-
Ternaries
I’ve used to love ternaries back when in my high school days. It looked smart, concise, and elegant. Then in my college days, I started to use it less because how hard it is to skim when you need to understand it quick. When I started working professionally, like, actually exposed with more code, I…
-
TIL: HSTS is not Pinning, Pinning is the Problematic One!
It has been years that I mistaking HSTS as HPKP 🤦— it’s not! HSTS is a way to make sure your website should ONLY be loaded in HTTPS. HPKP is the ancient internet standard for securing your webapps. What’s pinning/HPKP? Certificate Pinning or often called HTTP Public Key Pinning is a mechanism to tell your…
-
Translation & Localization are Two Different Things
While reviewing some Localization strings, one of my friends commented that this is translation, and what we’re aiming for is localization. This just make me realize that these are two different things. Localization is not just about translating, but you need to deliver the message. It can be using different wording, phrasing, grammar, terms (to…
-
CI/CD For Everyone: Deploy PHP Projects to Any Hosting Platform
CI/CD has been a lifesaver for organization with many projects, big or small. In my case, I have a Laravel project that needs its JavaScript to be built before deployment. There are a lot of options to do this, but this time, I think I found a perfect combination to deploy them with minimum clutter…
-
Password Expiration is an Expired Standard
Since this one is lately being talked within my circle and I’ve been super irritated with the password expiration notification email, I’d like to rant about this policy for a bit. Let’s start with that is this policy is all about. Password Expiration Policy is a policy that enforce your user to change the password…
-
TIL: `REMOTE_USER` HTTP Header
While proposing Firefly III to support OAuth login, my proposal got rejected because they already support REMOTE_USER from RFC3875. This is very interesting, because I never thought we can utilize authentication via proxy. I’m aware of Authentik’s Proxy Provider, but never thought that there’s standard for this. Especially when you provide the upstream with just…
-
Lost in Translation on Software Engineering
Few days ago I found an interesting tweet: the posted code runs faster on Java, rather than Go. Quite interesting, right? So I asked ChatGPT to convert the code to Rust and see if it perform any better: It doesn’t. The code took 4.7 min on release mode, and a whopping 9.93 min on debug…
-
Indonesian KTP NIK: A Shower Thought
Indonesia KTP NIK (stands for Nomor Induk Kependudukan ([National] ID number [for]) Kartu Tanda Penduduk (Citizen ID Card)) is a number that assigned to each of Indonesian Citizen. KTP NIK actually contains a few information such as the location where the KTP (National ID Card) is issued, the holder’s birth-assigned sex, and their birthday date.…
-
Dear Devs, Try to Learn How to Deploy Your Product to Production!
A few weeks ago, I assisted a team of developers that my friend had hired to work on a project—let’s call them Team Goldilocks (obviously not the real name of the team). Team Goldilocks had been struggling with deploying their software to production, encountering warnings, the app refusing to run, and experiencing problems with databases.…
-
Emailing HTML on NextJS
Since NextJS handles both backend and frontend seamlessly, emailing things now become another quest to finish, especially when you need to use template. This blog will be filled with my rants and lessons about this quest of creating my contact page. You can also check my logs for this in issue chez14/christianto.net#13. Previously, in a…