Dev - Notes, Thoughts & Inspiration

Implementing Security Headers with Cloudflare - An Administrator’s Guide

Browser-enforced security headers remain a critical layer of defence, even when application and server hardening are in place. HTTP security headers mitigate common client-side risks such as clickjacking, referrer leakage, MIME sniffing, and excessive browser feature access. Cloudflare enables administrators to apply these controls at…

What Your Browser Isn’t Telling You About URL Redirects - A Practical Safety Guide

Most of us click links without hesitation — in emails, QR codes, adverts, or social posts. What you rarely see is the path your browser takes before it reaches the final page. A single click can travel through several domains, each one collecting information or…

The S3 Cache-Control Trap - Why Misconfigured CDN Behaviour Quietly Inflates Costs

Many teams rely on S3 and CloudFront to serve static files. When configured correctly, this pairing performs well and scales predictably. Yet a recurring issue appears across deployments: unusually low CloudFront cache hit rates and unexpectedly high S3 request charges, even for sites with mostly…

Implementing User-Controlled Height for Looker Studio Embedded Reports

Looker Studio’s embedded reports present a common challenge: dynamic height adjustment. The official Embed SDK’s withDynamicIFrameHeight() method is sparsely documented and frequently fails to fire events, leaving developers with stubborn scrollbars or truncated content. This guide provides a robust, client-side alternative that empowers end-users to…

The Automation Paradox - Why Slowing Down Is the Fastest Path to AI Success

The executive team had already signed off on the budget: seven figures for a fleet of AI agents that would "transform" their customer onboarding. Twelve months later, they'd automated exactly nothing—except, perhaps, the speed at which they could fail. The problem wasn't the technology; it…

The Immovable Foundation - Why these 6 Pillars of E‑Commerce Haven't Changed in 20 Years (And Never Will)

The tools change daily—AI chatbots, TikTok Shop, cryptocurrency payments—yet the foundations beneath every successful online business have barely shifted since Amazon sold its first book in 1995. This paradox confuses new entrepreneurs and seduces established brands into chasing shiny distractions. The visual that sparked this…

Why OKLCH Is Changing How We See the Web

Why Are We Still Talking About Colour? For years, web developers have defined colour using systems built for machines, not people. When we write #4A90E2 or rgb(255, 0, 0), we’re describing how a display produces colour — not how a human perceives it. As digital…

Why Robots.txt, Sitemap.xml and llms.txt All Matter for Your Site

Understanding the language of crawlers Your website speaks many languages. Search engines, AI models, and content scrapers all “listen” differently. If you don’t provide clear signals, they might misinterpret — or miss — your content entirely. This article explores three files that guide this invisible…