Hey, I'm Tim and this is my Tech Blog.

Latest 5 Posts

1. CSRF When You Least Expect It.

   Fun with Cross-Site Request Forgery (CSRF) in a creative Web Timing Attack scenario, highlighting the risks inherent to SameSite=None session cookies. Read more.

2. Cross-Origin Resource Sharing For The Web (Extension).

   The second presentation I gave at Dashlane, in March 2021. A short introduction to Cross-Origin Resource Sharing (CORS), covering Origin, Same-Origin Policy, Cross-Site Request Forgery (CSRF), and a CORS twist with a Chrome Web Extension. Read more.

3. Forms handling with React: Giving Up Control.

   The first presentation I gave at Dashlane, in December 2020. A short introduction covering key differences between controlled & uncontrolled inputs, with examples & explainations. Read more.

4. Read “Reflecting on our JavaScript footprint” on Gandi's blog.

   On my last day at Gandi, I published an article reflecting on the relationship between Gandi and JavaScript. Read more.

5. Limiting Asynchronous Operations Concurrency In JavaScript.

   Say one has a list of things, and for every of these things, one needs to perform an asynchronous operation that returns a Promise. How does one limit the number of asynchronous operations being performed concurrently? Without 3rd party dependencies and just a few lines of code? Read more.

See all posts.
Every post is tagged according to the topic it relates to:

• security
• cookies
• CORS
• CSRF
• dashlane
• presentation
• React
• forms
• performance
• JavaScript
• Node.js
• concurrency
• async
• tips & tricks
• extension
• external
• gandi
• tooling
• this-blog
• 11ty