Tes Engineering Blog

Musings of the Tes Engineering Team

BlogHow we workMeet the TeamOpen rolesWork with us
  1. HSTS supercookies

    15 December, 2020

    Did you know that the HTTP Strict Transport Security (HSTS) policy enabled a form of supercookie? I didn't, until recently. So I decided to dig into it a bit more to really understand what's what. HSTS - security vs privacy HSTS was invented to protect users against downgrade hacking attacks like SSL stripping. It's meant to help keep users safe. However, an unintended side-effect is that it can…

    • security
  2. JavaScript Security 101

    07 December, 2020

    I recently completed the JavaScript Security: Best Practices course by Marcin Hoppe and wanted to share some key practical take aways I learnt on how to write more secure JavaScript. As well as reading this blog, I'd also highly recommend completing the course. It's short and sweet and hands on! JavaScript Threat Environments It's worth noting that there are two different threat environments…

  3. Remote Team Building

    30 November, 2020

    Inspirations I joined Tes in October as Principal Engineer. In the same week I joined, my new team gained another new member. Some introductory meeting with our new team was expected sooner rather than later. Fortunately, a useful idea for how we approach this popped-up in one of the company's Slack channels, where Dan Abel mentioned an article about building empathy in teams by Emily Webber…

  4. Asynchronous JavaScript

    23 November, 2020

    Here is a short recap of some fundamentals of using asynchronous JavaScript with some practical examples. Why do I need to use asynchronous code again? JavaScript by its nature is synchronous. Each line is executed in the order it appears in the code. It’s also single threaded, it can only execute one command at a time. If we have an operation that takes some time to complete, we are effectively…

© Tes Engineering Team2021| All rights reserved
Follow @tes_engineering