Blog
Thoughts on software, the web, and engineering. Things I learned the hard way, and I want to understand better — originally published on dev.to.
CSRF, and the cookie flag
<form action="https://bank.com/transfer" method="POST"> <input name="to"...
4 min read · webdev, beginners, frontend
What's actually going on with CORS, under the hood
CORS is one of those things every web developer runs into sooner or later. Most of us know how to fix...
6 min read · webdev, frontend, security
When dev and prod disagree about your CSS
This started right after we shipped a production release of our feature. One of our engineers was...
4 min read · css, frontend, nextjs