Ryan Grove rgrove

## infinite-loop-trick.log
$ cat test.js
function foo () { while (true) { } }
function bar () { return foo(); }
bar();
$ node test.js &
$ gdb attach $(pidof node)
0x00000bf778c63d5f in ?? ()
(gdb) b v8::internal::Runtime_StackGuard
Breakpoint 1 at 0x84a1f0
(gdb) print 'v8::V8::TerminateExecution'(0)

## getAbsoluteBoundingRect.js
/**
Returns a bounding rect for _el_ with absolute coordinates corrected for
scroll positions.

The native `getBoundingClientRect()` returns coordinates for an element's
visual position relative to the top left of the viewport, so if the element
is part of a scrollable region that has been scrolled, its coordinates will
be different than if the region hadn't been scrolled.

This method corrects for scroll offsets all the way up the node tree, so the

## .bashrc
# MAC manipulators
alias random_mac='sudo ifconfig en0 ether `openssl rand -hex 6 | sed "s/\(..\)/\1:/g; s/.$//"`'
alias restore_mac='sudo ifconfig en0 ether YOUR_ORIGINAL_MAC_ADDRESS_GOES_HERE'

## .zshrc
gifify() {
  if [[ -n "$1" ]]; then
    if [[ $2 == '--good' ]]; then
      ffmpeg -i $1 -r 10 -vcodec png out-static-%05d.png
      time convert -verbose +dither -layers Optimize -resize 600x600\> out-static*.png  GIF:- | gifsicle --colors 128 --delay=5 --loop --optimize=3 --multifile - > $1.gif
      rm out-static*.png
    else
      ffmpeg -i $1 -s 600x400 -pix_fmt rgb24 -r 10 -f gif - | gifsicle --optimize=3 --delay=3 > $1.gif
    fi
  else

## anonymous
// pre-ES5 IE version
var dict = (function() {
    var PROPERTY_KEYS = [
        "hasOwnProperty",
        "isPrototypeOf",
        "propertyIsEnumerable"
        "valueOf",
        "toString",
        "toLocaleString",
        "constructor"

## rules-both.iptables
###############################################################################
# The MIT License
#
# Copyright 2012-2014 Jakub Jirutka <jakub@jirutka.cz>.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is

## gist:3658306
{
    // enforcing options (true means potentially more warnings)

    "bitwise":      true,   // true if bitwise operators should not be allowed
    "curly":        true,   // true if curly braces should be required around blocks in loops and conditionals
    "eqeqeq":       true,   // true if === should be required (for ALL equality comparisons)
    "forin":        false,  // true if unfiltered 'for in' statements should be forbidden
    "immed":        true,   // true if immediate function invocations must be wrapped in parens
    "newcap":       true,   // true if Initial Caps must be used with constructor functions
    "noarg":        true,   // true if arguments.caller and arguments.callee should be forbidden

## multi-yui.js
YUI.add('multi', function (Y) {

/**
Loads different versions of YUI in sandboxed iframes and makes them available
for use in the parent frame by exposing them as properties on a `Y.Multi`
instance.

This is primarily intended to be used for testing. You probably shouldn't use it
for anything real.

## node-scroll-info.js
/*!
Copyright (c) 2012 Ryan Grove. All rights reserved.

Redistribution and use of this software in source and binary forms, with or
without modification, are permitted provided that the following conditions are
met:

  * Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.

## gist:2025242

      
        
          
            
              
              1 file
            
          
          
            
              
              0 forks
            
          
          
            
              
              17 comments
            
          
          
            
              
              2 stars
            
          
        
        
          
              
          
          
            
                rgrove
                / gist:2025242
            
            
              Created
              March 12, 2012 22:56
            
              
                YUI Attribute Value Filters proposal
              
          
        
      
        
  
      
    Attribute Value Filters

With more and more application logic moving to the client, and with YUI becoming more popular on the server, it's increasingly important to design APIs that handle user input safely. Currently, YUI modules that store user input in attributes must do one of two things: either escape user strings before setting an attribute, or escape them manually before using them.
Escaping automatically before storing the value is safest, but also inconvenient if you sometimes need the unescaped value, since you must then store two versions (probably in two different attributes). This can lead to API clutter and confusion. Escaping manually before use avoids API clutter but increases the likelihood of mistakes, and also clutters up the codebase in general. It significantly increases the chances that another developer who is unaware of the need to escape the value will inadvertently introduce a security vulnerability.
Proposal

Attribute should provide a consistent, pluggable API for retrieving
	$ cat test.js
	function foo () { while (true) { } }
	function bar () { return foo(); }
	bar();
	$ node test.js &
	$ gdb attach $(pidof node)
	0x00000bf778c63d5f in ?? ()
	(gdb) b v8::internal::Runtime_StackGuard
	Breakpoint 1 at 0x84a1f0
	(gdb) print 'v8::V8::TerminateExecution'(0)
	/**
	Returns a bounding rect for _el_ with absolute coordinates corrected for
	scroll positions.

	The native `getBoundingClientRect()` returns coordinates for an element's
	visual position relative to the top left of the viewport, so if the element
	is part of a scrollable region that has been scrolled, its coordinates will
	be different than if the region hadn't been scrolled.

	This method corrects for scroll offsets all the way up the node tree, so the
	# MAC manipulators
	alias random_mac='sudo ifconfig en0 ether `openssl rand -hex 6 \| sed "s/\(..\)/\1:/g; s/.$//"`'
	alias restore_mac='sudo ifconfig en0 ether YOUR_ORIGINAL_MAC_ADDRESS_GOES_HERE'
	gifify() {
	if [[ -n "$1" ]]; then
	if [[ $2 == '--good' ]]; then
	ffmpeg -i $1 -r 10 -vcodec png out-static-%05d.png
	time convert -verbose +dither -layers Optimize -resize 600x600\> out-static*.png GIF:- \| gifsicle --colors 128 --delay=5 --loop --optimize=3 --multifile - > $1.gif
	rm out-static*.png
	else
	ffmpeg -i $1 -s 600x400 -pix_fmt rgb24 -r 10 -f gif - \| gifsicle --optimize=3 --delay=3 > $1.gif
	fi
	else
	// pre-ES5 IE version
	var dict = (function() {
	var PROPERTY_KEYS = [
	"hasOwnProperty",
	"isPrototypeOf",
	"propertyIsEnumerable"
	"valueOf",
	"toString",
	"toLocaleString",
	"constructor"
	###############################################################################
	# The MIT License
	#
	# Copyright 2012-2014 Jakub Jirutka <jakub@jirutka.cz>.
	#
	# Permission is hereby granted, free of charge, to any person obtaining a copy
	# of this software and associated documentation files (the "Software"), to deal
	# in the Software without restriction, including without limitation the rights
	# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
	# copies of the Software, and to permit persons to whom the Software is
	{
	// enforcing options (true means potentially more warnings)

	"bitwise": true, // true if bitwise operators should not be allowed
	"curly": true, // true if curly braces should be required around blocks in loops and conditionals
	"eqeqeq": true, // true if === should be required (for ALL equality comparisons)
	"forin": false, // true if unfiltered 'for in' statements should be forbidden
	"immed": true, // true if immediate function invocations must be wrapped in parens
	"newcap": true, // true if Initial Caps must be used with constructor functions
	"noarg": true, // true if arguments.caller and arguments.callee should be forbidden
	YUI.add('multi', function (Y) {

	/**
	Loads different versions of YUI in sandboxed iframes and makes them available
	for use in the parent frame by exposing them as properties on a `Y.Multi`
	instance.

	This is primarily intended to be used for testing. You probably shouldn't use it
	for anything real.
	/*!
	Copyright (c) 2012 Ryan Grove. All rights reserved.

	Redistribution and use of this software in source and binary forms, with or
	without modification, are permitted provided that the following conditions are
	met:

	* Redistributions of source code must retain the above copyright notice, this
	list of conditions and the following disclaimer.