XSS 测试用例
><script>alert(document.cookie)</script>
='><script>alert(document.cookie)</script>
"><script>alert(document.cookie)</script>
<script>alert(document.cookie)</script>
<script>alert (vulnerable)</script>
%3Cscript%3Ealert('XSS')%3C/script%3E
cvan
/ less2stylus.js
Last active
May 12, 2021 10:13
— forked from MoOx/less2stylus.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Usage : less2stylusDir('../src/css/'); | |
| var fs = require('fs'); | |
| // this less 2 stylus conversion script make a stylus easy to read syntax | |
| // - let the braces | |
| // - replace the @ for var as $ | |
| // - let semicolons | |
| function less2stylus(less) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| window.onwheel = function (e) { | |
| e.preventDefault(); | |
| if (e.ctrlKey) { | |
| // Your zoom/scale factor | |
| scale -= e.deltaY * 0.01; | |
| } else { | |
| // Your trackpad X and Y positions | |
| posX -= e.deltaX * 2; | |
| posY -= e.deltaY * 2; |
stigok
/ githook.js
Last active
July 30, 2023 09:46
Verify GitHub webhook signature header in Node.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * Verify GitHub webhook signature header in Node.js | |
| * Written by stigok and others (see gist link for contributor comments) | |
| * https://gist.github.com/stigok/57d075c1cf2a609cb758898c0b202428 | |
| * Licensed CC0 1.0 Universal | |
| */ | |
| const crypto = require('crypto') | |
| const express = require('express') | |
| const bodyParser = require('body-parser') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| for (var i = 0; i < 1024 * 1024; i++) { | |
| process.nextTick(function () { Math.sqrt(i) } ) | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const compareColor = (color, property) => (targetElement) => { | |
| const tempElement = document.createElement('div'); | |
| tempElement.style.color = color; | |
| tempElement.style.display = 'none'; // make sure it doesn't actually render | |
| document.body.appendChild(tempElement); // append so that `getComputedStyle` actually works | |
| const tempColor = getComputedStyle(tempElement).color; | |
| const targetColor = getComputedStyle(targetElement[0])[property]; | |
| document.body.removeChild(tempElement); // remove it because we're done with it |
numToStr
/ .zshrc.zinit
Last active
December 16, 2023 18:04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/zsh | |
| ### Added by Zinit's installer | |
| if [[ ! -f $HOME/.zinit/bin/zinit.zsh ]]; then | |
| print -P "%F{33}▓▒░ %F{220}Installing %F{33}DHARMA%F{220} Initiative Plugin Manager (%F{33}zdharma/zinit%F{220})…%f" | |
| command mkdir -p "$HOME/.zinit" && command chmod g-rwX "$HOME/.zinit" | |
| command git clone https://github.com/zdharma/zinit "$HOME/.zinit/bin" && \ | |
| print -P "%F{33}▓▒░ %F{34}Installation successful.%f%b" || \ | |
| print -P "%F{160}▓▒░ The clone has failed.%f%b" | |
| fi |
sand4rt
/ renderAsync.ts
Created
December 2, 2021 20:50
Vue Testing Library renderAsyc suspense workaround
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * WARNING 01-12-2021: Vue testing library doesn't support <Suspense> see: | |
| * https://github.com/testing-library/vue-testing-library/issues/230 | |
| * | |
| * The code below is copied from vue testing library | |
| * and modified to support <Suspense>: | |
| * https://github.com/testing-library/vue-testing-library/blob/main/src/render.js | |
| */ | |
| import { mount, flushPromises } from '@vue/test-utils'; |
mattratleph
/ vimdiff.md
Last active
May 9, 2024 03:11
— forked from roothybrid7/vimdiff_cheet.md
vimdiff cheat sheet
##git mergetool
In the middle file (future merged file), you can navigate between conflicts with ]c and [c.
Choose which version you want to keep with :diffget //2 or :diffget //3 (the //2 and //3 are unique identifiers for the target/master copy and the merge/branch copy file names).
:diffupdate (to remove leftover spacing issues)
:only (once you’re done reviewing all conflicts, this shows only the middle/merged file)
Last updated March 13, 2024
This Gist explains how to sign commits using gpg in a step-by-step fashion. Previously, krypt.co was heavily mentioned, but I've only recently learned they were acquired by Akamai and no longer update their previous free products. Those mentions have been removed.
Additionally, 1Password now supports signing Git commits with SSH keys and makes it pretty easy-plus you can easily configure Git Tower to use it for both signing and ssh.
For using a GUI-based GIT tool such as Tower or Github Desktop, follow the steps here for signing your commits with GPG.
OlderNewer