Skip to content

Instantly share code, notes, and snippets.

View felipap's full-sized avatar
🍟

Felipe Aragão felipap

🍟
60 followers · 144 following
View GitHub Profile
@alexisrobert
alexisrobert / webserver.go
Created May 20, 2011 10:13
Tiny web server in Go for sharing a folder
/* Tiny web server in Golang for sharing a folder
Copyright (c) 2010-2014 Alexis ROBERT <alexis.robert@gmail.com>
Contains some code from Golang's http.ServeFile method, and
uses lighttpd's directory listing HTML template. */
package main
import "net/http"
import "net/url"
@cyakimov
cyakimov / gist:1139981
Created August 11, 2011 15:49
Decode Facebook signed_request with NodeJS
//npm install b64url
//A signed_request for testing:
//WGvK-mUKB_Utg0l8gSPvf6smzacp46977pTtcRx0puE.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjEyOTI4MjEyMDAsImlzc3VlZF9hdCI6MTI5MjgxNDgyMCwib2F1dGhfdG9rZW4iOiIxNTI1NDk2ODQ3NzczMDJ8Mi5ZV2NxV2k2T0k0U0h4Y2JwTWJRaDdBX18uMzYwMC4xMjkyODIxMjAwLTcyMTU5OTQ3NnxQaDRmb2t6S1IyamozQWlxVldqNXp2cTBmeFEiLCJ1c2VyIjp7ImxvY2FsZSI6ImVuX0dCIiwiY291bnRyeSI6ImF1In0sInVzZXJfaWQiOiI3MjE1OTk0NzYifQ
function parse_signed_request(signed_request, secret) {
encoded_data = signed_request.split('.',2);
// decode the data
sig = encoded_data[0];
json = base64url.decode(encoded_data[1]);
data = JSON.parse(json); // ERROR Occurs Here!
@chitchcock
chitchcock / 20111011_SteveYeggeGooglePlatformRant.md
Created October 12, 2011 15:53
Stevey's Google Platforms Rant

Stevey's Google Platforms Rant

I was at Amazon for about six and a half years, and now I've been at Google for that long. One thing that struck me immediately about the two companies -- an impression that has been reinforced almost daily -- is that Amazon does everything wrong, and Google does everything right. Sure, it's a sweeping generalization, but a surprisingly accurate one. It's pretty crazy. There are probably a hundred or even two hundred different ways you can compare the two companies, and Google is superior in all but three of them, if I recall correctly. I actually did a spreadsheet at one point but Legal wouldn't let me show it to anyone, even though recruiting loved it.

I mean, just to give you a very brief taste: Amazon's recruiting process is fundamentally flawed by having teams hire for themselves, so their hiring bar is incredibly inconsistent across teams, despite various efforts they've made to level it out. And their operations are a mess; they don't real

@stefanv
stefanv / sparks.py
Created November 17, 2011 00:25
Command line sparks in Python
#!/usr/bin/python
# coding=utf-8
# Python version of Zach Holman's "spark"
# https://github.com/holman/spark
# by Stefan van der Walt <stefan@sun.ac.za>
"""
USAGE:
@ricardobeat
ricardobeat / privates.js
Created November 25, 2012 23:37
Private properties with no memory leaks.
var Thing = (function(){
var instances = []
, data = []
function setId(){
data[instances.indexOf(this)] = id
}
function getId(){
@dasdennis
dasdennis / Warning for Source Ruby Gems.rb
Last active January 6, 2016 17:41
The source :rubygems is deprecated because HTTP requests are insecure. Please change your source to 'https://rubygems.org' if possible, or 'http://rubygems.org' if not.
# Change Gemfile source to https://rubygems.org to stop warning.
# The source :rubygems is deprecated because HTTP requests are insecure.
# Please change your source to 'https://rubygems.org' if possible, or
# 'http://rubygems.org' if not.
# In Gemfile:
# Comment this line:
# source :rubygems
@niravmehta
niravmehta / kue_cleanup.js
Created July 30, 2013 11:57
Cleanup script for Kue job queueing system in Node.js. Deletes failed, active and completed jobs after specified time. Can run on command line directly with "node kue_cleanup". Requires Kue installed :-)
var kue = require('kue'),
jobs = kue.createQueue(),
util = require('util'),
noop = function() {};
jobs.CLEANUP_MAX_FAILED_TIME = 30 * 24 * 60 * 60 * 1000; // 30 days
jobs.CLEANUP_MAX_ACTIVE_TIME = 1 * 24 * 60 * 60 * 1000; // 1 day
jobs.CLEANUP_MAX_COMPLETE_TIME = 5 * 24 * 60 * 60 * 1000; // 5 days
jobs.CLEANUP_INTERVAL = 5 * 60 * 1000; // 5 minutes
@cerebrl
cerebrl / 1-securing-express.md
Last active August 2, 2023 22:48
Securing ExpressJS

tl;dr

  1. Don't run as root.
  2. For sessions, set httpOnly (and secure to true if running over SSL) when setting cookies.
  3. Use the Helmet for secure headers: https://github.com/evilpacket/helmet
  4. Enable csrf for preventing Cross-Site Request Forgery: http://expressjs.com/api.html#csrf
  5. Don't use the deprecated bodyParser() and only use multipart explicitly. To avoid multiparts vulnerability to 'temp file' bloat, use the defer property and pipe() the multipart upload stream to the intended destination.
@felipap
felipap / events.js
Last active December 29, 2015 17:09
Minimalistic backbone-like Javascript events for light usage.
function implementEvents() {
this._callbacks = {};
this.on = function (eventName, func, t) {
if (typeof func !== 'function')
throw "Invalid argument to .on() "+func
if (this._callbacks[eventName])
this._callbacks[eventName].push(t?func.bind(t):func);
else
this._callbacks[eventName] = [t?func.bind(t):func];
@david-christiansen
david-christiansen / FizzBuzzC.idr
Last active August 29, 2022 20:00
Dependently typed FizzBuzz, now with 30% more constructive thinking
module FizzBuzzC
%default total
-- Dependently typed FizzBuzz, constructively
-- A number is fizzy if it is evenly divisible by 3
data Fizzy : Nat -> Type where
ZeroFizzy : Fizzy 0
Fizz : Fizzy n -> Fizzy (3 + n)