Disa Johnson altadisa

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                altadisa
                / keybase.md
            
            
              Created
              March 20, 2017 16:04
            
          
    Keybase proof

I hereby claim:

I am airdisa on github.
I am airdisa (https://keybase.io/airdisa) on keybase.
I have a public key ASBI4SmDK2uIT5qpmTjWEBtY8cP19pnVt8usAJeQDxWb-Ao

To claim this, I am signing this object:

  
## active-record-migration-expert.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                altadisa
                / active-record-migration-expert.md
            
            
              Created
              May 16, 2016 18:31
                — forked from pyk/active-record-migration-expert.md
            
              
                become active record migration expert (Rails 4.0.2)
              
          
    become active record migration expert (Rails 4.0.2)

workflow:
create model

$ rails g model NameOfModel
    invoke  active_record
    create    db/migrate/YYYYMMDDHHMMSS_create_name_of_models.rb

  
## Xcode_swift_repl.txt
xcrun swift -sdk /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator.sdk

## vimrc
" A minimal vimrc for new vim users to start with.
"
" Referenced here: http://www.benorenstein.com/blog/your-first-vimrc-should-be-nearly-empty/

" Original Author:	 Bram Moolenaar <Bram@vim.org>
" Made more minimal by:  Ben Orenstein
" Last change:	         2012 Jan 20
"
" To use it, copy it to
"     for Unix and OS/2:  ~/.vimrc

## gist:10253743
#!/usr/bin/env python
# Quick and dirty demonstration of CVE-2014-0160 by
# Jared Stafford (jspenguin@jspenguin.org)
# Modified so that it finds cookies

import sys
import struct
import socket
import time
import select

## rails-header-with-turbolinks
# layouts/application.html.erb

<head>
  <title><%= yield_or_default(:title) -%></title>
  <meta name="description" content="<%= yield_or_default(:meta_desc) -%>">
  <meta name="keywords" content="<%= yield_or_default(:meta_keywords) -%>">
  <meta name="robots" content="<%= yield_or_default(:robots) -%>">

  <%= stylesheet_link_tag    "application", media: "all", "data-turbolinks-track" => true %>
  <%= javascript_include_tag "application", "data-turbolinks-track" => true %>

## irc-chat-temp
$ cat etc/environment
=> PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games"

$ cat root/.bashrc
streams =>
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples

# If not running interactively, don't do anything

## embed-gist.html
<!-- Insert this script where you want a gist such as this -->
<script src="https://gist.github.com/AirDisa/8124295.js"></script>

## capybara cheat sheet
=Navigating=
    visit('/projects')
    visit(post_comments_path(post))

=Clicking links and buttons=
    click_link('id-of-link')
    click_link('Link Text')
    click_button('Save')
    click('Link Text') # Click either a link or a button
    click('Button Value')

## web_security.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                altadisa
                / web_security.md
            
            
              Created
              August 8, 2013 15:36
            
          
    Web Security

This post outlines three common web security vulnerabilities with specific examples in Rails. For a more complete list, I highly recommend the OWASP Rails security cheatsheet.
Cross-Site Scripting (XSS)

A cross-site scripting attack is when malicious scripts are injected into a web site in order to compromise it.
For example, let's say we want to allow html tags such as <strong> in our blog comments, so we render raw output using the Rails method #html_safe:
	" A minimal vimrc for new vim users to start with.
	"
	" Referenced here: http://www.benorenstein.com/blog/your-first-vimrc-should-be-nearly-empty/

	" Original Author: Bram Moolenaar <Bram@vim.org>
	" Made more minimal by: Ben Orenstein
	" Last change: 2012 Jan 20
	"
	" To use it, copy it to
	" for Unix and OS/2: ~/.vimrc
	#!/usr/bin/env python
	# Quick and dirty demonstration of CVE-2014-0160 by
	# Jared Stafford (jspenguin@jspenguin.org)
	# Modified so that it finds cookies

	import sys
	import struct
	import socket
	import time
	import select
	$ cat etc/environment
	=> PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games"

	$ cat root/.bashrc
	streams =>
	# ~/.bashrc: executed by bash(1) for non-login shells.
	# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
	# for examples

	# If not running interactively, don't do anything
	<!-- Insert this script where you want a gist such as this -->
	<script src="https://gist.github.com/AirDisa/8124295.js"></script>
	=Navigating=
	visit('/projects')
	visit(post_comments_path(post))

	=Clicking links and buttons=
	click_link('id-of-link')
	click_link('Link Text')
	click_button('Save')
	click('Link Text') # Click either a link or a button
	click('Button Value')