Lightnews — Scholar-powered news

Jamie Taylor

@gaprogman.com

150 followers 150 following 790 posts

Posts Media Videos Starter Packs

Pinned

Jamie Taylor @gaprogman.com · Jan 2

By way of a sort of introduction:

- I host The Modern .NET Show (dotnetcore.show)
- I also host Waffling Taylors (wafflingtaylors.rocks)
- I run a company (rjj-software.co.uk)
- I do open source things, including OwaspHeaders.Core (www.nuget.org/packages/Owa...)

Jamie Taylor @gaprogman.com · 3h

Send your thoughts in now.
And if you don't listen to The Reto Wildlands, then you really should.

The Retro Wildlands @retrowildlands.bsky.social · 4h

Want to interact with our next #podcast episode!? Coming soon, I'm counting down my #Top10 Favorite Spooky Video games!

Let me know what #spookygame is your favorite (and why!) and I'll read and respond to your comment on the show! Comment soon, I'm hoping to have the show recorded in a few days!

Jamie Taylor @gaprogman.com · 4h

Definitely the RE 2 remake. For me, it has an almost lifelike horror (especially with the graphical leap since the original)
Another is an old favourite of mine: Shadow Man. But either the Dreamcast or PC versions. They have a psychological level of horror.

Jamie Taylor @gaprogman.com · 14h

The inclusion of the screenshot from the NES game is the chef's kiss.

Jamie Taylor @gaprogman.com · 1d

𝗣𝗼𝘀𝘁 𝟰: Open source advantage: Knowledge compounds across ecosystem. Issues found by one team benefit all. Read more: rjj-software.co.uk/news/owasphe...

Jamie Taylor @gaprogman.com · 1d

𝗣𝗼𝘀𝘁 𝟯: Community-driven evolution: Features come from real-world security requirements, not feature checklists. We add headers because they solve actual problems teams face, like client-side data persistence.

1 1

Jamie Taylor @gaprogman.com · 1d

𝗣𝗼𝘀𝘁 𝟮: Philosophy: Security shouldn't be hard. The barrier between wanting to be secure and actually being secure should be minimal. One package, simple builder pattern, comprehensive protection.

Jamie Taylor @gaprogman.com · 1d

𝗣𝗼𝘀𝘁 𝟭: 📊 1.4 million NuGet downloads = thousands of apps & millions of users protected. OwaspHeaders.Core 9.9 continues the mission: make security best practices accessible without deep expertise.

Reposted by Jamie Taylor

Bruce Dawson @randomascii.bsky.social · 2d

New blog post:
In 2021 I found an invisible memory leak in a tool (VS Code) that I have never used. Impossible? Easy:
randomascii.wordpress.com/2025/10/09/f...

Finding a VS Code Memory Leak

In 2021 I found a huge memory leak in VS code, totalling around 64 GB when I first saw it, but with no actual limit on how high it could go. I found this leak despite two obstacles that should have…

randomascii.wordpress.com

1 15 50

Jamie Taylor @gaprogman.com · 1d

S08E03 - Designing APIs Like a Pro: Lessons from Jerry Nixon on Data API Builder and Beyond

Listen to industry expert Jerry Nixon share his insights on designing APIs and the benefits of using Data API Builder. From standards-compliant solutions to saving engineering costs, Jerry covers it all in

S08E03 - Designing APIs Like a Pro: Lessons from Jerry Nixon on Data API Builder and Beyond

Listen to industry expert Jerry Nixon share his insights on designing APIs and the benefits of using Data API Builder. From standards-compliant solutions to saving engineering costs, Jerry covers it all in this informative conversation with Jamie. Learn how to simplify your API development process and get started with Data API Builder today.

dotnetcore.show

Jamie Taylor @gaprogman.com · 2d

𝗣𝗼𝘀𝘁 𝟰: Real scenarios: Enhanced logout security. Privilege changes. Security incident response. Full details: rjj-software.co.uk/news/owasphe... ⚡

Jamie Taylor @gaprogman.com · 2d

𝗣𝗼𝘀𝘁 𝟯: Intentionally opt-in design. Not in default config because it's potentially disruptive. Developers should make conscious decisions about when/where to apply clearing based on security needs.

Jamie Taylor @gaprogman.com · 2d

𝗣𝗼𝘀𝘁 𝟮: Clear-Site-Data header provides browser-enforced clearing. Not a suggestion - a directive browsers must respect. Version 9.9 brings this to OwaspHeaders.Core with developer-friendly config.

Jamie Taylor @gaprogman.com · 2d

𝗣𝗼𝘀𝘁 𝟭: 💡 Client-side data persistence is an overlooked security vector. Server terminates sessions, but browsers retain cached responses, cookies, local storage. That's a problem in shared environments.

Jamie Taylor @gaprogman.com · 2d

I'm going, are you?

Umbraco Manchester @umbmanchester.bsky.social · 5d

🐝 Full lineup for Umbraco In The City: Manchester is live!

AI, accessibility, uSync, empathy, chaos, compassion — and v17!
This is a Umbraco day with heart 💛

🗓 Fri 7 Nov
📍 x+why Manchester
🎟 £50 (+VAT)
⚠️ Less than 20 tickets left!

👉 umbracointhe.city
#Umbraco #ManchesterTech #WebDev

Jamie Taylor @gaprogman.com · 3d

𝗣𝗼𝘀𝘁 𝟰: Production-ready: <1ms overhead. Fully backward compatible. Only activates when configured. Details: rjj-software.co.uk/news/owasphe... 🛡️

Jamie Taylor @gaprogman.com · 3d

𝗣𝗼𝘀𝘁 𝟯: Why it matters: Traditional session management can't fully resolve client-side security concerns. Even with perfect server-side handling, cached data persists. Clear-Site-Data solves this gap.

Jamie Taylor @gaprogman.com · 3d

𝗣𝗼𝘀𝘁 𝟮: Simple implementation: .AddClearSiteDataPath("/logout",
ClearSiteDataOptions.wildcard) - one line for enhanced logout security. Instructs
browsers to clear all cache, cookies, and storage.

Jamie Taylor @gaprogman.com · 3d

𝗣𝗼𝘀𝘁 𝟭: 🔒 OwaspHeaders.Core 9.9 is live! New Clear-Site-Data header support gives developers fine-grained control over client-side data clearing. Critical for logout security & preventing session hijacking. 1.4M downloads strong!