Skip to content


Setting up a Zimbra authenticated proxy

On March 18th, Synacor posted about a critical Zimbra security vulnerability (CVE 2019 9670), which was quick to be exploited in the wild, and subsequently evolved to be harder to erradicate. Read More »

How to test

I haven't got much experience when it comes to testing web applications. Instead (and more so out of apathy than belief), I've always adhered to the ad-hoc test approach. However, the usage of pure Posgres unit tests back when I worked on a complicated investment database with Halfgaar did teach me the advantages of test-driven development. Read More »

Safari: don’t give gzipped content a .gz extension

Yesterday, while helping Caloe with the website for her company De Buitenkok, I came across the mother of all stupid bugs in Safari. Me having recently announced, I loaded it up in Apple's hipster browser only to notice that the CSS wasn't loaded. Oops! Read More »

Atom and REST

There's is an interesting discussion about when (not) to use the Atom protocol for your REST API. Read More »

XMLHttpRequest caching behaviour

I was suprised to learn that the caching mechanism in the web browser often behaves differently for AJAX requests than it does for regular HTTP requests. Someone has created a set of functional tests to analyze differences in browser behaviour.

Read More »

Stichting EcoSafe is a Dutch foundation for the safe-keeping of the funds that are necessary for the maintenance of hardwood plantations. In July of 2006, together with Johan Ockels, I created a website for the Foundation. Johan was responsible for the organization of the whole process. This went very smooth and the website ended up being an emblem of simplicity and clarity. That's why I wanted to blog a bit about it now, even though there are a few things that I'd probably end up doing different if I were to start from scratch. [There's actually a disturbing number of things for which this is true, I'm coming to notice.] Read More »

Separate development/production environments for WordPress

When you're out Googling on how to maintain a separate development environment for a WordPress installation, you will only stumble across information about how to install all kinds of WAMPP packages. Well, I don't care about WAMP (or WAMPP). I want to be able to edit my theme, change my plugins, mess with my database locally and then deploy my changes when they're ready and well-tested (as if I ever...) Read More »

Native PostgreSQL authentication in Rails with rails-psql-auth

A while ago, I wrote a PostgreSQL auth plugin for Rails. The plugin basically defers all authentication and authorization worries to the database layer where they are supposed to be taken care of anyway. Read More »

Apache’s ForceType directive overrides AddCharset directives

Yesterday, after uploading a refreshed, some character encoding issues popped up because I had converted the website's content from ISO-8859-1 (Latin 1) to UTF-8. (I wanted to be able to type and paste special characters from PuTTY into VIM without worrying about the particular encoding of each file.) Read More »