- Don't run as root.
- For sessions, set
httpOnly(andsecuretotrueif running over SSL) when setting cookies. - Use the Helmet for secure headers: https://github.com/evilpacket/helmet
- Enable
csrffor preventing Cross-Site Request Forgery: http://expressjs.com/api.html#csrf - Don't use the deprecated
bodyParser()and only use multipart explicitly. To avoid multiparts vulnerability to 'temp file' bloat, use thedeferproperty andpipe()the multipart upload stream to the intended destination.
Akosua akosasante
staltz
/ introrx.md
Last active
June 25, 2024 15:13
The introduction to Reactive Programming you've been missing
(by @andrestaltz)
If you prefer to watch video tutorials with live-coding, then check out this series I recorded with the same contents as in this article: Egghead.io - Introduction to Reactive Programming.
nolanlawson
/ protips.js
Last active
February 4, 2024 18:06
Promise protips - stuff I wish I had known when I started with Promises
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Promise.all is good for executing many promises at once | |
| Promise.all([ | |
| promise1, | |
| promise2 | |
| ]); | |
| // Promise.resolve is good for wrapping synchronous code | |
| Promise.resolve().then(function () { | |
| if (somethingIsNotRight()) { | |
| throw new Error("I will be rejected asynchronously!"); |
kipcole9
/ Map.Helpers
Last active
October 24, 2023 22:13
Helpers for Elixir Maps: underscore, atomise and stringify map keys
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| defmodule Map.Helpers do | |
| @moduledoc """ | |
| Functions to transform maps | |
| """ | |
| @doc """ | |
| Convert map string camelCase keys to underscore_keys | |
| """ | |
| def underscore_keys(nil), do: nil |
thiagosf
/ gist:eb2ba7d24968873e745c61d2ee72c0d8
Last active
September 25, 2023 10:44
Export ERD (diagrams) from SequelPro
bradwestfall
/ HoC-vs-RenderProps-vs-Hooks.md
Last active
May 16, 2024 12:57
An explanation of why Hooks are a nicer way to abstract re-useable state and functionality vs HoC's and Render Props
dkarter
/ elixir.yml
Created
May 11, 2020 22:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Elixir CI | |
| on: | |
| push: | |
| branches: [ master ] | |
| pull_request: | |
| branches: [ master ] | |
| env: | |
| MIX_ENV: test |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| set -o nounset | |
| set -o errexit | |
| usage(){ | |
| echo "Usage: $0 X.Y.Z dev|test|staging|prod" | |
| echo "" | |
| echo "example: ./deploy.sh 1.1.3 prod" | |
| echo "example: ./deploy.sh 1.2.0 dev" |
amattn
/ Dockerfile
Created
January 6, 2021 17:44
Dockerfile example used to build an elixir/phoenix project on linux and output a tarball
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM elixir:1.11.2 AS build | |
| ## instll some dependencies (webpack basically) | |
| RUN \ | |
| apt-get update -y && \ | |
| curl -sL https://deb.nodesource.com/setup_14.x | bash - && \ | |
| apt-get install -y nodejs && node -v && npm -v | |
| # Required environment variables passed in via --build-arg flags |
OlderNewer