-
Ternaries
I’ve used to love ternaries back when in my high school days. It looked smart, concise, and elegant. Then in my college days, I started to use it less because how hard it is to skim when you need to understand it quick. When I started working professionally, like, actually exposed with more code, I…
-
TIL: HSTS is not Pinning, Pinning is the Problematic One!
It has been years that I mistaking HSTS as HPKP 🤦— it’s not! HSTS is a way to make sure your website should ONLY be loaded in HTTPS. HPKP is the ancient internet standard for securing your webapps. What’s pinning/HPKP? Certificate Pinning or often called HTTP Public Key Pinning is a mechanism to tell your…
-
Translation & Localization are Two Different Things
While reviewing some Localization strings, one of my friends commented that this is translation, and what we’re aiming for is localization. This just make me realize that these are two different things. Localization is not just about translating, but you need to deliver the message. It can be using different wording, phrasing, grammar, terms (to…
-
CI/CD For Everyone: Deploy PHP Projects to Any Hosting Platform
CI/CD has been a lifesaver for organization with many projects, big or small. In my case, I have a Laravel project that needs its JavaScript to be built before deployment. There are a lot of options to do this, but this time, I think I found a perfect combination to deploy them with minimum clutter…
-
Password Expiration is an Expired Standard
Since this one is lately being talked within my circle and I’ve been super irritated with the password expiration notification email, I’d like to rant about this policy for a bit. Let’s start with that is this policy is all about. Password Expiration Policy is a policy that enforce your user to change the password…
-
TIL: `REMOTE_USER` HTTP Header
While proposing Firefly III to support OAuth login, my proposal got rejected because they already support REMOTE_USER from RFC3875. This is very interesting, because I never thought we can utilize authentication via proxy. I’m aware of Authentik’s Proxy Provider, but never thought that there’s standard for this. Especially when you provide the upstream with just…
-
Jenius’ Inconsistent Exchange Rate
I’m writing this post just in case if someone asks why the currency exchange doesn’t match with their calculator. The bank that issue my card is Jenius. Jenius stated in their FAQ (Jenius Debit Card → Jenius Debit Card Usage) that they use Visa’s currency exchange rate, with 3% bank fee to “anticipate the fluctuating…
-
Lost in Translation on Software Engineering
Few days ago I found an interesting tweet: the posted code runs faster on Java, rather than Go. Quite interesting, right? So I asked ChatGPT to convert the code to Rust and see if it perform any better: It doesn’t. The code took 4.7 min on release mode, and a whopping 9.93 min on debug…
-
Indonesian KTP NIK: A Shower Thought
Indonesia KTP NIK (stands for Nomor Induk Kependudukan ([National] ID number [for]) Kartu Tanda Penduduk (Citizen ID Card)) is a number that assigned to each of Indonesian Citizen. KTP NIK actually contains a few information such as the location where the KTP (National ID Card) is issued, the holder’s birth-assigned sex, and their birthday date.…
-
The Pool Analogy
A few days back I explained about how someone may only hear the most outrageous news/problems from the other team, and I suddenly got a stupid analogy of a pool, and I thought maybe its fun to write a blog of it. You know your pool when its warm, when its cold, but you will…