JavaScript Prototype Pollution
Prototype pollution seems to come up quite a lot when tells me to upgrade packages. It's a vulnerability that has to do with the way…
The virtual home of
Rabea Gleissner
A place to share what I've been learning and making.
Things I learnt or thought about
Web Shell
I've been learning more and more about web security recently and today I came across the concept of a web shell.I was going through a course…
Clickjacking explained
Clickjacking means that a user's click is highjacked for a different purpose. The user thinks they’re clicking on one thing, but in reality…
setTimeout and setInterval can be a security risk
Today I learnt that both of those function could potentially make your code vulnerable to remote code execution! I only knew that the and…
Learnt a new German word - Datensparsamkeit
Who would have thought that I'd learn a new German word at a conference in Australia - from Martin Fowler! My first language is German. I…
What does hash salt do?
Adding salt to a password before hashing it makes it more secure. Recently I learnt exactly why that is.When you save a password in your…
What is currying and why use it?
I hadn't written for the Tes blog for a while, so I thought I'd write a little article about functional programming concept that we…
Pass arguments to a Node script
We're migrating our old Hugo blog at work to use Gatsby. Mostly the markdown pages can stay the same - except the frontmatter sections at…
Where smoke tests get their name from
Smoke tests are tests that are run to ensure that the most basic functionality of a program works. So not testing all the edge cases but…
How to find all commits with a certain line of code
This is an awesome one. Let me explain.Today our whole team at work is spending a day of paying off technical debt. Ok, that’s not the…
JavaScript and CSS can communicate
The first thing I learnt today was about CSS custom properties, also called CSS variables. I might be a bit late to the game here but today…
How to find a key with a null value in MongoDB
Today I had an error because I was trying to set some data on a nested object in MongoDB, except that the parent key was null in one case…
You can revert a git merge
We had a little bit of an issue in live today, resulting from a large refactoring that was done this week. We had to urgently fix this issue…
You can temporarily ignore vulnerabilities
At work we have a pre-push hook on our repos that doesn’t allow us to push if we have npm vulnerabilities. That’s great for security, of…
Web monetisation with Coil
I was listening to the Shoptalk Show podcast episode about how to make money with your content on the web. And there’s a new way of doing…
Remote pair programming tools
I've recently done a lot of pair programming remotely and tried a few different tools. I thought it would be interesting to share my…
Orthogonality
I'm reading The Pragmatic Programmer at the moment and they explain what orthogonal systems are. I feel like I had heard about it before but…
How does the rice cooker know when the rice is done?
Every time I cook rice, I ask myself this question. Today I looked it up.I figured that it would have some sort of sensor to measure the…
Kaizen
I came across this philosophy in the new edition of the Pragmatic Programmer book. (I guess the original version talks about it too but I…
Assert that an object has keys with expect.js
We’re using expect.js at work for our test assertions. And today I learnt that you can have an assertion on whether an object has a key or…
Bash script to run a test lots of times
This is probably more a note for myself rather than anything else… but why not make it public? Maybe someone else is looking for just that…
Comparing dates in JS
I’ve recently done a lot with dates and times. And I found it really fiddly. Comparing dates, comparing times of days… and I learnt a few…
Ignoring elements when destructuring an array in JS
Recently, while I was pairing with Federico, he wrote some code like this:And my reaction was: "You have a rogue comma there!" But no… he…
Vim snippet for console logging
I did another one today to easier debugging in JavaScript.When your cursor is on a word in normal mode, you can type and it will insert a…
Vim snippet to focus on a test
The amount of times that I've finished writing the expectation of a test, then navigated up to the description of the test (usually using…
What exactly is Opera Mini?
I feel like every time I look at caniuse.com to see what the browser support is for certain CSS or JS features, there’s usually a mix of…
WebP image compression
I’m really not keeping up with the latest web development trends… Today was the first time that I heard about WebP. It’s an image format…
Private and public browser cache
One of the many wondrous things you can inspect in the Chrome developer console are the cache-control settings.The first value it specifies…
Express routing error
What Express is trying to tell you is that your route is calling a controller function that doesn’t exist… Because you renamed it in the…
Slack - toggle right pane
I think threads on Slack are great - they keep the channel a lot tidier. It just always annoyed me that I couldn’t figure out which shortcut…
Elixir module not available
I’m working on a small side project in Elixir and last time I worked on it, I got stuck because I got this error.I had just written a…
Elixir - you can pattern match on strings?!
Wow, maybe this should have been obvious but I didn’t realise that until now. That’s so cool!I’m working on a slack bot and need to parse…
dangerouslySetInnerHTML
Sounds pretty wild and like something you probably don’t want to touch with a bargepole! Au contraire. I’ve seen it all over our Tes…
MongoDb write concerns
I’ve been doing the MongoDB for JavaScript developers course by MongoDB University. Today I learnt about write concerns.Let’s say we are…
Function capturing in Elixir
In Elixir you sometimes need an anonymous function instead of a named function. The difference is that an anonymous function has access to…
MongoDB lookups
As part of the MongoDB University course that I’m doing, I had to write an aggregation with a $lookup 😱And I learnt that lookups are…
Edit view vs read-only view
At work we’re aiming to build a new system in the most Lean way possible. Which basically means that we’re trying to get it up and running…
Formatting dates with toLocaleString in JavaScript
I’ve worked with JavaScript for a while now but somehow I had never come across the function to display dates in the front end. The…
React Hooks in production
Today I used React Hooks for the first time in a production project. Boom! Modern JavaScript. I used the state hook which replaces and…
Upgrade to Neovim
As a modern woman, I’d been thinking about upgrading to Neovim for a while. (OK, you might argue, that as a modern woman I should have…
Using environment variables in your node script
It’s as easy as this. In your code, use . And when you run your script with set the environment variables first. So it’ll be something…
Backpressure and pressure-stream in Node.js
I’m working on a story to take some data from one database, transform it and then save it in another database. So I need to write a script…
Writing a bash function for find and replace
I wanted to have a shortcut to find and replace words in the whole project. There’s this command that I googled and thought it was a bit…
Changing an index to a sparse index in MongoDB
An index on a specific fields means that when we do a query using that field, it will be more performant. But what happens when not all…
lodash fp
Today my colleague Federico introduced me to the functional programming library of lodash. We were using . Here’s how we used it: We had a…
MongoDB projections
Every time I have to do a MongoDB query I feel a bit uneasy… I know how to make some basic queries but the rest I always have to google. So…
Studio 3T for MongoDB skillz
Most of us at work seem to be using Studio 3T to access our data in MongoDB. Here are a few things that I've learnt that help me use it…
If you think the user story is small, break it down further
I wrote some user stories for a new feature today. I tried to break them down into sensible chunks, as you do. Each story should bring value…
MongoDB compound indexes
I picked up a story at work today which is related to indexes in MongoDB. Basically, one of my colleagues had run a query to evaluate the…
Empty string is not a string in Joi validation
We’re using Joi validation to ensure that we’re saving the data of the correct types and with the correct fields into our database.I had…
Refactoring without improving the code can be ok
Refactoring usually means that you’re changing existing code without changing its behaviour - with the intention to make it better. One of…
Mangrove forests
I was on holiday in Thailand this weekend. Yeah, digital nomad life is tough 🙂 But I still learnt something. My partner and I went on a…
CSS Transition Group
I read this interesting article this morning in bed (great excuse to stay in bed longer). It's about how someone refactored their frontend…
You can conditionally add a key to an object in JS
I had this code for adding a proposed candidate to our store of supply requests. And I needed to add a new key to the second argument - but…
Hack days and building an Elixir project
We have a generous benefit at work which is that we get to enjoy two hack days per month. The term “hack days” is slightly confusing… It…
The Tes remote Christmas party
I have to say that I am surprised just how possible it is to make personal connections while working remotely. There are people who I've…
CSS Grid and IE11
The other day I decided to finally use CSS Grid in one of my personal projects. There's so much hype about it - at least in my social media…
XProLo January meetup
I gave a talk last night at the Extreme Programming London meetup (XProLo). The talk was about why everyone should start blogging. Or…
Adventures of the bouncer of a women’s tech meetup
I’m part of the organiser team of the Ladies of Code meet up, a monthly tech meetup for people who identify as women or non-binary gender…
Reading about writing
There are a lot of things I want to get better at. One of those things is writing. Oh, wait... I'll try again:There are a lot of skills I…
Read more Today I learnt or Blog posts