Frederic Hemberger Frontend+​JavaScript Developer

  • Freelancer
  • HTML5
  • CSS3
  • JavaScript
  • Node.js

I work with clients and agencies to create websites and applications based on modern web technologies.

Consulting, Planning and Development

Right from the start of a project, I support you during the planning stage, for example with comprehensible, technically sound concepts or interface definitions.

I'm happily giving advice about the feasibility of technical options, so the individual parts of the project (front-end, back-end and third-party components) fit exactly your needs.

I love to craft simple yet elegant front-end solutions following web-standards and best practices, while focusing on performance, usability and accessibility and across devices.

My main line of work is coding JavaScript, either for the browser or creating RESTful APIs, writing web services and applications with Node.js.

As I really care about the open web, sharing my knowledge is part of my work: I contribute to open source projects on GitHub and write/speak about web-development. I'm also engaged in the local JavaScript meet-up Cologne.js.

As I do most of my articles and talks in my mother-tongue, you can get the complete list on the German version of this website. However, everything written in English is listed below and I plan to write and speak more in English as well.



Login failed. Retry? – Website authentication methods and UX

Website authentication can become quite peculiar at times, both from a technical and user experience view. Addressing some of the bad practices, I present a few suggestions to improve the situation and make it easier for your users to login with your site.

Digital self-defense – Mitigate Clickjacking and XSS attacks with HTTP headers

Web security is for the most part an unloved stepchild for most developers, but in this talk I‘ll show you how at least two typical attack scenarios - clickjacking and injection of unwanted resources – can be mitigated with little effort and what Content-Security-Policy offers in modern browsers.

(This is the English version of my talk „Digitale Selbstverteidigung“, which I held spontaneously at JS Unconf 2014.)

Running Node.js apps in production

At JS Unconf 2014 I talked about pros and cons of different deployment techniques for your Node.js application, what makes a good startup script and how to keep downtime to a minimum during deployment.

The second part is about handling errors and exceptions without letting your entire application crash. Metrics and log files help you to understand, how your application behaves in production, but as grepping through tons logfiles can be cumbersome, I‘ll show you why Elasticsearch and Logstash might be a good alternative for you.