I skipped this last week because I was on staycation, so cheating a bit here and doing two weeks. Attention to Detail and Perseverence Two weeks ago I did a major home improvement project: replace a bunch of cedar shingles and had to repair some rotting board underneath. I do not consider myself handy, but… Continue reading 2019-07-19 What I Learned This Week
Multiple Content Security Policy Headers are Multiple Policies They don't make a union of all the policies together. See this post on CSP for more. Google Tag Managers Recommendations for Content Security Policy They are not good. Using all of GTM means whitelisting data: URLs, 'unsafe-line', and 'unsafe-eval' for script-src. Might as well not have… Continue reading 2019-07-05 What I Learned
Today I've been fighting with Content Security Policy (CSP). Servers may send multiple CSP headers, but there is a catch: Adding additional policies can only further restrict the capabilities of the protected resource I had wrongly assumed that I could pretty up my nginx configuration by splitting up the various *-src directives into separate add_header… Continue reading Working with Multiple Content-Security-Policy Headers
To Do This I was listening to a podcast in which the interviewee talked about doing a weekly review of what I learned this week. Seemed like a legit idea, so here we are. I Missed Reading Fiction It's not that I stopped reading it ever, but that I haven't felt really into a book… Continue reading 2019-06-28 What I Learned This Week
I've been frustrated the lack of diffs in Karma with Mocha and Chai as the test and assertion backends. Turns out support for better diffs has been around for years. It just requires that a configuration option be set. The result is wonderful diffs that show's exactly what's missing or different.
Symfony's autowiring is one of the best things to come to the framework in the 3.X series. Without it we would all still be extending ContainerAware base classes and be using a service locator. But what if we need multiple instances of somethign in the container? The docs talk about dealing with multiple implementations of… Continue reading Making Multiple Instances Play Nice with Symfony’s Autowiring
The Symfony ChoiceType is a complex, interesting beast. By far my biggest complaint about it is the error messages shown to the user during validation are not great. Defaulting to, "This value is not valid," with no help for the user on what values are actually allowed. That's okay for plain HTML interfaces where the… Continue reading Improving Symfony ChoiceType Error Messages
