Skip to content

Instantly share code, notes, and snippets.

Avatar
🎯
Focusing

Rajesh Kumaravel rajeshkumaravel

🎯
Focusing
View GitHub Profile
@rajeshkumaravel
rajeshkumaravel / status_codes.json
Last active Apr 20, 2021
List of Node.js HTTP status codes
View status_codes.json
{
"100": "Continue",
"101": "Switching Protocols",
"102": "Processing",
"200": "OK",
"201": "Created",
"202": "Accepted",
"203": "Non-Authoritative Information",
"204": "No Content",
"205": "Reset Content",
View cls-tracer-test-app.js
'use strict'
const rTracer = require('cls-rtracer')
// first - configure winston logger
const { createLogger, format, transports } = require('winston')
const { combine, timestamp, printf } = format
// a custom format that outputs request id
@rajeshkumaravel
rajeshkumaravel / Portal_Editors_Local.md
Last active Jun 2, 2020
Running editors in portal local (Development Purpose)
View Portal_Editors_Local.md

Running editors in local (Development Purpore)


  • Create folder thirdparty/ under SunbirdEd-portal/src/app/client/src/
  • Download all editors from artifacts URL
  • Extract each archive to separate folder
  • Move the extracted folder(s) to thirdparty folder
  • Update environment variable file (devConfig) *
@rajeshkumaravel
rajeshkumaravel / commit-msg
Created Apr 24, 2020 — forked from opyate/commit-msg
JIRA code commit msg hook; presumes merges happen on remote (via PR mechanism, etc)
View commit-msg
#!/bin/sh
# .git/hooks/commit-msg
test "" != "$(egrep '[A-Z]{3,}-\d+' "$1")" || {
echo >&2 Commit message requires JIRA code.
exit 1
}
@rajeshkumaravel
rajeshkumaravel / README.md
Created Apr 24, 2020 — forked from dberstein/README.md
Git commit hook that prepends message with Jira issue(s) found in branch name (PR branch) otherwise requires message contains at least one Jira issue
View README.md

With this commit-msg git hook and your branch names have Jira reference(s), your commit messages will be automatically updated to include any missing reference(s) too.

Installation

Place contents of this gist's commit-msg file into your checkout's .git/hooks/commit-msg file and make it executable.

Bash

cd path/to/your/git/checkout \
&& install -vbm 755 <(curl -s https://gist.githubusercontent.com/dberstein/dcc50e171163c3f6e0f23b2b5de5dd49/raw/5e5372ff22a872321ad1f5469a4d579c15ce498a/commit-msg) "$(git rev-parse --git-dir)/hooks/commit-msg"
View user-media.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>MediaCapture and Streams API</title>
<meta name="viewport" content="width=device-width">
<link rel="stylesheet" href="main.css">
</head>
<body>
<header>
@rajeshkumaravel
rajeshkumaravel / How to make your NodeJS application or API secure.md
Created Jan 6, 2020
How to make your NodeJS application or API secure ?
View How to make your NodeJS application or API secure.md

How to make your NodeJS application or API secure ?


How to prevent these attacks from happening in your own project?

Preventing DOS Attacks

  1. First thing to consider when dealing with DOS attacks prevention is to limit the actual payload that user can submit to your app / api / service. You can limit the body payload using body-parser. If you are using ExpressJS as your backend framework, then you are golden. ExpressJS comes with built-in body-parser that you can use.
@rajeshkumaravel
rajeshkumaravel / nKafka.js
Last active Nov 13, 2019
Kafka Node - Consumer pause
View nKafka.js
// consumer1.js
const kafka = require('kafka-node');
const CONFIG = require('../config/index');
const _TOPIC = CONFIG.KAFKA.TOPICS.TOPIC_1;
try {
const { Consumer } = kafka;
const client = new kafka.KafkaClient(CONFIG.KAFKA.SERVER);
const consumer = new Consumer(
client,
View security.conf
# config to don't allow the browser to render the page inside an frame or iframe
# and avoid clickjacking http://en.wikipedia.org/wiki/Clickjacking
# if you need to allow [i]frames, you can use SAMEORIGIN or even set an uri with ALLOW-FROM uri
# https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options
add_header X-Frame-Options SAMEORIGIN;
# when serving user-supplied content, include a X-Content-Type-Options: nosniff header along with the Content-Type: header,
# to disable content-type sniffing on some browsers.
# https://www.owasp.org/index.php/List_of_useful_HTTP_headers
# currently suppoorted in IE > 8 http://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx