Skip to content

Instantly share code, notes, and snippets.

View jpmcneal's full-sized avatar

JP jpmcneal

  • Portsmouth, NH
View GitHub Profile
@kfriend
kfriend / gist:5966561
Last active December 11, 2018 21:59
wget command tasks
# Scape a site w/ a few retries
wget -m -r --tries=5 "http://foo.bar"
# Scape a site w/o images
wget -m -r --tries=5 -R jpg,jpeg,png,gif,bmp "http://foo.bar"
@joelpittet
joelpittet / security.md
Last active December 17, 2015 08:35
Drupal 8 Theming - Security

Security:

Best practices for secure Drupal 8 theming

History

Prior to Drupal 8, we relied on manual escaping variables by our developers and themers. Every variable was either run through check_plain(), filter_xss() or another filter function manually or it was assumed to be safe. You can see where this assumption can easily be overlooked/forgotten and we end up with a security vulnerability usually in the form of an XSS attack.

One of the major decisions for choosing Twig in Drupal 8 was due to its autoescape security feature which all variables can be escaped automatically while they are printed. This alleviates a bunch of concerns and burden on the Security Team as well as protect Drupal Sites by default. This is equivalent to Drupal 7 writing <?php print check_plain($variable); ?> on each variable printed.

@mortendk
mortendk / menu--main.html.twig
Created August 5, 2015 22:21
menu with first, last & count classes in twig Drupal8 template
{#
/**
* @file
* Theme override to display a menu.
*
* Available variables:
* - menu_name: The machine name of the menu.
* - items: A nested list of menu items. Each menu item contains:
* - attributes: HTML attributes for the menu item.
* - below: The menu item child items.