Skip to content

Instantly share code, notes, and snippets.

Filippo Valsorda FiloSottile

Block or report user

Report or block FiloSottile

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile

Event Buffering

Eventually platforms outgrow the single-source-tree model and become distributed systems. A common pattern in these distributed systems is distributed composition via event buffering. Here we motivate and describe this event buffering pattern.

The Problem

FiloSottile / gist:2667279
Created May 12, 2012
Render only an element with PhantomJS
View gist:2667279
page.clipRect = page.evaluate(function() {
return document.getElementById(ELEMENT_ID).getBoundingClientRect();
View glyphicons-halflings

Dear Phiharmonics,

There are a lot of wireless devices in my home and at my workplace and I believe they sometimes interfere with my research. I have some questions about whether your wi-fi energy dots could help me out in harmonizing my living spaces.

1.) What is the effective range of the harmonizing? Do they ever need to be replaced? If so, does more wifi wear them out faster?

2.) Is the harmonizing compatible with all of the IEEE 802.11 wireless standards or only b/g? And Bluetooth?

3.) They look like they're made of copper but you don't specify what, exactly, they are or what's in them. Do they still work if adhered to a conductive surface? Is it okay if they get wet?

FiloSottile / bookmarklet_en
Last active Jan 16, 2016
Krumiro, a bookmarklet to send a message to all your FB friends.
View bookmarklet_en
javascript:(function(){var msg_m_prompt='Insert the message for males. I\'ll replace %name with the recipient name.';var msg_f_prompt='Insert the message for females. I\'ll replace %name with the recipient name.';var throttle_prompt='Insert the pause in milliseconds between a friend and the next.';var exclude_prompt='Insert the list of friends to ignore, comma separated.';var exerror_alert='%s is not in your friends, you might have made a mistake. Do you want to continue?';var time_alert='The script will take %s seconds!';var done='Done!';if(!Array.prototype.indexOf){Array.prototype.indexOf=function(d){if(void 0===this||null===this)throw new TypeError;var c=Object(this),b=c.length>>>0;if(0===b)return-1;var a=0;0<arguments.length&&(a=Number(arguments[1]),a!==a?a=0:0!==a&&(a!==1/0&&a!==-(1/0))&&(a=(0<a||-1)*Math.floor(Math.abs(a))));if(a>=b)return-1;for(a=0<=a?a:Math.max(b-Math.abs(a),0);a<b;a++)if(a in c&&c[a]===d)return a;return-1};}function size(obj){var s=0,key;for(key in obj){if(obj.hasOwnProperty(key))s++
View gist:5760270

Guide to how fucked is SSL?

Thanks to Jacob Kaplan-Moss, Donald Stufft, David Reid, Allen Short, Zain Memon, and Chris Armstrong for review.

This is a guide for technical individuals to understand in what circumstances SSL communications are secure against an observer-in-the-middle (for all intents and purposes: the NSA).

FiloSottile / gist:2352407
Created Apr 10, 2012
Get element by id from HTML document using only HTMLParser
View gist:2352407
import HTMLParser
class IDParser(HTMLParser.HTMLParser):
"""Modified HTMLParser that isolates a tag with the specified id"""
def __init__(self, id): = id
self.result = None
self.started = False
self.depth = {}
self.html = None
FiloSottile /
Last active Nov 20, 2017
Python function to check a RSA signature
# You can `pip install rsa`
import rsa
### Run once, on your dev environment
### Store the private key in a secure place; add the pubkey to your program
(pubkey, privkey) = rsa.newkeys(1024)
cknave /
Created Mar 21, 2015
Camlistore Encryption on S3

Camlistore Encryption on S3

Here's what I found out while setting up Camlistore to sync encrypted blobs to Amazon S3. This works for me, but I'm new to Camlistore so this might not be the best way to do it.

Amazon S3 Config

The encryption handler requires two buckets, one for metadata and one for blobs. In this example, I've created two buckets called my-camlistore-meta and my-camlistore-blob.

jasongill / gist:2523147
Created Apr 29, 2012
WooThemes WooFramework exploit: Execute any shortcode as an unauthenticated visitor
View gist:2523147

Update: WooThemes has now bumped their version number and fixed the update bug so please click "Update Framework" inside of the WordPress Admin to grab and install the latest version which patches this bug. - April 29, 10:40am EST

Update: WooThemes says that this is fixed in their latest patch, released just prior to their sever hack event this week. However, it appears that their server hack also broke the "Update Framework" function in their themes, so the patch isn't reliably available to existing customers. Additionally, their demo server remains unpatched. See my comments below for more details. - April 29, 10am EST

The latest version (and most likely many previous versions) of the WooThemes WooFramework has a bug that allows any website visitor to run and see the output of any shortcode. This gives unauthenticated visitors the same power to execute code on the server as regular publishers have. WordPress installations with unsecured shortcodes (such as [php] which allows raw PHP code to be

You can’t perform that action at this time.