# This example does an AJAX lookup and is in CoffeeScript
$('.typeahead').typeahead(
# source can be a function
source: (typeahead, query) ->
# this function receives the typeahead object and the query string
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
require 'rubygems' | |
require 'nifty' | |
require 'dozens' | |
require 'net/ssh' | |
NIFTY_ACCESS_KEY = "-----" | |
NIFTY_SECRET_KEY = "-----" | |
DOZENS_API_KEY = "-----" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class HashWithMethod < Hash | |
def self.from(hash) | |
instance = self.new | |
hash.symbolize_keys.each do |key, value| | |
case value | |
when Hash | |
value = self.from(value) | |
when Array | |
value = value.map { |v| from_any(v) } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/php | |
<?php | |
switch($argc) { | |
case 1: | |
case 2: | |
echo "please input new site url and wp directory name!\n"; | |
exit(); | |
default: | |
$old_site = isset($argv[3]) ? $argv[3] : ''; | |
$path = $argv[2]; |
http://co3k.org/blog/csrf-token-should-not-be-session-id について。
この記事では触れられていませんが、
- むかし、セッションIDをHTMLソース中に埋め込んでも脅威は変わらないと主張した人がいました
- 正確には「hiddenの値のみ漏れやすいような特殊な脆弱性が無ければ」という前提であったけれど、実際にそのようなバグはあったし、予見されていた。
- とても影響のある人だったので、色々なサイトや書籍がその方法を紹介し、安全なウェブサイトの作り方にも載ってしまいました
この際ハッキリ言っておくべきだと思うので書きますが、そもそもセッションIDを(HTMLソース中に埋め込む)CSRF対策トークンとして使うのは間違いでした。最初から間違っていたのです。正確に言うとCSRFの話は関係ないですね。CSRF関係なく、特に「単体で」セッションハイジャックが可能になるような値を、HTMLソース中に埋め込むべきではありません。
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// Issues with sharing posts on Facebook: http://www.passwordincorrect.com/issue-with-sharing-wordpress-posts-to-facebook/ | |
// Add this chunck of code in your functions.php or anywhere else in your theme files. | |
// Register action for post status transitions | |
add_action( 'transition_post_status' , 'purge_future_post', 10, 3); | |
// Check if the new transition is publish, for correctness you could check if $old_status == 'pending', but I want that every post (which is published) is cached again (just to be sure). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
function japan_holiday() { | |
// カレンダーID | |
$calendar_id = urlencode('japanese__ja@holiday.calendar.google.com'); | |
// 取得期間 | |
$start = date("Y-01-01\T00:00:00\Z"); | |
$end = date("Y-12-31\T00:00:00\Z"); |