Random Cut Forests
Anomaly detection is a complicated and well-researched area of computer science. With all of the machine learning hype of recent months, I wanted to build something using my favorite programming language, Elixir.
Mitigating Server-Side Request Forgery
Server-Side Request Forgery (SSRF) vulnerabilities allow an attacker to cause a server application to perform an unintended request. When exploited, the server could leak sensitive internal information or perform dangerous actions. Because this vulnerability depends on the capabilities of the server application, the potential impact of an attack can vary.
Webhooks are among the most common features that introduce SSRF vulnerabilities to applications. They combine arbitrary user input (the webhook URL) with the ability to make requests from the backend. It’s important to consider this threat when building and operating webhook systems.
For the purposes of this post, imagine we have a web application that is able to perform outbound requests to a user-configured endpoint.
Adding soft delete to a Phoenix Commanded (CQRS) API
Part two in my series on Elixir’s Commanded library. Part one can be found here.
In the previous post, I converted a vanilla Phoenix API to CQRS with Commanded.
Since the core data model of this application is an append-only (immutable) log, the events can be replayed and the read model can be dramatically changed using existing data.
Implement a soft delete in the API, allowing items to be restored after deletion.
Using CQRS in a simple Phoenix API with Commanded
Despite being a fan of event sourcing and seeing the clear benefits of the approach, I never built anything from scratch. This weekend, I finally decided to break this study cycle and do something practical.