After Chrome 58, self-signed certificate without SAN is not valid anymore.
openssl genrsa -des3 -out example.com.key 2048
mariuszpoplawski
/ CVE-2020-11976
Last active
June 2, 2021 16:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CVE-2020-11976 - Apache wicket LFI / markup source file read vulnerability | |
| ------------------------------------------ | |
| By crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates. | |
| This would allow an attacker to see possibly sensitive information inside a HTML template that is usually removed during rendering. | |
| Affected are Apache Wicket versions 7.16.0, 8.8.0 and 9.0.0-M5 | |
| For example if there are credentials in the markup which are never supposed to be visible to the client: | |
| <wicket:remove> |
random-robbie
/ install_go_pi.sh
Created
April 26, 2018 14:16
Install Go Lang 1.10.1 on Raspberry Pi 3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wget https://storage.googleapis.com/golang/go1.10.1.linux-armv6l.tar.gz | |
| sudo tar -C /usr/local -xvf go1.10.1.linux-armv6l.tar.gz | |
| cat >> ~/.bashrc << 'EOF' | |
| export GOPATH=$HOME/go | |
| export PATH=/usr/local/go/bin:$PATH:$GOPATH/bin | |
| EOF | |
| source ~/.bashrc |
KeithYeh
/ Self-Signed SSL with SAN.md
Created
October 14, 2017 13:12
Create self-signed SSL certificate with SubjectAltName(SAN)
Rich-Harris
/ service-workers.md
Last active
May 6, 2024 22:10
Stuff I wish I'd known sooner about service workers
I recently had several days of extremely frustrating experiences with service workers. Here are a few things I've since learned which would have made my life much easier but which isn't particularly obvious from most of the blog posts and videos I've seen.
I'll add to this list over time – suggested additions welcome in the comments or via twitter.com/rich_harris.
Chrome 51 has some pretty wild behaviour related to console.log in service workers. Canary doesn't, and it has a load of really good service worker related stuff in devtools.
People
 :bowtie: |
😄 :smile: |
😆 :laughing: |
|---|---|---|
😊 :blush: |
😃 :smiley: |
:relaxed: |
😏 :smirk: |
😍 :heart_eyes: |
😘 :kissing_heart: |
😚 :kissing_closed_eyes: |
😳 :flushed: |
😌 :relieved: |
😆 :satisfied: |
😁 :grin: |
😉 :wink: |
😜 :stuck_out_tongue_winking_eye: |
😝 :stuck_out_tongue_closed_eyes: |
😀 :grinning: |
😗 :kissing: |
😙 :kissing_smiling_eyes: |
😛 :stuck_out_tongue: |
At the top of the file there should be a short introduction and/ or overview that explains what the project is. This description should match descriptions added for package managers (Gemspec, package.json, etc.)
Show what the library does as concisely as possible, developers should be able to figure out how your project solves their problem by looking at the code example. Make sure the API you are showing off is obvious, and that your code is short and concise.