Published: April 17, 2020
I’m currently attempting to set up a Content-Security-Policy on this site in strict-dynamic mode. As this is a static site, nonces are not an option for me, so I’m looking into using hashes. I was pulling my out hair earlier this evening trying to figure out how to generate the hashes in the correct CSP format at the command line. I finally figured it out piecing together various bits of information and wanted to share my findings here.
Published: April 16, 2020
Some APIs require GET requests with request bodies. I was looking into how to do that today and struggling with Google. Eventually I found this answer on StackOverflow.
PHP code is as follows:
$ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'https://maxchadwick.xyz'); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET'); curl_setopt($ch, CURLOPT_POSTFIELDS, 'THIS IS THE REQUEST BODY'); curl_exec($ch);
Published: April 15, 2020
This morning I was trying to paste so XML from a local file into a remote file using Vim. However when I did it, it was messing up the indentation really badly, essentially indenting each new line an additional level.
Published: April 13, 2020
My site uses Disqus, so my Content-Security-Policy had their domains whitelisted something like this:
default-src 'self'; script-src 'self' c.disquscdn.com ...;
Published: April 11, 2020
I had been interested in adding a Content Security Policy (CSP) to this website for a while. However, the site is built with Jekyll and hosted on GitHub pages, which doesn’t allow you to set custom HTTP response headers such as
Content-Security-Policy1. I did a bit of research and found it would be possible to add them through Cloudflare (which I use as a CDN / DNS provider) via their “Cloudflare Workers” feature. In this post I want to walk through the setup process.
Published: April 9, 2020
Recently I had to troubleshoot an issue where some products that were expected to be indexed in Elasticsearch were not. The client wasn’t sure which / how many products were missing, so I wrote a script which diffs products stored in MySQL (
catalog_product_entity) against the Elasticsearch index. I’ve decided to share the script here in case others find it useful.