Mars Hall mars
mattetti
/ rails_json_session.rb
Last active
September 23, 2020 07:04
This is a monkey patch to change Rails 4's default session/signed cookie serializer from Marshal to JSON for security and compatibility reasons.
Note that this is a hack, a pretty terrible one and you should only use it if you know what you're doing. Also, I only wrote this patch for my own personal use, so don't be surprised if it doesn't work …
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Hack to change the Rails cookie serializer from Marshal to JSON and therefore allow the session | |
| # to be shared between different languages but also avoid that someone knowing the | |
| # cookie secret key could execute arbitrary code on the server by unmarshalling | |
| # modified Ruby code added to the session/permanent cookie. | |
| # | |
| # Note that all users will beed to login again since both the remember me cookie and the session cookies | |
| # won't be valid. Note also that the remember me cookie is tested multiple times per request even when it fails. | |
| # for performance reasons you might want to delete it if these extra cycles are too costly for you. | |
| # | |
| # Rails 4 (not tested on Rails 3). |
jcoglan
/ install_rubby.md
Last active
January 4, 2016 20:39
First, you install ruby-build and chruby. ruby-build is a program that knows how to download and build different ruby versions. chruby manages $PATH to control which ruby gets invoked in your shell. They work completely independently.
sudo su
cd /usr/src
git clone https://github.com/sstephenson/ruby-build.git
cd ruby-build
./install.sh
cd -
lelandbatey
/ whiteboardCleaner.md
Last active
April 25, 2024 02:01
Whiteboard Picture Cleaner - Shell one-liner/script to clean up and beautify photos of whiteboards!
This simple script will take a picture of a whiteboard and use parts of the ImageMagick library with sane defaults to clean it up tremendously.
The script is here:
#!/bin/bash
convert "$1" -morphology Convolve DoG:15,100,0 -negate -normalize -blur 0x1 -channel RBG -level 60%,91%,0.1 "$2"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /*! | |
| * jQuery JavaScript Library v2.1.1pre | |
| * http://jquery.com/ | |
| * | |
| * Includes Sizzle.js | |
| * http://sizzlejs.com/ | |
| * | |
| * Copyright 2005, 2014 jQuery Foundation, Inc. and other contributors | |
| * Released under the MIT license | |
| * http://jquery.org/license |
gruber
/ Liberal Regex Pattern for Web URLs
Last active
April 22, 2024 19:02
Liberal, Accurate Regex Pattern for Matching Web URLs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| The regex patterns in this gist are intended only to match web URLs -- http, | |
| https, and naked domains like "example.com". For a pattern that attempts to | |
| match all URLs, regardless of protocol, see: https://gist.github.com/gruber/249502 | |
| # Single-line version: | |
| (?i)\b((?:https?:(?:/{1,3}|[a-z0-9%])|[a-z0-9.\-]+[.](?:com|net|org|edu|gov|mil|aero|asia|biz|cat|coop|info|int|jobs|mobi|museum|name|post|pro|tel|travel|xxx|ac|ad|ae|af|ag|ai|al|am|an|ao|aq|ar|as|at|au|aw|ax|az|ba|bb|bd|be|bf|bg|bh|bi|bj|bm|bn|bo|br|bs|bt|bv|bw|by|bz|ca|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co|cr|cs|cu|cv|cx|cy|cz|dd|de|dj|dk|dm|do|dz|ec|ee|eg|eh|er|es|et|eu|fi|fj|fk|fm|fo|fr|ga|gb|gd|ge|gf|gg|gh|gi|gl|gm|gn|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie|il|im|in|io|iq|ir|is|it|je|jm|jo|jp|ke|kg|kh|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly|ma|mc|md|me|mg|mh|mk|ml|mm|mn|mo|mp|mq|mr|ms|mt|mu|mv|mw|mx|my|mz|na|nc|ne|nf|ng|ni|nl|no|np|nr|nu|nz|om|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|ps|pt|pw|py|qa|re|ro|rs|ru|rw|sa|sb|sc|sd|se|sg|sh|si|s |
hongrich
/ gist:9176925
Last active
August 29, 2015 13:56
Diff between http://opensource.apple.com/source/Security/Security-55179.13/libsecurity_ssl/lib/sslKeyExchange.c and http://opensource.apple.com/source/Security/Security-55471/libsecurity_ssl/lib/sslKeyExchange.c when the Apple SSL bug was introduced
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| static OSStatus | |
| SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams, | |
| uint8_t *signature, UInt16 signatureLen) | |
| { | |
| OSStatus err; | |
| SSLBuffer hashOut, hashCtx, clientRandom, serverRandom; | |
| uint8_t hashes[SSL_SHA1_DIGEST_LEN + SSL_MD5_DIGEST_LEN]; | |
| SSLBuffer signedHashes; | |
| uint8_t *dataToSign; | |
| size_t dataToSignLen; |
hbrysiewicz
/ jsbin.geyit.css
Created
April 17, 2014 22:54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* Put your CSS here */ | |
| html, body { | |
| margin: 20px; | |
| } | |
| input: { | |
| padding: 8px; | |
| border-radius: 4px; | |
| } | |
| .color-swatch { |
simenbrekken
/ context.js
Created
April 24, 2014 12:48
Manipulating React immutable stores with context
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var Application = React.createClass({ | |
| childContextTypes: { | |
| createProduct: React.PropTypes.func | |
| }, | |
| getChildContext: function() { | |
| return { | |
| createProduct: this.createProduct | |
| } | |
| }, |
staltz
/ introrx.md
Last active
May 7, 2024 09:38
The introduction to Reactive Programming you've been missing
(by @andrestaltz)
If you prefer to watch video tutorials with live-coding, then check out this series I recorded with the same contents as in this article: Egghead.io - Introduction to Reactive Programming.