To hone my intuitions about Cross Site Request Forgery protection, I’ve been reimplementing Rails’ defence against t̶h̶e̶ ̶d̶a̶r̶k̶ ̶a̶r̶t̶s̶ CSRF in a Sinatra app I’ve been working on. If I can build something analogous to the real thing, that should help me see any blind spots more easily than just reading about Rails’ implementation, which happens ‘magically’ behind the scenes.


CSRF. If your app has an endpoint that’s listening for form submissions, then by default it can receive a request from anywhere and anybody. …

Alice and Bob are a married couple who live on the Lower East Side of Manhattan. They are deeply in love, though they fight occasionally.

One winter, Bob dies of an unencrypted website connection, and Alice realizes how much he meant to her, as well as how insignificant their arguments and differences were.

This 2007 internet-protocol-based movie, or ‘net flick’ for short, dramatized the under-explored topic of network security for a popular audience.

Tragically, it was overshadowed in the box office by a movie of a similar name, with the same romantic leads. Perhaps this explains why it never achieved…

Software entities should be open for extension but closed for modification.

Here’s a little principle

That’s readily evincible.

You’ll see a sitch quite oft where

An entity in software

Is certainly extensible

How eminently sensible!

But ‘twould be utter libel

To call it modifiable.

In this short post I’ll show how I think about writing algorithms, which is comp-sci-speak for sequences of steps targeted at a task. I’ll use this example of an initially overwhelming task:

As head librarian, so that students can browse more efficiently, I want to arrange the library so that books on similar topics are near to each other. I need to automate the process.

1. Consider a simple case of the problem and solve it yourself, either mentally or on paper.

For example, a simple case of sorting a library is sorting my bedroom bookpile at home onto my shelf.

2. Watch how your own brain goes about solving the problem. You may notice that there are a few competing ways of doing it; choose just one for the moment.

One way to sort a bookpile by topic is to list a few categories of things…

For those who don’t already know (which is most people — I didn’t broadcast it widely), I have some personal tidings of a glad kind.

After investing several years and a postgraduate degree in becoming a professional classical musician — my first attempt to reboot myself after my linguistics undergrad — I am now officially, as of a week ago yesterday, not.

For the next 15 weeks (including four Pre-Course weeks at home, plus one for Christmas) I’m enrolled in Makers coding bootcamp: an intensive, full-time course which should help me to acquire the skills, technical, psychosocial and otherwise, to…

David Mears

This is my programming blog.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store