The Forwarded HTTP header has been introduced in RFC7239 from June 2014. It “defines an HTTP extension header field that allows proxy components to disclose information lost in the proxying process, for example, the originating IP address(…)”. However there is not any mechanism to protect subsequent component against spoofing. Indeed, if your subsequent component, let’s say an API, is exposed on Internet, anyone can forge a HTTP Forwarded header. If your API is always behind your prox...| Raphael Medaer’s blog
I am proud to present a new music project named “Brunch”. This is a brand new single which will be released on May 1st featuring two chill and smooth piano tracks with inspirations from Erik Satie to Michel Petrucciani. More to come soon…| Raphael Medaer’s blog
If you are a front-end or a fullstack developer, you maybe already imported CSS files from a Javascript or a Typescript file. For instance: import styles from "./styles.css" A few months ago it would not have been possible out of the shelf. Indeed you would need a bundler (such as WebPack, Rollup,…) to “inline” the CSS file as a string in your Javascript file. Nowadays it’s possible thanks to the “CSS Modules” (to not confuse with the homonym open-source project).| Raphael Medaer’s blog
A decade ago, Vincent Driessen wrote a post named “A successful Git branching model”. In his post he presents a development model using many Git branches (master, develop, …) well known as the Git flow. Even if I’m not doing professional development for ten years, I got the opportunity to experiment Git flows in many development teams. As explained by his “Note of reflection (March 5, 2020)”, you should not treat this flow as a dogma or panacea. While the flow I will describe in t...| Raphael Medaer’s blog
Everybody knows Uniform Resource Identifier (URI)1. As its name suggests, it’s a way to identify a resource (for instance a file or a phone number). It is often confused with Uniform Resource Locator (URL), which is actually a form of URI. A URL is a compact string representation for a resource available via the Internet2. Today I want to share with you the way I define another type of resources: network sockets. See RFC3986 “Uniform Resource Identifier (URI): Generic Syntax” ↩ Quoti...| Raphael Medaer’s blog
JSON Web Tokens (JWT) are often used in stateless authentication flows. Thanks to the signature, the server does not need anything else to verify the token validity. The scope claim (RFC8693 section 4.2) contains a space-separated list of scopes associated with the token. The server can use it to check the application permissions. Although this claim can quickly become heavy. The more scopes you have, the bigger your token is! But JWT are meant to be a compact token format… Today I’m prou...| Raphael Medaer’s blog
I work on many different Git repositories. For each of them I have a particular email address and sometimes a GPG key. Even the Git flow might be different; always --no-ff (or not), pull --rebase instead of merge,…| Raphael Medaer’s blog
I hate capital letters! At least in directory and file names. By default your home directory has a few directories with first capital letter (Documents, Music, Downloads,…). Ok, it looks nice! But I always make mistake when I type capital letter in my terminal. Fortunately, all of this is configurable…| Raphael Medaer’s blog
A common routing use-case is to share a route URL pattern for multiple purposes. For instance GitHub is using github.com/ for both users and organizations. Indeed the user and organization pages are different. A way to implement this is using a fallback mechanism called by some of us cascade routing.| Raphael Medaer’s blog
Two years ago I switched from terminator to URXVT. This is now my day to day terminal emulator. URXVT is the unicode version of RXVT started long time ago by Rob Nation. Today I’ll show you how I fixed one of the very missing useful feature: open a new terminal in current working directory. By “current working directory” I mean “the working directory of the shell in the most recent focused terminal”.| Raphael Medaer’s blog
Inspired by Felix Geisendorfer blog post I implemented a database FSM (Finite-State Machine) with Postgresql. I brought some improvements to Felix’s implementation but before reading the following I recommend you to read carefully the original post.| Raphael Medaer’s blog
