Skip to content

Instantly share code, notes, and snippets.

View elkarrde's full-sized avatar
🚛
⋋_⋌

Neven Falica elkarrde

🚛
⋋_⋌
20 followers · 40 following
View GitHub Profile
@thesamesam
thesamesam / xz-backdoor.md
Last active May 16, 2024 19:46
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that

@Sidneys1
Sidneys1 / theming.html
Created January 30, 2024 21:04
noscript theming
<!DOCTYPE html>
<html>
<head>
<script>
/*
* This code is only used for loading/saving preferences
* to/from `localstorage`. If scripts are disabled all
* the theming still works, they just won't persist. :^)
*/
@elkarrde
elkarrde / useful-dev-stuff.md
Last active November 10, 2022 09:15
Useful tools for development
@DavidKuennen
DavidKuennen / minimal-analytics-snippet.js
Last active May 3, 2024 12:55
Minimal Analytics Snippet
(function (context, trackingId, options) {
const history = context.history;
const doc = document;
const nav = navigator || {};
const storage = localStorage;
const encode = encodeURIComponent;
const pushState = history.pushState;
const typeException = 'exception';
const generateId = () => Math.random().toString(36);
const getId = () => {
@swalkinshaw
swalkinshaw / tutorial.md
Last active November 13, 2023 08:40
Designing a GraphQL API
@elkarrde
elkarrde / todo-180503.md
Last active May 4, 2018 13:57
WWF N4P To do, 2018-05-03

WWF N4P Todo 2018-05-03

Jezici

  • ispraviti jezik AL
  • staviti umjesto HR - BCHS
    • (može i disclamer u donjem dijelu koje to jezike podrazumjeva)

Naslovna

  • zamijeni project u platform
  • izbriši in this project u 2 rečenici " This project is supported by our friends and partners. Thanks for supporting us in this project. Nature and people will appreciate it.
@neektza
neektza / todo-180426.md
Last active May 2, 2018 16:17 — forked from elkarrde/todo-180426.md
WWF to do, 2018-0426

2018-04-26

SLUGOVI:

  • (@danijel) provjeriti na GA, jesu postojeći slugovi referani direktno od negdje
    • poslati report Nikici
    • ako jesu, dodati redirectove
  • hr title -> hr slug
  • en title -> en slug

VISUAL:

@w4ilun
w4ilun / wemo_response.cpp
Created September 22, 2016 22:03
String response =
"HTTP/1.1 200 OK\r\n"
"CACHE-CONTROL: max-age=86400\r\n"
"DATE: Fri, 15 Apr 2016 04:56:29 GMT\r\n"
"EXT:\r\n"
"LOCATION: http://" + String(s) + ":80/setup.xml\r\n"
"OPT: \"http://schemas.upnp.org/upnp/1/0/\"; ns=01\r\n"
"01-NLS: b9200ebb-736d-4b93-bf03-835149d13983\r\n"
"SERVER: Unspecified, UPnP/1.0, Unspecified\r\n"
"ST: urn:Belkin:device:**\r\n"
@staltz
staltz / introrx.md
Last active May 17, 2024 01:39
The introduction to Reactive Programming you've been missing
@subudeepak
subudeepak / WebSockets.md
Last active November 2, 2022 00:04
The problems and some security implications of websockets - Cross-site WebSockets Scripting (XSWS)

WebSockets - An Introduction

WebSockets is a modern HTML5 standard which makes communication between client and server a lot more simpler than ever. We are all familiar with the technology of sockets. Sockets have been fundamental to network communication for a long time but usually the communication over the browser has been restricted. The general restrictions

  • The server used to have a permanent listener while the client (aka browser) was not designated any fixed listener for a more long term connection. Hence, every communication was restricted to the client demanding and the server responding.
  • This meant that unless the client requested for a particular resource, the server was unable to push such a resource to the client.
  • This was detrimental since the client is then forced to check with the server at regular intervals. This meant a lot of libraries focused on optimizing asynchronous calls and identifying the response of asynchronous calls. Notably t