Security

• 29 Oct 2019 | 3 min read

  #security #webdev #angular #javascript

  Using Angular innerHtml to display user-generated content without sacrificing security

  Why do some of your styles no longer work when using [innerHtml] to show some HTML content? Angular comes with a built-in html sanitizer DomSanitizer, as a security feature, thats used whenever you...

  read article
• 03 Dec 2018 | 3 min read

  #security #logs #web #monitoring

  3 things you might see in your logs once your site is public

  You've finished deploying your website to its new domain. You start to see your normal user traffic, but then you also notice funny patterns in your access logs. Here's a few examples of things you...

  read article
• 17 Oct 2018 | 2 min read

  #security #passwords #secrets #teams

  Managing passwords and other secrets in a bigger team

  A few years ago, I was helping a company get its secrets in order. There were secrets stored in Google Docs, in Chef, in git, in an OSX image stored in git, in email, in a file manually placed in a...

  read article
• 22 May 2018 | 3 min read

  #ssl #aws #security

  Troubleshooting SSL issues

  This is a pretty typical nightmare scenario. An engineer suddenly quit and I was part of a new team that was maintaining a brittle system with little documentation. Someone pings me and says, hey this...

  read article