James Galley Software engineer - SaaS, AI automation & business operations

Writing

Notes and articles on business operations, systems integration, agentic AI, and where they meet.

Digital transformation in the AI era

Agentic AI is the next chapter of digital transformation, and the businesses that already digitised and connected their operations are the ones positioned to benefit. A worked example from Si Novi's own books.

Agentic AI • Business operations • Integration

AI automation for business: where it fits, and where it doesn't

AI can automate the judgement-heavy middle of your operations - reading messy inputs, routine decisions, exceptions - but only once your systems are connected. A practical guide to what works, what doesn't, and how to start.

Agentic AI • Business operations • Automation

What happens when the phone locks?

A support chat that asks you to keep your phone awake is a sign the architecture has pushed its problem onto the customer. On designing mobile web sessions that survive interruption.

User experience • Mobile • Architecture

Permissions-Policy HTTP header

How the Permissions-Policy header controls access to browser features like camera, microphone and geolocation, its syntax, and how to set it in Apache and PHP.

Security

Referrer-Policy HTTP header

How the Referrer-Policy header controls what URL information is shared with other sites, the values available, and how to set a sensible default in Apache and PHP.

Security

Common aws s3 sync examples

Handy aws s3 sync command examples for uploading, downloading, mirroring with --delete, filtering, cache headers and dry runs, from deploying static sites to S3.

AWS • Command line

Common aws s3 cp examples

Handy aws s3 cp command examples for copying single files and directories to and from Amazon S3, including recursive copies, content type and cache headers, and streaming with stdin and stdout.

AWS • Command line

X-Content-Type-Options HTTP header

What the X-Content-Type-Options nosniff header does, why MIME-type sniffing is a risk, and how to set it in Apache, PHP and on AWS CloudFront.

Security

Content-Security-Policy HTTP header

How the Content-Security-Policy header controls which resources a page can load, its key directives, report-only mode, and how to set it in Apache, PHP and AWS CloudFront.

Security

Strict-Transport-Security HTTP header

How to implement HSTS to enforce HTTPS connections and improve web application security across different platforms.

Security • HTTP headers

X-Frame-Options HTTP header

Preventing clickjacking by configuring the X-Frame-Options header across various web frameworks and servers.

Security • HTTP headers

Converting Yii 1 models to Yii 2

A technical guide to migrating Yii 1 models to Yii 2, covering namespaces, validation rules, relations, and search methods.

PHP • Yii

Digital transformation

Digitising business processes with web applications, integrations and the cloud to save money, reduce duplication and improve efficiency.

Business operations • Automation • Integration

When the interface is the hazard

The US Navy tore the touchscreen controls out of its destroyers and went back to physical throttles after the USS John S McCain collision. What that says about complexity, human error and designing software people can actually use.

Human-machine interaction • Human error • Software design

Integrating web applications with Xero

Using the Xero API to integrate your back-office and operations software, generating invoices and bills automatically.

Integration • Business operations • APIs