Skip to content

Instantly share code, notes, and snippets.

Lim H. limdauto

Block or report user

Report or block limdauto

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@limdauto
limdauto / vm-controller-distinction.js
Last active Dec 19, 2015
VM/Controller in Mithril Discussion
View vm-controller-distinction.js
// some model holding data state
class TodoItem {
constructor() {
this.isAchieved = m.prop(false);
}
}
// vm holds application state -- http://lhorie.github.io/mithril-blog/what-is-a-view-model.html
class TodoVM extends SomeEventEmitter {
constructor() {
@limdauto
limdauto / gulpfile.js
Created Dec 30, 2014
Lim's todojs build
View gulpfile.js
'use strict';
var _ = require('lodash'),
browserify = require('browserify'),
compass = require('gulp-compass'),
concat = require('gulp-concat'),
conf = require('config'),
console = require('console-browserify'),
del = require('del'),
gulp = require('gulp'),
View gist:2a23f946e2b3717beef0
function parseMilliseconds_ (timeframe) {
var now = new Date().getTime();
var milliseconds = {
'hour': 60 * 60 * 1000,
'day': 24 * 60 * 60 * 1000,
'week': 7 * 24 * 60 * 60 * 1000,
'4weeks': 4 * 7 * 24 * 60 * 60 * 1000
};
if (milliseconds[timeframe])
View casperjs.cheatsheet.js
// PhantomJS Cheatsheet
$ brew update && brew install phantomjs // install PhantomJS with brew
phantom.exit();
var page = require('webpage').create();
page.open('http://example.com', function() {});
page.evaluate(function() { return document.title; });
View redirector.php
<?php
// Suppose attacker A cannot get a directory listing from MySite Inc. hidden JavaScript folders at http://mysite.com/hidden
// However, a cloud service B which provides JS compressing service is used by MySite Inc and therefore has accessed
// to the listing. Service B has a webpage called redirector.php which uses dynamic url input.
// Attacker A can simply use this redirector to get to the listing by accessing
// http://serviceb.com/reidrector.php?url=hidden
$redirect_url = $_GET['url'];
header("Location: http://mysite.com/" . $redirect_url);
View csrf.html
<!--
Source: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)
Alice is current authenticated in her bank website at bank.com. Maria, an attacker, can trick Alice
into sending her money through forging a request with Maria as the recipient of Alice's money and tricking Alice into
issuing the request against bank.com. This trick works because Alice is currently authenticated on bank.com and authorized
to send her money.
-->
<a href="http://bank.com/transfer.do?acct=MARIA&amount=100000">View my Pictures!</a>
View xss.php
<?php
// credit http://onwebdevelopment.blogspot.com/2008/08/xss-cross-site-scrpting-and-stealing.html
// XSS URL: xsss.php?name=%3Cscript%3Ewindow.onload=function(){alert(document.forms[0].password);}%3C/script%3E
// saved passwords will be accessed through document.forms[0].password
// and can easily be sent to the attackers via AJAX
echo $_GET['name'];
?>
<form action="login.php">
@limdauto
limdauto / karma-e2e.conf.js
Last active Dec 19, 2015
Karma E2E Config
View karma-e2e.conf.js
basePath = '../';
files = [
ANGULAR_SCENARIO,
ANGULAR_SCENARIO_ADAPTER,
'app/controllers.js',
'tests/e2e/*.js'
];
autoWatch = false;
@limdauto
limdauto / karma.conf.js
Created Jul 4, 2013
Karma Unit Test Config
View karma.conf.js
// Karma configuration
// Generated on Thu Jul 04 2013 01:24:00 GMT+0700 (ICT)
// base path, that will be used to resolve files and exclude
basePath = '../';
// list of files / patterns to load in the browser
files = [
@limdauto
limdauto / google_python_style.md
Last active Sep 1, 2016
Lim's implementation of Google Python Style Guide
View google_python_style.md

1. Automated style checking

Google recommends pychecker but either pylint or pyflakes will do as well. See this question on stackoverflow for a discussion of their advantages and disadvantages.

2. Indentation

4 spaces. No tab. 80-column wide. Period.

3. Blank lines

2 blank lines after top-level

def fnc1:
You can’t perform that action at this time.