- CVE-2012-5664 - SQL Inection Vulnerability
- CVE-2013-0155 - Unsafe Query Generation
- CVE-2013-0156 - Multiple vulnerabilities in parameter parsing in Action Pack
ara.t.howard ahoward
copiousfreetime
/ bdrg-2013-01_rails-vuln.md
Created
January 16, 2013 17:59
Links used for 2013-01-15 Boulder Ruby User Group talk about the recent Rails vulnerabilities.
Couldn't find the text of this for a while...
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def console!(&block) | |
| require 'pry' | |
| Pry.config.hooks.send(:hooks).keys. | |
| each{|which| Pry.config.hooks.clear(which)} | |
| prompt = ">> " | |
| Pry.config.prompt = proc{|*a| prompt } | |
| block.binding.pry |
A utility inspired by @ahoward that allows screens to be the name of the directory they were spawned from. This is mainly helpful for Terminal/iTerm tabs.
Executing this should rejoin sessions with the same name if they already exist or otherwise create them.
- Place or symlink into your path (I symlink as
ns) - Ensure the script is executable
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Mongoid.database.add_stored_function "sequence", <<-__ | |
| function(name) { | |
| var ret = db.counters.findAndModify({ query: { _id: name}, update: { $inc : { next: 1}}, "new" :true, upsert: true}); | |
| return ret.next; | |
| } | |
| __ | |
| class Sequence | |
| include Mongoid::Fields::Serializable |
protocool
/ caveatPatchor.js
Created
February 14, 2011 02:29
Sample caveatPatchor.js file for use in Propane 1.1.2 and above
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| As of version 1.1.2, Propane will load and execute the contents of | |
| ~Library/Application Support/Propane/unsupported/caveatPatchor.js | |
| immediately following the execution of its own enhancer.js file. | |
| You can use this mechanism to add your own customizations to Campfire | |
| in Propane. | |
| Below you'll find two customization examples. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # LoremHelper - a placeholder content generator for Webby | |
| # ======================================================= | |
| # based on Travis Dunn's Frank - lorem.rb: | |
| # - https://github.com/blahed/frank/blob/master/lib/frank/lorem.rb | |
| # - original license: https://github.com/blahed/frank/blob/master/LICENSE | |
| # | |
| # LoremHelper creates placeholder content for your Webby [http://webby.rubyforge.org/] projects. | |
| # It's great for quickly prototyping/wireframing a site. | |
| # | |
| # USAGE: |
andrewvc
/ Tailing a MongoDB capped collection.rb
Created
August 26, 2010 02:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Kind of like tail -f -n1 | |
| db = Mongo::Connection.new(mongo_hostname).db(mongo_dbname) | |
| coll = db.collection(mongo_collection) | |
| start_count = coll.count | |
| tail = Mongo::Cursor.new(coll, :tailable => true, :order => [['$natural', 1]]).skip(start_count- 1) | |
| loop do | |
| if doc = tail.next_document | |
| puts doc | |
| else | |
| sleep 1 |
NewerOlder