Skip to content

Instantly share code, notes, and snippets.


Joe Palala jpalala

View GitHub Profile
jpalala /
Created Oct 13, 2021
safari float bug
jpalala / build.js
Created Aug 15, 2021
node - create html from markdown file (using showdowns)
View build.js
const showdown = require('showdown'),
converter = new showdown.Converter();
const fs = require('fs');
const cwd= __dirname;
try {
// 1. Update the path to the markdown file
var text = fs.readFileSync('path/to/', 'utf8');
var html = converter.makeHtml(text.toString());
// 2. change this title
jpalala /
Last active Jul 4, 2021
[RFC] Brownie Points as a currency

brownie points as a currency

Brownie points in modern usage are an imaginary social currency, which can be acquired by doing good deeds or earning favor in the eyes of another, often one's spouse.

What can you buy with brownie points?

You can trade these brownie points with other similar help needed.

How many brownie points is given to a person for every help?

jpalala /
Created Jan 21, 2021 — forked from wm/
Installing powerline on Mac OSX. The following was done in version Version 10.8.2

Install dependencies

brew install cmake
brew install python
sudo easy_install pip

Add powerline bin to your path. In your zshrc file (or the paths files sourced in zshrc) add the following line


Reinstall MacVim with brew

View gist:2988d20f27c4402e578eff90591d50ec
make a noise
social media. what do you do.
# Skills
prioritize and highlight your skills through:
- portfolio. a page to contact you and for people to know what you do.
jpalala /
Created Nov 25, 2020 — forked from sloria/
A "Best of the Best Practices" (BOBP) guide to developing in Python.

The Best of the Best Practices (BOBP) Guide for Python

A "Best of the Best Practices" (BOBP) guide to developing in Python.

In General


  • "Build tools for others that you want to be built for you." - Kenneth Reitz
  • "Simplicity is alway better than functionality." - Pieter Hintjens
jpalala /
Created Nov 20, 2020
php vulnerabilities
  1. enabled allow_url_fopen

  2. Source Code Revelation

  3. Session Hijacking.

If someone steals a session key, is that bad? And the answer is: if you aren’t doing anything important in that session then the answer is no. But if you are using that session to authenticate a user, then it would allow some vile person to sign on and get into things. This is particularly bad if the user is important and has a lot of authority. Session IDs can also be vulnerable server-side if you’re using shared hosting services which store session information in globally accessible directories, like /tmp

Cookies are on browser. Prevention is to make sure there's no script on user input.

View jsecho
jpalala / .pa11y.js
Last active Nov 13, 2020
angular a11y test
View .pa11y.js
This config isn't an exact match to that expected by Pa11y, `generatePa11yConfig` will parse this config to what Pa11y is expecting.
* non-standard properties used by the parser:
* `id`: (string, required) A unique identifier for the test / URL.
* `journeyId`: (string, required) JourneyId. A name for the application / journey. Only used for the name of the screenshot.
* `queryParams`: Key-value pair object, optional) Object of query parameters to include in the URL under test.
* `extendActions`: (string, optional) The `id` of another test / URL to use the actions from. This helps eliminate the need to duplicate actions across tests / URLs.
* `screenCapture`: (string, optional) Overwrites the Pa11y property. If given, then a screenshot will be taken of that URL. The text provided will be appended to the filename of the screenshot when saved to `reports/pa11y/`.