![](https://lemmy.world/pictrs/image/189c4267-7b10-4147-a98a-e782efec7af1.png)
![](https://lemmy.world/pictrs/image/8286e071-7449-4413-a084-1eb5242e2cf4.png)
To me on the security side of things caddy has a feature I have yet to see anywhere else: default reverse proxy headers.
Got something you want to lock down remote js loading on unless it explicitly requests an override? Default the variable to a locked value. The application can override it with it’s own header as necessary.
Bash, just because everything else already uses it. That and bashisms have infected nearly all of my scripts as I clumsily bump into the limitations of POSIX string manipulation.
I have found some very fun things with sed branching patterns as a result of these limitations though…
https://www.gnu.org/software/sed/manual/html_node/Branching-and-flow-control.html