Skip to content

Instantly share code, notes, and snippets.

@graste
graste / rick-roll-content-scraper.js
Created August 19, 2020 20:59 — forked from troyhunt/rick-roll-content-scraper.js
A Cloudflare worker to redirect image requests from dickhead content scraper's site to a Rick Roll
addEventListener('fetch', event => {
event.respondWith(fetchAndApply(event.request))
})
async function fetchAndApply(request) {
let response = await fetch(request)
let referer = request.headers.get('Referer')
let contentType = response.headers.get('Content-Type') || ''
if (referer && contentType.startsWith('image/')) {
const fetch = require('node-fetch');
async function run() {
let username = "YOUR USERNAME HERE";
let password = "YOUR APP PASSWORD";
let authBasic = new Buffer(username + ':' + password).toString('base64');
let session = await (await fetch('https://jmap.fastmail.com/.well-known/jmap', {
headers: {
"Authorization": "Basic " + authBasic
}
})).json();
html {
scroll-behavior: smooth;
}
@media (prefers-reduced-motion: reduce) {
html {
scroll-behavior: auto;
}
}

Stevey's Google Platforms Rant

I was at Amazon for about six and a half years, and now I've been at Google for that long. One thing that struck me immediately about the two companies -- an impression that has been reinforced almost daily -- is that Amazon does everything wrong, and Google does everything right. Sure, it's a sweeping generalization, but a surprisingly accurate one. It's pretty crazy. There are probably a hundred or even two hundred different ways you can compare the two companies, and Google is superior in all but three of them, if I recall correctly. I actually did a spreadsheet at one point but Legal wouldn't let me show it to anyone, even though recruiting loved it.

I mean, just to give you a very brief taste: Amazon's recruiting process is fundamentally flawed by having teams hire for themselves, so their hiring bar is incredibly inconsistent across teams, despite various efforts they've made to level it out. And their operations are a mess; they don't real

@graste
graste / phpda.yml
Created May 27, 2020 15:07 — forked from goetas/phpda.yml
Doctrine Migrations dependency analysis
mode: 'usage'
source: './lib'
filePattern: '*.php'
formatter: 'PhpDA\Writer\Strategy\Svg'
target: './complex-cycle.svg'
groupLength: 3
visitorOptions:
PhpDA\Parser\Visitor\Required\DeclaredNamespaceCollector: {minDepth: 2, sliceLength: 6, excludePattern: '/^((?!.*(Doctrine\\Migrations))|(?=.*Exception)).*$/'}
PhpDA\Parser\Visitor\Required\MetaNamespaceCollector: {minDepth: 2, sliceLength: 4, excludePattern: '/^((?!.*(Doctrine\\Migrations))|(?=.*Exception)).*$/'}
PhpDA\Parser\Visitor\Required\UsedNamespaceCollector: {minDepth: 2, sliceLength: 4, excludePattern: '/^((?!.*(Doctrine\\Migrations))|(?=.*Exception)).*$/'}
@graste
graste / rollyourown.php
Created May 8, 2020 13:10 — forked from GDmac/rollyourown.php
We don't need no DIC libs / we don't need no deps control
<?php
// Context: I'm trying to argue that DI (and DIC) are great, and DIC libs suck.
// Happy to be proven wrong!
final class Router {
private $dependencies;
public function __construct (Dependencies $dependencies) {
$this->dependencies = $dependencies;
// You might say that this is Service Locator, but it's not. This router is toplevel,
// and toplevel must have access to dependencies. After that it can all just bubble nicely using proper DI.
@graste
graste / psp.yml
Created March 18, 2020 16:23 — forked from abhisek/psp.yml
PodSecurityPolicy to Prevent hostPath Mount
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: developers-psp
spec:
privileged: false
allowPrivilegeEscalation: false
hostNetwork: false
hostPID: false
hostIPC: false
@graste
graste / test-php-basic-auth.php
Last active January 19, 2020 20:56 — forked from agwells/test-php-basic-auth.php
Ways to make a browser clear its cached HTTP basic auth credentials
<?php
function require_auth() {
$AUTH_USER = 'admin';
$AUTH_PASS = 'admin';
header('Cache-Control: no-cache, must-revalidate, max-age=0');
$has_supplied_credentials = !(empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['PHP_AUTH_PW']));
$is_not_authenticated = (
!$has_supplied_credentials ||
$_SERVER['PHP_AUTH_USER'] != $AUTH_USER ||
$_SERVER['PHP_AUTH_PW'] != $AUTH_PASS
@graste
graste / random_user-agent.py
Created January 3, 2020 09:32 — forked from nickpopovich/random_user-agent.py
Script that goes with Python Scripter Burp Extension - every request passed through burp has a random User-Agent. Inspired by Marcin Wielgoszewski (@marcin) https://portswigger.net/bappstore/eb563ada801346e6bdb7a7d7c5c52583. Also inspired by Tim Tomes' (@lanmaster53) example scripts for Python Scripter https://gist.github.com/lanmaster53/3d86836…
import random
header_names = ['User-Agent']
ua = ['Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.62 Safari/537.36', 'Mozilla/5.0 (Linux; Android 6.0; CAM-L21 Build/HUAWEICAM-L21; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/62.0.3202.84 Mobile Safari/537.36', 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36']
if (messageIsRequest):
request = helpers.analyzeRequest(messageInfo)
headers = request.getHeaders()
for header_name in header_names:
@graste
graste / Main.sc
Created November 17, 2019 19:02 — forked from tPl0ch/Main.sc
Message-Driven Finite-State-Transducer Domain-Driven-Design Aggregate
import cats.instances.either._
import Transducer.run
import UserRegistration._
object Main extends App {
private val commands = List(GDPRDeletion, StartRegistration, StartRegistration, ConfirmAccount, GDPRDeletion)
run(userRegistration)(commands).foreach(println)
// OUTPUT