Defending yourself against cross-site scripting attacks with Content-Security-Policy
A guide to cross-site scripting (XSS) attacks and the HTTP Content-Security-Policy header, what it does, how to use it, and how it protects us.
Continue readingA guide to cross-site scripting (XSS) attacks and the HTTP Content-Security-Policy header, what it does, how to use it, and how it protects us.
Continue readingHow to set up CircleCI to inject environment variables and deploy your Google AppEngine app, as well as managing different deployment environments.
Continue readingNow in its 11th year, ffconf is one of the biggest events in the conference calendar for web developers across the UK. Yet somehow I’ve managed to miss every one since I got into tech, because of some reason or another - last year I was at the week-long blockchain sales pitch that is Web Summit - so I was understandably very excited to finally be going.
Continue readingIn an attempt to dispel the idea that if you have to google stuff you’re not a proper engineer, this is a list of nearly everything I googled in a week at work, where I’m a software engineer with several years' experience.
Continue readingTech job interviews are often different flavours of the same thing, regardless of where you apply. Interviewers are likely to ask you questions about your experiences, perhaps a hypothetical question about what you might do in a certain situation, or delve into some of the how-it-works stuff under the hood of whatever programming language you’ll be using. However, there’s one question that you can guarantee will come up: ‘Do you have any questions for us?’
Continue readingWhen you’re talking about what you’re working on, do you ever stop to think about what you’re saying and whether the person you’re talking to can actually understand it?
Continue reading