Enabling mod_headers and CORS with Apache2

I’ve been working on a project and wanted to test out accessing media from a different domain using CORS. There’s two steps to this. Make sure you have Apache mod_headers enabled. Use apachectl -M on the command line interface and review the results. It should include something like this: headers_module (shared). If not then run … Continued

Workaday Reading

Same-origin policy



"The same-origin policy is a critical security mechanism that restricts how a document or script loaded from one origin can interact with a resource from another origin. It helps to isolate potentially malicious documents, reducing possible attack vectors."

read »

AWS volume resizing

AWS volume resizing

I recently resized our dev and production environment AWS EC2 volumes and these are some notes I made while doing it. It's specific to a LAMP stack but the process could be generally useful too. Posting here for posterities sake and if it's helpful for anyone else. Certainly this is not a full and exhaustive list of todo's and possibilities but it should give you a good idea of the process.

Workaday Reading

Please stop recommending Git Flow!



"Git-flow is a branching and merging methodology popularized by this blog post, entitled “A Successful Git branching model”. In the last ten years, countless teams have been snookered by the headline and dare I say lied to."

read »

Workaday Reading

Paging



"In computer operating systems, paging is a memory management scheme by which a computer stores and retrieves data from secondary storage[a] for use in main memory.[1] In this scheme, the operating system retrieves data from secondary storage in same-size blocks called pages."

read »

Workaday Reading

How to Protect Against Slow HTTP Attacks



"Slow HTTP attacks are denial-of-service (DoS) attacks in which the attacker sends HTTP requests in pieces slowly, one at a time to a Web server. If an HTTP request is not complete, or if the transfer rate is very low, the server keeps its resources busy waiting for the rest of the data."

read »

Workaday Reading

CppCon 2014: Chandler Carruth "Efficiency with Algorithms, Performance with Data Structures"

"Why do you write C++ code? There is a good chance it is in part because of concerns about the performance of your software. Whether they stem from needing to run on every smaller mobile devices, squeezing the last few effects into video game, or because every watt of power in your data center costs too much, C++ programmers throughout the industry have an insatiable desire for writing high performance code."
read »

Workaday Reading

.bash_profile vs .bashrc



"When working with Linux, Unix, and Mac OS X, I always forget which bash config file to edit when I want to set my PATH and other environmental variables for my shell. Should you edit .bash_profile or .bashrc in your home directory?"

read »

Workaday Reading

Remove/Delete all duplicate lines



"There are a lot of ways to remove duplicate lines, but I want to leave only the unique lines, and delete all duplicated lines. There are thousands of lines I need to remove, and the unique lines are just 10-20 mixed with all those duplicate lines."

read »

Workaday Reading

Dark Isn’t Just a Mode



"In my last column, I wrote about dark patterns, but this time I want to discuss something that is literally rather than metaphorically dark: inverted polarity–display methods, or dark mode. But, for many UX designers, dark mode is a new thing because operating systems are now supporting it."

read »

Workaday Reading

The Wrong Abstraction — Sandi Metz



"I originally wrote the following for my Chainline Newsletter, but I continue to get tweets about this idea, so I'm re-publishing the article here on my blog. This version has been lightly edited. I've been thinking about the consequences of the "wrong abstraction."

read »

Workaday Reading

The Git Rebase Introduction I Wish I'd Had



"One of the most important (and confusing) git features in my new job was rebasing. Looking back now, the worst part was not finding a clear beginner's guide. So for the past me, and any future devs like the past me, this intro is for you!"

read »

Workaday Reading

Understanding the Hidden Powers of curl



"curl is exceedingly powerful – unfortunately, much of this power is somewhat hidden in the purposeful non-verbosity and the underlying complexity of its numerous flags, configurations, and options. Once understood, curl boasts a wide range of powerful options."

read »

Workaday Reading

htop explained

"For the longest time I did not know what everything meant in htop. I thought that load average 1.0 on my two core machine means that the CPU usage is at 50%. That's not quite right. And also, why does it say 1.0? I decided to look everything up and document it here."
read »

Workaday Reading

Awesome Design Tools



"The best design tools for everything. Curated by Lisa Dziuba & Valia Havruliyk from Flawless team. Accessibility is the practice of creating websites and apps usable for all people, including individuals with visual, motor, auditory, speech, or cognitive disabilities."

read »

How to use an ssh config file to automatically change directories on login

Seems simple enough, but it took a couple sessions for me to figure out the magical combination. The context is that at work we have multiple sandboxes. There are personal ones and then a development and staging sandbox everyone pushes to. I wanted to run this simple Alfred workflow I use which pulls from my … Continued

Workaday Reading

Events API



"This event does not require a specific OAuth scope or subscription. You'll automatically receive it whenever configuring an request URL. The attributes Slack sends include: Careful, response URLs are case sensitive."

read »