I turned on Spring Security and my POSTs don’t work anymore

^ that’s what I googled, so that’s the title of the blog post that solves it. When I added spring-boot-starter-security to my dependencies, I expected my whole app to suddenly be behind a login screen. But I expected it to work after logging in. Instead, it failed at the first form submission. And it failed …

Read moreI turned on Spring Security and my POSTs don’t work anymore

What functional programming and secure code have in common

As a programmer, especially a strong-typing functional programmer, I love abstraction. Defining what the program does and expressing that cleanly in code. The code should express little else. Now I’m studying secure code, and it is the opposite. It’s all about what can happen, not what should. So many nitty-gritty details of network protocols, memory …

Read moreWhat functional programming and secure code have in common

Adding custom fields to Honeycomb traces in Rails by writing a Rack middleware

In our Rails app, installing the Honeycomb beeline magically gave us traces of all HTTP requests, with dozens of useful fields like ‘request.path’ and ‘response.status_code’. I really wanted the request verb (GET or POST) and I couldn’t find that. (It’s there, in ‘request.method’, I missed it. But still, it’s useful to know how to a …

Read moreAdding custom fields to Honeycomb traces in Rails by writing a Rack middleware