Web Developer Checklist

Liked the favicon part, very often forgotten...<p>Would be nice if this was open sourced so more items could have been added by the community (also framework specific checklists) but I like the concept<p>One thing I would add which is driving me crazy on mobile / tablet sign up pages<p><pre><code> - make sure your email fields are annotated with type="email" </code></pre> Another common issue is with SSL mixed content waring, so I would also add<p><pre><code> - make sure to use protocol relative / https only URLs </code></pre> (with a reminder to NOT use protocol relative URLs in email templates, your outlook users will appreciate it)

I see that Jakob Nielsen's venerable "Top 10 Mistakes in Web Design" checklist<p><a href="http://www.nngroup.com/articles/top-10-mistakes-web-design/" rel="nofollow">http://www.nngroup.com/articles/top-10-mistakes-web-design/</a><p>just got new styling the other day, as I work on updating my seventeen-year-old personal website.<p>There are still a LOT of websites that make several of those top ten mistakes. They are higher priority than many of the other issues mentioned on the checklist kindly submitted here. As other comments here have pointed out, it's desirable in a checklist to establish priorities.

A no-www domain might not be the best solution if you ever want a 'Cookie-free Domain' (static.) for images etc. which speeds up your site. If you start with a no-www domain you have to setup a different domain (no subdomain) for it: like sstatic.net for SO, ytimg.com for YT and yimg.com for Yahoo.<p><i>When the browser makes a request for a static image and sends cookies together with the request, the server doesn't have any use for those cookies. So they only create network traffic for no good reason. You should make sure static components are requested with cookie-free requests. Create a subdomain and host all your static components there.</i><p><i>If your domain is www.example.org, you can host your static components on static.example.org. However, if you've already set cookies on the top-level domain example.org as opposed to www.example.org, then all the requests to static.example.org will include those cookies. In this case, you can buy a whole new domain, host your static components there, and keep this domain cookie-free.</i><p><a href="http://developer.yahoo.com/performance/rules.html#cookie_free" rel="nofollow">http://developer.yahoo.com/performance/rules.html#cookie_fre...</a>

Interestingly enough this website doesn't have:<p>1) Custom 404 page<p>2) robots.txt<p>3) PICS label<p>4) viewport meta-tag<p>5) Google Rich Snippets<p>6) Fails the recommended CSS validator

sorry but that<p><pre><code> Remove 'www' subdomain </code></pre> is just harmful. force 'www.' instead. why? shitty URL parsers, marketing people and DDOS attacks, that's why.<p>let's imagine you write a<p><pre><code> - blog post - blog comment - press release (distributed via free and paid press release services) - mail - word - forum post - ... - ... </code></pre> if you have a non-www URL it's a game of chance, your in text "whatever.tld" domain will get transformed into a clickable link. yes, a lot of modern URL parses will transform whatever.com into a clickable link, some will even transform whatever.in into a useable link, but a lot of old, shitty, idiotic, strange URL parsers won't. and well, a big part of the web, i would say most of it, is not up to date. so using non WWW will lead to a loss of inlinks and to a poor user experience of users who want to reach your site, but can't click on the in-text-domain (they need to copy/paste instead)<p>and the situation will get worse with the new commercial TLDs to come.<p>yes, you can - in most cases - force a domain to link conversion in most CMS if you write <a href="http://" rel="nofollow">http://</a> in front of it. but well, in a promo text most marketing/pr people will not write "and <a href="http://whatever.tld" rel="nofollow">http://whatever.tld</a> has a new feature to give people endless bliss" they will write "whatever.tld has a new ....".<p>oh, and by the way. whenever a journalist will write a piece about you, in print or online, they will always (or at least in a lot of cases) write www in front of your domain anyway. yeah, that's not an issue if you have redirects in place, just annoying if you have an non-www webproperty.<p>plus<p>having a subdomain is another layer of defenses agains DDOS attacks. see this discussion on hacker news from may 18 2011 (my birthday by the way) <a href="http://news.ycombinator.com/item?id=2575266" rel="nofollow">http://news.ycombinator.com/item?id=2575266</a><p>go for www.

Custom 404 page under usability? hmm.<p>I'm sure just about anyone who has used the web for any length of time has hit the standard apache "Not found" page hundreds of times now and pretty much knows what it means.<p>Custom 404 pages of often quite confusing as they will try to be clever and redirect you to other content that may be interesting. Sometimes these aren't clear and give the impression that the link was not broken and that this is where the site designer intended you to go which leaves you looking around the page for the content you thought you were going to get.

Would be nice to have this automatically generated for a given URL.

A document that bills itself as "The ultimate checklist for all serious web developers" should not hide most of its content (via CSS) and require trusting some unknown author's javascript to display it.

It's sad how "Security" there's only <i>one</i> very generalizing item. "Implement best practices". Right.<p>Is the author just ignorant, or am I a fool thinking that <i>if anything</i> it should be "Security" which has the most elaborate items?

I would add one: Make sure your log-in form is uncomplicated so that browsers can remember passwords correctly.

So "SEO" has four different checkboxes but "Security" has just one: "Implement best practices"<p>Uh...I think that can be broken down to at least two different things...

What would be the best approach to automate this so I could put in a URL and it detects as much as it can about the website?

Good stuff, I'll probably use this for clients who say, "What have you been doing? It looks done to me!"

Another nice list: <a href="http://www.boxuk.com/blog/the-ultimate-website-launch-checklist" rel="nofollow">http://www.boxuk.com/blog/the-ultimate-website-launch-checkl...</a>

I have a sublist of that, that I built over the last ~year of hacking on web projects. One of my biggest to dos in each project is automate stuff like validating. I still haven't really found a good way so I either go to w3c and check everything once in a while or I just don't. Usually I just don't.<p>This to me is like a checklist of things to automate. Is there any "build" system for the web?

Great start. Wish it were set up to be collaborative so we could suggest some of the missing elements.

Solid functionality that I'll personally use. Good work.

I did something similar - a checklist for prelaunch which you might find some useful things to add to your list: <a href="https://bitbucket.org/steerpike/checklist" rel="nofollow">https://bitbucket.org/steerpike/checklist</a>

Nice work, I use this at the moment <a href="http://lite.launchlist.net/" rel="nofollow">http://lite.launchlist.net/</a> as it has more checks and well a prettier interface.

I'd add: check your SSL certificate installation using a tool like this: <a href="http://certlogik.com/ssl-checker/" rel="nofollow">http://certlogik.com/ssl-checker/</a>

I built a public trello board from this list: not quite sure if that's the best presentation (should it be one card for each heading?), but ideally people would clone it to work on their own sites, and make contributions of new cards/info for existing cards on the main board. <a href="https://trello.com/b/hkC4B6HA" rel="nofollow">https://trello.com/b/hkC4B6HA</a>

What do people here think of no-www? I personally hate www and see no reason to unnecessarily increase my url length by 4 characters.

WoW I am building an automated tool right now for exactly that. It is in private beta. Anyone interested in test riding it drop me a line!<p><a href="http://site-analytics.org/" rel="nofollow">http://site-analytics.org/</a> The intro is already outdated, I'll make a new one very soon.

Thx for sharing. For a newbie in web dev (like me), it is a great resource. Bookmarked.

I have a template project in Basecamp that contains a similar kind of list of tasks that I use to launch all projects.<p>Just have to create a new project with the template for each launch and then work your way down.

Is it time for feature requests? It'd be great to get integration with common management tools (e.g. Github Issues, Trello), so that the list can automatically be imported for a given milestone.

And people say web development isn't difficult.

Really good for showing customers/bosses/coworkers why a site need those extra hours of love after the proof-of-concept stage.

Security &#62; Cross-site scripting &#62; XSS cheat sheet link is broken. Funny considering the first item in the checklist.

This is cool, I expect a lot of people could get use out of this. The security section is kind of amusing, though.

The spellcheck item didn't have a link. Any good spellchecker bots out there?

You might want to link your href-s to new tab/window.

No clean URLs?<p>How about setting up automated backups?

Nice list. Missing: HiDPI images.

Big time bookmark. Thanks!