A 'Content Security Policy' in an important piece of the security puzzle. Especially when there is user-generated content. Which, is basically at the center of Events In Plain Sight. Last week was all about getting this layer in place.
Not much else happened code wise. But this feature was important so worth the dedicated time. If you are curious about the steps, they were documented over at the parent blog 'CSP, Recaptcha, Laravel Debugbar and other 'fun''.
Ironically, in proofreading this post it became clear that the blog library it was rendered with also has CSP issues. Ain't security fuuuun?! I didn't need that 25 minutes....