Skip to content

Instantly share code, notes, and snippets.

View bnorton's full-sized avatar

Brian Norton bnorton

33 followers · 25 following
View GitHub Profile
@bnorton
bnorton / blank-html-page.html
Last active January 29, 2021 03:14 — forked from achoukah/blank-html-page.html
html blank page
<!DOCTYPE html>
<html lang="en">
<head>
<meta name="description" content="Chameleon blank page" />
<meta charset="utf-8">
<title>Chameleon blank page</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="author" content="Chameleon">
</head>
@bnorton
bnorton / application_controller.rb
Last active March 18, 2020 17:01
SameSite=None user agent sniffing for incompatible browsers (Ruby)
class ApplicationController < ActionController::Base
...
# Use when setting 3rd party cookies and make sure to tack .compact on the
# end to make sure that the :same_site key is not included when the value is missing
#
def set_cookie(key, value)
cookies.encrypted[key] = {
:value => value.to_s,
:expires => 1.year, :domain => :all,
:same_site => SameSite.value(request.headers['User-Agent']),
@bnorton
bnorton / Gemfile
Last active April 5, 2021 21:18
...
##
# Until this commit is merged and released by rack
#
gem 'rack', git: 'https://github.com/rack/rack.git', ref: 'c859bbf7b53cb59df1837612a8c330dfb4147392'
...
@bnorton
bnorton / README.md
Last active March 26, 2019 14:56
OPTIONS requests being blocked by CORB

Based on information found here on the chromium blog I found that options requests that render with head :ok are blocked by CORB because the resposne has headers of Content-Type: text/plain and X-Content-Type-Options: nosniff. The text/plain content type is a "trigger" for CORB checking and when Rails sets the contet type options to nosniff for this response CORB cannot inspect the response to see if it is safe.

TL;DR add response.headers.delete('X-Content-Type-Options') in your OPTIONS preflight handler

@bnorton
bnorton / semaphore-mongodb-3.4.sh
Created December 2, 2016 07:19
#! /usr/bin/env bash
set -e
export MONGODB_VERSION=3.4.0
TAR=mongodb-linux-x86_64-ubuntu1404-$MONGODB_VERSION.tgz
URL=https://fastdl.mongodb.org/linux/$TAR
echo "---------------------------------------"
echo "Removing currently installed MongoDB"
@bnorton
bnorton / parse-cookie.coffee
Created February 4, 2016 01:07 — forked from madwork/parse-cookie.coffee
Node cookie parser for Rails 4.1 json encypted cookies
@bnorton
bnorton / session.rb
Created August 26, 2015 05:34
Skip the default Rails session (when building an API)
class ApplicationController < ActionController::Base
before_action :skip_session
private
def skip_session
request.session_options[:skip] = true
end
end
@bnorton
bnorton / application.html.erb
Last active August 29, 2015 14:21
Ember.js meet Capybara
<!-- ... -->
<%= javascript_include_tag 'test' if Rails.env.test? %>
<!-- ... -->
@bnorton
bnorton / ALAssetsLibrary+CoreExt.h
Last active August 29, 2015 14:02
Some helpful ALAssetsLibrary helpers.
//
// ALAssetsLibrary+CoreExt.h
//
// Created by Brian Norton on 6/14/14.
//
@interface ALAssetsLibrary (CoreExt)
+(ALAssetsLibrary *)library;
@bnorton
bnorton / created_by_week.rb
Created June 11, 2014 04:31
Aggregate records in memory by
puts records.inspect
# #=> [
# {"id": 1, "created_at": 2014-06-04 06:07:31 -0700},
# {"id": 2, "created_at": 2014-06-07 09:03:11 -0700},
# {"id": 3, "created_at": 2014-06-09 07:47:18 -0700}
# ]
records.each_with_object(Hash.new { 0 }) do |record, hash|
hash[record['created_at'].to_date.beginning_of_week] += 1
end