- Don't run as root.
- For sessions, set
httpOnly
(andsecure
totrue
if running over SSL) when setting cookies. - Use the Helmet for secure headers: https://github.com/evilpacket/helmet
- Enable
csrf
for preventing Cross-Site Request Forgery: http://expressjs.com/api.html#csrf - Don't use the deprecated
bodyParser()
and only use multipart explicitly. To avoid multiparts vulnerability to 'temp file' bloat, use thedefer
property andpipe()
the multipart upload stream to the intended destination.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
class CookbookSource | |
attr_reader :name, :options | |
def initialize(name, options = {}) | |
@name = name | |
@options = options | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/zsh | |
# | |
# Install svn2git https://github.com/nirvdrum/svn2git | |
# Install curl: sudo apt-get install curl | |
# | |
# Create API token Github on command line before running this script | |
# | |
# curl -u 'miohtama' -d '{"scopes":["repo"],"note":"migrate.sh"}' https://api.github.com/authorizations | |
# | |
# More info https://help.github.com/articles/creating-an-oauth-token-for-command-line-use |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//Load the requirejs optimizer | |
var requirejs = require('./path/to/r.js'), | |
//Set up basic config, include config that is | |
//common to all the optimize() calls. | |
basConfig = { | |
baseUrl: './some/path', | |
paths: { | |
//whatever is neded globally. | |
} | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
usage () | |
{ | |
cat <<UsageHERE | |
boot2docker-fwd -- Helper function to quickly manage port forwards between the boot2docker-vm and the host | |
Usage: boot2docker-fwd [ -n RULE_NAME ] [ -h HOST_PORT ] [ -p {tcp|udp} ] [ -i HOST_IP ] GUEST_PORT | |
or boot2docker-fwd -d RULE_NAME | |
or boot2docker-fwd -l | |
or boot2docker-fwd -A |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<html> | |
<head> | |
<script> | |
window.onload = function () { | |
console.log(''+(+new Date)+': Onload fired'); | |
}; | |
document.onreadystatechange = function () { | |
console.log(''+(+new Date)+': Ready state changed'); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var express = require('express'), | |
passport = require('passport'), | |
LocalStrategy = require('passport-local').Strategy, | |
connect = require('connect'), | |
http = require('http'), | |
path = require('path'), | |
util = require('util'), | |
fs = require('fs'), | |
redis = require('redis'), | |
cookie = require('cookie'), |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
require 'redis' | |
# Clear a large number of keys matching a pattern using SCAN and | |
# pipelining to avoid killing the server. | |
class ClearKeys | |
def initialize(pattern, host='localhost', postprocess_pattern=nil) | |
@redis = Redis.new(host: host) | |
@pattern = pattern |
Moved to Shopify/graphql-design-tutorial
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# | |
# Installs the previous version of a Homebrew formula | |
# | |
# Usage: brewv formula_name desired_version | |
# | |
# Based on http://stackoverflow.com/questions/3987683/homebrew-install-specific-version-of-formula#9832084 | |
# | |
# Author: Matti Schneider <hi@mattischneider.fr> (http://mattischneider.fr) |
OlderNewer