Alex Taylor mctaylorpants
mctaylorpants
/ request_forgery_protection.rb
Created
July 30, 2017 23:35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # actionpack/lib/action_controller/metal/request_forgery_protection.rb | |
| # Sets the token value for the current session. | |
| def form_authenticity_token(form_options: {}) | |
| masked_authenticity_token(session, form_options: form_options) | |
| end | |
| # Creates a masked version of the authenticity token that varies | |
| # on each request. The masking is used to mitigate SSL attacks | |
| # like BREACH. |
mctaylorpants
/ csrf_helper.rb
Last active
January 5, 2024 12:07
CSRF protection in Rails - #csrf_meta_tags
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # actionview/lib/action_view/helpers/csrf_helper.rb | |
| def csrf_meta_tags | |
| if defined?(protect_against_forgery?) && protect_against_forgery? | |
| [ | |
| tag("meta", name: "csrf-param", content: request_forgery_protection_token), | |
| tag("meta", name: "csrf-token", content: form_authenticity_token) | |
| ].join("\n").html_safe | |
| end | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # EvalRuby: Run Ruby without leaving Neovim | |
| # | |
| # Usage: | |
| # - While on a line of Ruby, or in Visual mode | |
| # with multiple lines selected, type :EvalRuby. | |
| # | |
| # Installation: | |
| # 1. Install neovim-ruby: https://github.com/neovim/neovim-ruby | |
| # | |
| # 2. Put this file in your plugins directory |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # 1. Load up a YouTube video | |
| # 2. Hit "t" to launch "Theatre Mode" | |
| # 3. Use this code to enter REAL theatre mode! | |
| $("#columns").remove();$("#container").remove();$("body > ytd-app").setAttribute("style", "background: black") |
mctaylorpants
/ rails_5_1_callback_halting_monitor.rb
Last active
May 2, 2020 14:03
Better callback deprecation warnings for Rails 5.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # A monkey-patch to make detecting deprecated | |
| # callbacks easier, because a stack trace is | |
| # not the greatest when it comes to callbacks. | |
| # | |
| # | |
| # Original code: | |
| # https://github.com/rails/rails/blob/c4d3e202e10ae627b3b9c34498afb45450652421/activesupport/lib/active_support/callbacks.rb#L766-L788 | |
| require "active_support/callbacks" | |
| module ActiveSupport |
mctaylorpants
/ callback_halting.rb
Created
March 26, 2020 18:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def self.halting(callback_sequence, user_callback, halted_lambda, filter) | |
| callback_sequence.before do |env| | |
| target = env.target | |
| value = env.value | |
| halted = env.halted | |
| unless halted | |
| result_lambda = -> { user_callback.call target, value } | |
| env.halted = halted_lambda.call(target, result_lambda) |
mctaylorpants
/ callback_deprecation_warning.rb
Created
March 26, 2020 18:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def display_deprecation_warning_for_false_terminator | |
| ActiveSupport::Deprecation.warn(<<-MSG.squish) | |
| Returning `false` in Active Record and Active Model callbacks will not implicitly halt a callback chain in Rails 5.1. | |
| To explicitly halt the callback chain, please use `throw :abort` instead. | |
| MSG | |
| end |
mctaylorpants
/ deprecated_false_terminator.rb
Last active
March 26, 2020 18:55
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def deprecated_false_terminator # :nodoc: | |
| Proc.new do |target, result_lambda| | |
| terminate = true | |
| catch(:abort) do | |
| result = result_lambda.call if result_lambda.is_a?(Proc) | |
| if Callbacks.halt_and_display_warning_on_return_false && result == false | |
| display_deprecation_warning_for_false_terminator | |
| else | |
| terminate = false | |
| end |
mctaylorpants
/ downcase_filenames.rb
Last active
February 28, 2020 18:47
Modify case-sensitive filenames on macOS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # Converts all characters in a filename to lowercase on macOS, where by default | |
| # the filesystem is case-insensitive. | |
| # Usage: | |
| # Pass a glob pattern to the script: | |
| # ruby downcase_filenames.rb spec/cassettes/**/*.yml | |
| begin |
mctaylorpants
/ request_forgery_protection.rb
Last active
June 14, 2019 16:09
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def compare_with_real_token(token, session) # :doc: | |
| ActiveSupport::SecurityUtils.fixed_length_secure_compare(token, real_csrf_token(session)) | |
| end |
NewerOlder