Skip to content

Instantly share code, notes, and snippets.

View HAKASHUN's full-sized avatar
🍊
みかん食べてる

HAKASHUN HAKASHUN

🍊
みかん食べてる
59 followers · 343 following
View GitHub Profile
@samsch
samsch / stop-using-jwts.md
Last active May 17, 2024 18:24
Stop using JWTs

Stop using JWTs!

TLDR: JWTs should not be used for keeping your user logged in. They are not designed for this purpose, they are not secure, and there is a much better tool which is designed for it: regular cookie sessions.

If you've got a bit of time to watch a presentation on it, I highly recommend this talk: https://www.youtube.com/watch?v=pYeekwv3vC4 (Note that other topics are largely skimmed over, such as CSRF protection. You should learn about other topics from other sources. Also note that "valid" usecases for JWTs at the end of the video can also be easily handled by other, better, and more secure tools. Specifically, PASETO.)

A related topic: Don't use localStorage (or sessionStorage) for authentication credentials, including JWT tokens: https://www.rdegges.com/2018/please-stop-using-local-storage/

The reason to avoid JWTs comes down to a couple different points:

  • The JWT specification is specifically designed only for very short-live tokens (~5 minute or less). Sessions
@cobyism
cobyism / gh-pages-deploy.md
Last active May 17, 2024 10:22
Deploy to `gh-pages` from a `dist` folder on the master branch. Useful for use with [yeoman](http://yeoman.io).

Deploying a subfolder to GitHub Pages

Sometimes you want to have a subdirectory on the master branch be the root directory of a repository’s gh-pages branch. This is useful for things like sites developed with Yeoman, or if you have a Jekyll site contained in the master branch alongside the rest of your code.

For the sake of this example, let’s pretend the subfolder containing your site is named dist.

Step 1

Remove the dist directory from the project’s .gitignore file (it’s ignored by default by Yeoman).

@endolith
endolith / Has weird right-to-left characters.txt
Last active May 16, 2024 00:12
Unicode kaomoji smileys emoticons emoji
ּ_בּ
בּ_בּ
טּ_טּ
כּ‗כּ
לּ_לּ
מּ_מּ
סּ_סּ
תּ_תּ
٩(×̯×)۶
٩(̾●̮̮̃̾•̃̾)۶
@bobbygrace
bobbygrace / trello-css-guide.md
Last active May 15, 2024 16:01
Trello CSS Guide

Hello, visitors! If you want an updated version of this styleguide in repo form with tons of real-life examples… check out Trellisheets! https://github.com/trello/trellisheets

Trello CSS Guide

“I perfectly understand our CSS. I never have any issues with cascading rules. I never have to use !important or inline styles. Even though somebody else wrote this bit of CSS, I know exactly how it works and how to extend it. Fixes are easy! I have a hard time breaking our CSS. I know exactly where to put new CSS. We use all of our CSS and it’s pretty small overall. When I delete a template, I know the exact corresponding CSS file and I can delete it all at once. Nothing gets left behind.”

You often hear updog saying stuff like this. Who’s updog? Not much, who is up with you?

@adhithyan15
adhithyan15 / countdown.js
Last active May 10, 2024 09:35
A simple countdown timer in Javascript
/********************************************************************************************************************
Countdown.js is a simple script to add a countdown timer
for your website. Currently it can only do full minutes
and partial minutes aren't supported. This script is a fork of http://jsfiddle.net/HRrYG/ with some
added extensions. Since the original code that I forked was released under Creative Commons by SA license,
I have to release this code under the same license. You can view a live demo of this code at http://jsfiddle.net/JmrQE/2/.
********************************************************************************************************************/
function countdown(minutes) {
var seconds = 60;
var mins = minutes
@FranklinYu
FranklinYu / README.markdown
Last active May 5, 2024 15:24
links for old versions of Docker for Mac (inspired by docker/for-mac#1120)

links for old versions of Docker for Mac

Deprecated

Docker provides download links in release note. They promised that

(we) will also include download links in release notes for future releases.

Note:

@sebz
sebz / grunt-hugo-lunrjs.md
Last active April 29, 2024 16:44
hugo + gruntjs + lunrjs = <3 search
@Gab-km
Gab-km / github-flow.ja.md
Last active April 25, 2024 04:01 — forked from juno/github-flow.ja.md
GitHub Flow (Japanese translation)
@jonschlinkert
jonschlinkert / markdown-cheatsheet.md
Last active April 11, 2024 04:45
A better markdown cheatsheet.
@nicklockwood
nicklockwood / Pattern for Swift Errors.swift
Last active April 8, 2024 14:26
// Swift's untyped errors are a goddam PiTA. Here's the pattern I use to try to work around this.
// The goal is basically to try to guarantee that every throwing function in the app throws an
// ApplicationError instead of some unknown error type. We can't actually enforce this statically
// But by following this convention we can simplify error handling
enum ApplicationError: Error, CustomStringConvertible {
// These are application-specific errors that may need special treatment
case specificError1
case specificError2(SomeType)