- Don't run as root.
- For sessions, set
httpOnly
(andsecure
totrue
if running over SSL) when setting cookies. - Use the Helmet for secure headers: https://github.com/evilpacket/helmet
- Enable
csrf
for preventing Cross-Site Request Forgery: http://expressjs.com/api.html#csrf - Don't use the deprecated
bodyParser()
and only use multipart explicitly. To avoid multiparts vulnerability to 'temp file' bloat, use thedefer
property andpipe()
the multipart upload stream to the intended destination.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Rails 3 jQuery Install Rakefile | |
# by Aaron Kalin | |
# Compiled from http://www.railsinside.com/tips/451-howto-unobtrusive-javascript-with-rails-3.html | |
# | |
# Note: this assumes you use git, if not then use the optional usage | |
# | |
# Usage: rake install_query | |
# | |
# Optional usage: rake install_jquery[nogit] | |
# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require "openssl" | |
require "digest" | |
def aes128_cbc_encrypt(key, data, iv) | |
key = Digest::MD5.digest(key) if(key.kind_of?(String) && 16 != key.bytesize) | |
iv = Digest::MD5.digest(iv) if(iv.kind_of?(String) && 16 != iv.bytesize) | |
aes = OpenSSL::Cipher.new('AES-128-CBC') | |
aes.encrypt | |
aes.key = key | |
aes.iv = iv |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'logger' | |
class ColoredLogger < Logger | |
WHITE = "\e[37m" | |
CYAN = "\e[36m" | |
MAGENTA = "\e[35m" | |
BLUE = "\e[34m" | |
YELLOW = "\e[33m" | |
GREEN = "\e[32m" | |
RED = "\e[31m" | |
BLACK = "\e[30m" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class Banana < ActiveRecord::Base; end | |
banana = Banana.new | |
banana.valid? #=> true | |
banana.singleton_class.validates_presence_of :name | |
banana.valid? #=> true - why did the validation not work? | |
banana.class.validates_presence_of :name | |
banana.valid? #=> false - as we'd expect...but now... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/perl | |
# This script parses Git blame's "porcelain" output format and | |
# ascertains the oldest lines of code seen. | |
# | |
# If you want to perform a custom report, just define your own callback | |
# function and invoke parse_porcelain() with it. | |
# | |
# The expected input format is slightly modified from raw `git blame | |
# -p`. Here is an example script for producing input: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class ActiveRecord::Base | |
mattr_accessor :shared_connection | |
@@shared_connection = nil | |
def self.connection | |
@@shared_connection || ConnectionPool::Wrapper.new(:size => 1) { retrieve_connection } | |
end | |
end | |
ActiveRecord::Base.shared_connection = ActiveRecord::Base.connection |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@mixin row() { | |
margin-left: $gridGutterWidth * -1; | |
@media (max-width: 767px) { margin-left: 0; } | |
@media (min-width: 768px) and (max-width: 979px) { margin-left: $gridGutterWidth768 * -1; } | |
@media (min-width: 1200px) { margin-left: $gridGutterWidth1200 * -1; } | |
@include clearfix(); | |
} | |
@mixin column($columns: 1, $offset: 0) { | |
float: left; |
This tutorial uses the "Sample hapi.js REST API" project.
Take a look at: https://github.com/agendor/sample-hapi-rest-api/
##Topics
- Introduction
- Installing Node.js
- Installing MySQL
- Setting-up the project
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'delegate' | |
# An abstract decorator useful for decorating Active Record objects. | |
class ActiveRecordDecorator < SimpleDelegator | |
# A proxy for the decorator class to allow the delegation of certain class | |
# methods to the decorated object's class. | |
class ClassProxy < SimpleDelegator | |
def initialize(decorator_class, decorated_class) | |
super decorator_class | |
self.decorated_class = decorated_class |
OlderNewer