In-between work stuff, I'll be wrestling with Content Security Policies. Yeah, fun... I'm working a lot on my latest hobby project - https://setlist.rocks and as I've started picking up users, I need to focus for a little bit on things I should be doing, instead of just the stuff I want to do. My aim is to go from a B to an A on the Mozilla HTTP Observatory Report and this is the last bit I really need to tackle.
The background (a Ruby on Rails site to help organize bands & musicians) and technical details were covered here: https://lobste.rs/s/jreqtw/returning_rails_2026. Given that I'm much happier and more comfortable with backend dev work, all this CSP stuff has been a bit of a challenge and one hell of a learning curve. Seemed straight-forward in theory to start with, and I vendored most of my dependencies, but hooooo boy. Lots of false positives, browser oddities, Rails defaults and things that I'm used to "just working(tm)" triggering alerts. It's a proper minefield, and an uphill struggle to work through.
That said, I seem to be most of the way there and just need a few more rounds of tweaking and monitoring my Sentry logs before I pull the trigger. Problem is although I've learned a lot, because this is the part of development I find least enjoyable I've been procrastinating a bit and focussing on more fun backend tasks and suggestions from users. Set myself a deadline of the end of the week to have everything in place, we'll see if I actually get there!
I also want to find some time to play with a new 8-bit retro project, as well as practicing bass for my next gig all while trying to juggle home and work life. Not enough hours in the day!