Skip to main content

Matt Osbun

Member since May 31, 2011

Recent Blog Comments By Matt Osbun

  • Securing ColdFusion Scheduled Tasks In A Docker Container Using Lucee CFML

    Posted on Nov 2, 2021 at 7:38 AM

    @Ben, Problem is, something that is unencrypted can be easily read. Something that's internal-only reduces your attack surface but it's worth pointing out that two of the three biggest exploits I've had to help clean up were inside jobs. A config file with secrets in it gets checked in to ... read more »

  • Securing ColdFusion Scheduled Tasks In A Docker Container Using Lucee CFML

    Posted on Nov 1, 2021 at 10:32 AM

    How's that environment variable stored? If it's just being read from a text-based config file (possibly stored in source control?) then you're really not solving the problem you have with hard coding the password in the application. Is the storage mechanism encrypted? Also, is your transport... read more »

  • SQL Queries That Look The Same Are Not Violating The DRY Principle

    Posted on Jun 18, 2019 at 12:42 PM

    DRY, YAGNI, Rule of Three, and certain statements made by a certain Algorithms professor at Stanford often get taken out of context. And worse, as hard and fast rules to which we must adhere at all costs. I was just talking about this to a group of developers. I had given them a code challen... read more »

  • Singleton vs. Single Instance And A Decade Of Unnecessary Guilt

    Posted on Nov 28, 2017 at 10:04 AM

    Here's the thing. ColdFusion, at least at the time I stopped using it, couldn't have a Singleton, or an Interface for that matter. But that's a different matter. Point is, since you couldn't have a static class, there was nothing to prevent a second instantiation of that class. However, all that i... read more »

  • Exceptions Are For Exceptional Circumstances And Thoughts On Cross-Layer Coupling

    Posted on May 19, 2017 at 9:50 AM

    Exceptions are pretty subjective, but my take on the code here is that the throw is in the wrong place. Your repository assumes that the non-existence of an object is an application-stopping event. But why should it? It was asked to find something, that thing wasn't there, so the repository communic... read more »

  • Using The INSERT INTO ... SET Syntax In MySQL

    Posted on Sep 21, 2015 at 8:38 AM

    Ben- Something might be up with your comment subscription. I didn't get an update to any of this. And @@Identity is a SQL Server thing, but you can replicate it in other DBMSs, I'm sure. It's just a handle to the last autoincrementing Identity value added to a table. Assuming you use auto-increme... read more »

  • Using The INSERT INTO ... SET Syntax In MySQL

    Posted on Sep 17, 2015 at 10:11 AM

    I'll go you one better: INSERT INTO friend OUTPUT @@Identity SET name = 'Kim', isBFF = true, updatedAt = UTC_TIMESTAMP() ;... read more »

  • Thought Experiment: No Private Methods In Object Oriented Design

    Posted on Jun 11, 2015 at 8:59 AM

    Private methods are for functionality that relate only to that class. This is not the purpose of the Strategy Pattern- which is what Mertz is recommending. Encapsulating functionality into its own class is done for reusability across non-inherited classes, which is the exact opposite purpose of priv... read more »

  • The 8th Annual Regular Expression Day - June 1st, 2015

    Posted on Jun 1, 2015 at 10:13 AM

    Hope the link to the pic isn't important. I had to trim some of the text to fit it into a Tweet.... read more »

  • How To Store Arbitrary And Transient Attributes With Your User Data

    Posted on Jan 15, 2014 at 10:37 AM

    I'm fine with the "Hash" approach. Fine enough that I've taken this approach a few times. If you view that JSON value as a discrete value, rather than as a set of data points, then it really doesn't violate relational normalization rules. Yes- whichever method you use, there are compromis... read more »

  • The User Experience (UX) Of Manually Sorting Data

    Posted on Sep 20, 2013 at 8:48 AM

    As a User Experience (UX) designer, it's my job to examine that user-pain, trace it back to its source, and then solve the problem that the user is actually having, which is rarely a need to manually sort data. This sentence should be in red 72 pt. font. Possibly blinking. Although, I liked the b... read more »

  • The User Experience (UX) Of Pausing Automatic Investments At The Vanguard Group

    Posted on Aug 16, 2013 at 11:16 AM

    @Ben That's kind of the difference between our worlds. UX has to focus on user value. I have to focus on value to the business. Which sometimes includes adding value to the user- after all, if you're not adding value for the user, the user won't add value to your business. A subtlety that needs poi... read more »

  • The User Experience (UX) Of Pausing Automatic Investments At The Vanguard Group

    Posted on Aug 16, 2013 at 10:06 AM

    It's easy to accidentally mistake a solution for a problem. In fact, it often seems so reasonable that you don't notice it happened until you start implementation and realize that something has gone wrong. This came up recently with something as simple as search. The discussion started with "W... read more »

  • The User Experience (UX) Of Rating Things

    Posted on Aug 14, 2013 at 12:49 PM

    Not only do ratings systems attempt to hammer the unquantifiable into a simple statistical model, but we've turned them into the biggest selection bias error since "Dewey Defeats Truman". The question isn't "How do we make ranking systems better", it's "Why haven't we scrap... read more »

  • The Anatomy Of An INNER JOIN Query In SQL

    Posted on Aug 2, 2013 at 11:39 AM

    "But, ultimately it's irrelevant because it misses the point - when you don't think about how your data is being used, you'll become complacent in how your data is being structured." Brilliant! Even if you skip the rest of the post, read this line several times.... read more »

  • Testing IMG Complete With No SRC Attribute

    Posted on Jul 12, 2013 at 11:23 AM

    In a phrase I use rarely and with great caution, I tend to agree with IE on this one. When it comes to IMG DOM (Document Object Model) nodes, you can programmatically test to see if an image has loaded by examining its "complete" property. If the image cannot load because of an invalid... read more »

  • Learning About Test-Driven Development (TDD) Using Tiny Test

    Posted on Jun 11, 2013 at 8:49 AM

    @David "but writing a test that validates that a function works and passes in a query that does pass doesn't necessarily mean it'd pass if you used a different query as the argument" A unit test makes sure that a method behaves consistently given consistent context. In this case, if you ... read more »

  • A Sub-Class Should Not Access Private Variables In Its Super-Class

    Posted on Jun 7, 2013 at 9:13 PM

    Does ColdFusion have the concept of a protected method yet? I remember you could restrict a method's access to package-level, but not protected. I also stopped using CF a long time ago. Anyway, no- a child object shouldn't be able to access any private method/property in the parent. Public, protec... read more »

  • Writing My First Unit Tests With Jasmine And RequireJS

    Posted on Jul 6, 2012 at 4:31 PM

    @Ben, That's how Rhino Mocks works. It also keeps track of how many times something runs, such as in my project where I populate a Queue from the database, process the items, dequeueing them add they're handled, and them check for more records in the database. The method that retrieves records runs... read more »

  • Writing My First Unit Tests With Jasmine And RequireJS

    Posted on Jul 6, 2012 at 4:22 PM

    That's supposed to read "even to the point...". Stupid autocorrect.... read more »

I believe in love. I believe in compassion. I believe in human rights. I believe that we can afford to give more of these gifts to the world around us because it costs us nothing to be decent and kind and understanding. And, I want you to know that when you land on this site, you are accepted for who you are, no matter how you identify, what truths you live, or whatever kind of goofy shit makes you feel alive! Rock on with your bad self!
Ben Nadel