Defending yourself against cross-site scripting attacks with Content-Security-Policy
A guide to cross-site scripting (XSS) attacks and the HTTP Content-Security-Policy header, what it does, how to use it, and how it protects us.
Continue readingBlog
-
3 May 2020 -
31 Dec 2019 Deploying your Google AppEngine app with CircleCI
How to set up CircleCI to inject environment variables and deploy your Google AppEngine app, as well as managing different deployment environments.
Continue reading -
16 Nov 2019 ffconf 2019: future friends beside the seaside
Now in its 11th year, ffconf is one of the biggest events in the conference calendar for web developers across the UK. Yet somehow I’ve managed to miss every one since I got into tech, because of some reason or another - last year I was at the week-long blockchain sales pitch that is Web Summit - so I was understandably very excited to finally be going.
Continue reading -
2 Sep 2019 Everything I googled in a week as a professional software engineer
In an attempt to dispel the idea that if you have to google stuff you’re not a proper engineer, this is a list of nearly everything I googled in a week at work, where I’m a software engineer with several years' experience.
Continue reading -
22 Aug 2019 Questions to ask at an engineering interview
Tech job interviews are often different flavours of the same thing, regardless of where you apply. Interviewers are likely to ask you questions about your experiences, perhaps a hypothetical question about what you might do in a certain situation, or delve into some of the how-it-works stuff under the hood of whatever programming language you’ll be using. However, there’s one question that you can guarantee will come up: ‘Do you have any questions for us?’
Continue reading -
6 Apr 2019 Why software engineers should know their audience
When you’re talking about what you’re working on, do you ever stop to think about what you’re saying and whether the person you’re talking to can actually understand it?
Continue reading