This tutorial uses the "Sample hapi.js REST API" project.
Take a look at: https://github.com/agendor/sample-hapi-rest-api/
##Topics
- Introduction
- Installing Node.js
- Installing MySQL
- Setting-up the project
# The blog post that started it all: https://neocities.org/blog/the-fcc-is-now-rate-limited | |
# | |
# Current known FCC address ranges: | |
# https://news.ycombinator.com/item?id=7716915 | |
# | |
# Confirm/locate FCC IP ranges with this: http://whois.arin.net/rest/net/NET-165-135-0-0-1/pft | |
# | |
# In your nginx.conf: | |
location / { |
#!/usr/bin/env python2 | |
""" | |
Author: takeshix <takeshix@adversec.com> | |
PoC code for CVE-2014-0160. Original PoC by Jared Stafford (jspenguin@jspenguin.org). | |
Supportes all versions of TLS and has STARTTLS support for SMTP,POP3,IMAP,FTP and XMPP. | |
""" | |
import sys,struct,socket | |
from argparse import ArgumentParser |
This tutorial uses the "Sample hapi.js REST API" project.
Take a look at: https://github.com/agendor/sample-hapi-rest-api/
##Topics
The attack detailed below has stopped (for the time being) and almost all network access for almost all customers have been restored. We're keeping this post and the timeline intact for posterity. Unless the attack resumes, we'll post a complete postmortem within 48 hours (so before Wednesday, March 26 at 11:00am central time).
Criminals have laid siege to our networks using what's called a distributed denial-of-service attack (DDoS) starting at 8:46 central time, March 24 2014. The goal is to make Basecamp, and the rest of our services, unavailable by flooding the network with bogus requests, so nothing legitimate can come through. This attack was launched together with a blackmail attempt that sought to have us pay to avoid this assault.
Note that this attack targets the network link between our servers and the internet. All the data is safe and sound, but nobody is able to get to it as long as the attack is being successfully executed. This is like a bunch of people
Most developers would agree that, all other things being equal, a synchronous program is easier to work with than an asynchronous one. The logic for this is pretty clear: one flow of execution is easier for the human mind to simulate than n
concurrent flows.
After doing two small projects in node.js (one of which is here -- ready for the blinding flurry of criticism), there's one question that I can't shake: if asynchronicity is an optimization (that is, a complexity introduced for the sake of performance), why would people, a priori, turn to a framework that imposes it for everything? If asynchronous code is harder to reason about, why would we elect to live in a world where it is the default?
It could be argued pretty well that the browser is a domain that inherently lends itself to an async model, but I'd be very curious to hear a defense of "async-first" thinking for problems that are typically solved on the server-side. When working with node, I've noticed
curl -H 'Authorization: token INSERTACCESSTOKENHERE' -H 'Accept: application/vnd.github.v3.raw' -O -L https://api.github.com/repos/owner/repo/contents/path |
#! /usr/bin/env python2 | |
# Requires: PIL, colormath | |
# | |
# Improved algorithm now automatically crops the image and uses much | |
# better color matching | |
from PIL import Image, ImageChops | |
from colormath.color_conversions import convert_color | |
from colormath.color_objects import LabColor | |
from colormath.color_objects import sRGBColor as RGBColor |
var Sequelize = require('sequelize'); | |
module.exports = function(config) { | |
var models = {}; | |
sequelize = new Sequelize(config.database, config.username, config.password, config.options); | |
// Bootstrap models | |
fs.readdirSync(__dirname).forEach(function (file) { |
When the directory structure of your Node.js application (not library!) has some depth, you end up with a lot of annoying relative paths in your require calls like:
const Article = require('../../../../app/models/article');
Those suck for maintenance and they're ugly.