Thoughts & Musings
Document Picture-in-Picture: Always-on-top UI, powered by real HTML
The Document Picture-in-Picture API lets web apps open an always-on-top window you can fill with real HTML—ideal for timers, controls, and conferencing UI.
Content Index API: A Brief Overview
The Content Index API lets PWAs register offline-ready pages with the browser, making saved articles and other content easier to discover and manage.
Federated Credential Management (FedCM) API — a brief primer
Federated Credential Management (FedCM) is a browser-mediated sign-in API that enables “Sign in with…” flows without relying on third-party cookies. It standardizes the login experience, reduces cross-site tracking signals, and helps identity providers and relying parties deliver more reliable, privacy-preserving authentication.
The EyeDropper API: Pick Any Pixel Color on the Screen
The EyeDropper API lets web apps offer a browser-provided eyedropper mode so users can pick a color from any pixel on their screen—even outside the browser—using clear, user-driven controls.
Encrypted Media Extensions (EME): Decrypting Protected Video in the Browser
Encrypted Media Extensions (EME) is the web platform’s standard way to enable playback of encrypted, DRM-protected media in the browser. Rather than handling decryption directly, your application coordinates with the browser’s Content Decryption Module (CDM): it requests access to a media key system via Navigator.requestMediaKeySystemAccess(), attaches the resulting MediaKeys to a specific HTMLMediaElement with setMediaKeys(), and then manages the message exchange for licenses/keys through a MediaKeySession. When the media element encounters encrypted initialization data, it fires an encrypted event (represented by MediaEncryptedEvent), and the CDM can emit session messages (MediaKeyMessageEvent) that your app relays to whatever key infrastructure you use. EME is widely available across modern browsers and is typically restricted to secure contexts (HTTPS).
A Quick Tour of the Web Encoding API
Modern web apps live at the boundary between JavaScript strings and raw bytes. The Web Encoding API exists to make that boundary explicit and safe: it lets you encode a string into UTF‑8 bytes and decode bytes back into text. Importantly, these operations aren’t symmetrical—encoding targets UTF‑8, while decoding can interpret UTF‑8 and many legacy encodings. Alongside the synchronous TextEncoder and TextDecoder, the platform also provides stream-based variants for processing text incrementally as data arrives.
