Donald's Bacon Bytes

bytes of information as tasty as bacon

Lunchmeat Tacos

Topic: Cooking |


Looking for something a little more paleo, I made what I call lunchmeat tacos. Not sure if this is totally paleo, but it is close.

Take a slice (or 2) of lunch meat, add on some cabbage to give it some crunch, then some avocado and finally a little “secret sauce” to spice things up.

I made the sauce by combining vegenaise, coconut aminos (similar to soy sauce) and sriracha. The amounts of each of these can be tweaked depending on your desired level of spicy.

These turned out pretty tastey. I’ll be making them again for sure.


Mini Bacon Fatty

Topic: Cooking | Tags:


Mini Bacon Fatty

If you like bacon, you have probably heard of the bacon fatty. Sometimes call the bacon explosion, bacon bomb or other such names. It is basically a bacon weave wrapped around sausage which is stuffed with something in the middle and then bbq’d or smoked.

I wanted to experiment with that concept but make something a little smaller. Something a little less complicated and maybe even easier to eat. Someone probably has already done this but I haven’t.

I started out by slicing up mushrooms and onions and threw them in a pan with olive oil to start browning. I kicked it up a notch by adding some salt, garlic and balsamic vinegar. I let all that saute that until it browned and the balsamic started sticking. While that was cooking, I shredded some carrots and set them aside for later.

Now that my filling was ready to go, it was time t
o get the sausage ready. I took 1 pound of sausage, divided it into 9 chunks and then flattened them all out so that the filling could go right on top.

After the filling was done and the sausage was lined up, I proceeded to put the mushroom mixture into the middle of each sausage patty along with some of the shredded carrots. I didn’t cook the carrots because I wanted a little bit of crunch and texture in the middle of this thing.

After that was assembled, I rolled up the sausage with the filling hidden away inside. I ended up having too much filling in most of them and had to take some out as I tried to roll them up.

Once rolled up I wrapped each one with a slice of bacon. The bacon I used was a sweeter bacon that had a pepper crust. It was from one of my homemade batches that I cold smoked and I knew this would add some extra smokey flavor (note, 2 pieces were from my jalapeno cilantro batch of bacon which is why you’ll see some green tinge to those pieces in the pictures). Sprinkle on some seasoning and you are ready to smoke your fatty.

I smoked these bad boys at 250° for around 60 minutes.

After letting them rest for a few minutes I tore right into one. OMG, these things are out amazing!


Cooked Filling

  • Mushrooms
  • Onions
  • Garlic
  • Balsamic
  • Salt

Uncooked Filling

  • Shredded Carrots

The Rest

  • 1 # sausage dived into 9 patties
  • 9 slices of bacon
  • Some kind of bbq rub (I used a rub that I normally use for pulled pork that is based on one called Memphis Dust)


  • Smoke at 250° for about 60 minutes



Bacon S’mores

Topic: Cooking | Tags:


We had some friends over for dinner last Saturday and decided to make s’mores out back for dessert. After making a few I started thinking “I wonder how this would taste with bacon?” Not if it would be good, but how good it would be. I mentioned it to my friend sitting next to me and he got excited about the idea. So, I ran into the house with my marshmallow stick, grabbed a piece of bacon, weaved it onto the stick and went back outside to cook it over the fire. If you are going to do this, you gotta cook the bacon over the fire also!


Bacon S'mores

Bacon S’mores

Half Marathon

Topic: Fitness | Tags: ,


Exactly 1 year after struggling through a 5k I made it through a half marathon! I ran the Eugene 5k race last year in 32:55 for a pace of 10:36 per mile. That was a pretty good pace considering I had just started running 2 months before that and could barely go a couple minutes without stopping when I had started running. One year later I was able to complete the half marathon in 2:18:23 for a pace of 10:34 per mile. I had beaten my 5k pace and ran over 4 times further!

What now? Run a full marathon? Hang up my running shoes? Not really sure. It took a lot of time to train for this. Some weeks I was running over 25 miles a week and it was hard to get that many miles done. For a marathon, that isn’t very much. It would be cool to have a marathon under my belt but the time commitment for training is a bit of a hurdle. For now though I am going to scale done the running and hit the weight room.

donald at hayward


Topic: Development | Tags:


At work we recently went through a security audit on our application. Even though our application is behind a firewall, internal only and requires authentication, we still needed to make sure our application was protected. One of the things that came up has to do with being vulnerable to XSS. There are currently 2 places in the application that allows a user to create, save and view HTML. If an attacker got into a user’s computer, they could then post some HTML on this application and when another user ran the page with this HTML, that other user could get infected.

As a side note (which is relevant when talking code below), this application is built upon .Net and using C#.

We couldn’t just take away the ability to post HTML either. This was a widely used feature. We could do a search for a <script> tag but there are different variations and attributes someone could use to try and get it past our search and we could miss something. Besides the script tag, someone could post a link to a website that would infect a user and we can not block links either. So, what can you do about this? Here are the first ideas that I had come up with:

  1. Not allow HTML
  2. Use something like Markdown and convert that to allowed HTML
  3. Parse the HTML and compare against a whitelist

Like I said, #1 was not an option for us. We could do #2 but with a lot of our users not being very technical, this would make it difficult for them to use. We could do #2 and provide some kind of wysiwyg editor. This is probably a good option but we also wanted to give the people who knew HTML the ability to write HTML and not have to learn a new markup language. So, we opted for #3.

When I started researching this I came across something from called the AntiXssLibrary. Everythign I read suggested this was exactly what I was looking for. There was a function called GetSafeHtmlFragement which promised to do a lot of what I wanted. After playing around with this library I noticed that it wasn’t doing what it should. I thought I was doing something wrong so I kept trying different things.

Frustrated, I turned to the web some more. After further research, it turns out that Microsoft broke the functionality contained in that method and no word on when (or if) it would be fixed.

The next idea was to use the Encode method of HttpUtility and then replace the encoded values of allowed tags with the actual tag. So, something like this:

string encodedHtml = HttpUtility.Encode(htmlText);

StringBuilder sb = new StringBuilder(encodedHtml);



And so on. I liked this idea because it meant I was only allowing a whitelist set of HTML tags. As I started down this path some more, it got rather complicated. What about attributes? What about bad code inside of attributes? Well, maybe regular expressions could help with that!

My next test code looked like this:

Regex reg = new Regex(“&lt;table\\s(((.+)=&quot;((?:.(?!&quot;(?:\\S+)=|&quot;&gt;))*.?)&quot;)|((.+)=&#39;((?:.(?!&#39;(?:\\S+)=|&#39;&gt;))*.?)&#39;))*(&gt;)?”);

Match m = reg.Match(data);
if (m.Success == true)
string matchVal = m.Value;
string matchValReplaced = matchVal.Substring(4, matchVal.Length – 8);
string decoded = System.Web.HttpUtility.HtmlDecode(matchValReplaced);
data = data.Replace(matchVal, “<” + decoded + “>”);

Again, that seemed to work. I could create multiple regular expressions for the valid tags (or roll it into one expression or something like that). It still seemed rather complicated and like it could be prone to error or could be a hassle to maintain.

Before settling on this solution I wanted to check the web some more. I then came across a blog article  ( by eksith who was in the same boat. They needed to solve the same problem for the same reasons. And they solved it with a lot better code than I hacked together!!

This didn’t require much modifcation for our use. I did modify a few things though. I added a few more ValidHtmlTags to the dictionary as well as some other attributes that were being used by our users. I also still had to solve the issue of not allowing users to link outside of our website. To do that, I created a variable containing a list of strings that were valid strings for the href attribute.

Then I added this (after line 143 of the original code):

if (a.Name == “href”)
a.Value = a.Value.ToLower();
var validCount = ValidBaseUrls.Select(s => a.Value.StartsWith(s)).Where(r => r == true);
if (validCount.Count() <= 0)
a.Value = “#”;

If a user added an anchor tag that linked to somewhere other than our valid list, that href attribute would get replaced with a pound sign.

One of the cool things about this class is that everything other than the allowed HTML tags and attributes will get encoded. That way, when you display them on your page, only allowed tags will get rendered as HTML.