, CODE4LIB automatic digest system <
> > lists...@listserv.nd.edu> wrote:
> > >
> > >
> > > Date:Thu, 17 Dec 2015 09:22:07 -0500
> > > From:Andromeda Yelton  andromeda.yel...@gmail.com>>
> > > Subject: yaml/xml/json, POST data, bloodcurdling terror
> > >
> > > I strongly recommend this hilarious, terrifying PyCon talk about
> > > vulnerabilities in yaml, xml, and json processing:
> > > https://www.youtube.com/watch?v=kjZHjvrAS74 <
> > https://www.youtube.com/watch?v=kjZHjvrAS74>
> > >
> > > If you process user-submitted data in these formats and don't yet know
> > why
> > > you should be flatly terrified, please watch this ASAP; it's
> > illuminating.
> > > If you *do* know why you should be terrified, watch it anyway and
> giggle
> > > along in knowing recognition, because the talk is really very funny.
> > >
> > > --
> > > Andromeda Yelton
> > > Board of Directors, Library & Information Technology Association:
> > > http://www.lita.org 
> > > http://andromedayelton.com 
> > > @ThatAndromeda  > http://twitter.com/ThatAndromeda>>
> >
>



-- 
Andromeda Yelton
Board of Directors, Library & Information Technology Association:
http://www.lita.org
http://andromedayelton.com
@ThatAndromeda