Skip to content

Instantly share code, notes, and snippets.

View MkLHX's full-sized avatar
🤓
Focusing

Mickael Lehoux MkLHX

🤓
Focusing
10 followers · 19 following
View GitHub Profile
@thibaut-decherit
thibaut-decherit / Symfony - Serve Private File.md
Created February 20, 2020 17:21
Symfony - Serve Private File

Symfony - Serve Private File

Following example demonstrates how to:

  • display a private file download prompt to the user (here for a PDF file)
  • serve a private image or PDF which will be displayed on a webpage

See https://symfony.com/doc/4.4/components/http_foundation.html#serving-files

Host these files in a directory outside of /public, so they can be accessed only through the controller and its @Security() authorization. For example you could create a /private-uploads directory at the root of your project.

@thibaut-decherit
thibaut-decherit / Symfony - Response Header Setter (static, CSP and response authenticity).md
Last active November 17, 2023 20:18
Symfony - Response Header Setter (static, CSP and response authenticity)

Features

  • Event listener triggered on each response through onKernelResponse() method
  • Adds custom headers to the response
  • Support for "static" headers specified in config/response_header_setter/response_headers.yaml
    • Currently includes security / privacy related headers:
      • Cross-Origin-Opener-Policy
      • Cross-Origin-Resource-Policy
      • Referrer-Policy
  • Strict-Transport-Security (remember to register the domain on https://hstspreload.org/ or preload will not work)
@thibaut-decherit
thibaut-decherit / Symfony - Twig to JavaScript Data Passing.md
Last active March 1, 2024 23:47
Symfony - Twig to JavaScript Data Passing

Symfony - Twig to JavaScript Data Passing

See https://symfony.com/doc/current/frontend/encore/server-data.html for context.

Requirements

Twig filter to merge arrays with array_merge_recursive() instead of array_merge(). Required to prevent Twig merge filter from overwritting twig_to_js_global_data string keys if extra_data has identical keys (e.g. both have a translations key).

Basic setup

Add this to your _base.html.twig, probably just before {% block javascripts %}

@thibaut-decherit
thibaut-decherit / Symfony - Password rehash on authentication if auto encoder settings changed & legacy password hashes migration.md
Last active August 24, 2023 09:13
Symfony - Password rehash on authentication if auto encoder settings changed & legacy password hashes migration

Disclaimer

Password rehash on login if needed is natively handled by Symfony since 4.4. See https://symfony.com/blog/new-in-symfony-4-4-password-migrations.

The legacy password hashes migration part might still be of use though, but beware of password shucking: If the legacy hash is not salted and is present in data breaches from other platforms, overhashing might have little to no effect.

Password rehash on authentication if auto encoder settings changed

config/packages/security.yaml

security:
@lukicdarkoo
lukicdarkoo / configure.sh
Last active November 22, 2023 04:37
Raspberry Pi: AP + client mode
#!/bin/sh
# The script configures simultaneous AP and Managed Mode Wifi on Raspberry Pi Zero W (should also work on Raspberry Pi 3)
# Usage: curl https://gist.githubusercontent.com/lukicdarkoo/6b92d182d37d0a10400060d8344f86e4/raw | sh -s WifiSSID WifiPass APSSID APPass
# Licence: GPLv3
# Author: Darko Lukic <lukicdarkoo@gmail.com>
# Special thanks to: https://albeec13.github.io/2017/09/26/raspberry-pi-zero-w-simultaneous-ap-and-managed-mode-wifi/
MAC_ADDRESS="$(cat /sys/class/net/wlan0/address)"
CLIENT_SSID="${1}"
CLIENT_PASSPHRASE="${2}"
@heiswayi
heiswayi / repo-reset.md
Created February 5, 2017 01:32
GitHub - Delete commits history with git commands

First Method

Deleting the .git folder may cause problems in our git repository. If we want to delete all of our commits history, but keep the code in its current state, try this:

# Check out to a temporary branch:
git checkout --orphan TEMP_BRANCH

# Add all the files:
git add -A