Skip to content

Instantly share code, notes, and snippets.

View samuelkarani's full-sized avatar

Samuel Karani Mbaabu samuelkarani

34 followers · 59 following
  • University of California, Berkeley
  • Paris, France
View GitHub Profile
@samuelkarani
samuelkarani / helpers.js
Created April 26, 2021 13:04
export function validURL(string) {
const pattern = new RegExp(
"^(https?:\\/\\/)?" + // protocol
"((([a-z\\d]([a-z\\d-]*[a-z\\d])*)\\.)+[a-z]{2,}|" + // domain name
"((\\d{1,3}\\.){3}\\d{1,3}))" + // OR ip (v4) address
"(\\:\\d+)?(\\/[-a-z\\d%_.~+]*)*" + // port and path
"(\\?[;&a-z\\d%_.~+=-]*)?" + // query string
"(\\#[-a-z\\d_]*)?$",
"i"
); // fragment locator
@samuelkarani
samuelkarani / JWT-build-your-own.js
Last active January 6, 2022 17:03
//Original Reference: https://guseyn.com/posts/simple-jwt
function payloadWithExpirationTime (payload, minutesFromNow) {
let date = new Date()
date.setMinutes(date.getMinutes() + minutesFromNow)
payload.exp = date.getTime()
return payload
}
@samuelkarani
samuelkarani / apiGrid.controllers-refactor.js
Created August 7, 2022 16:31
const {
UpdateCounterPartyRisk,
UpdateAssetCounterPartyRisk,
UpdateCounterPartyRiskWithAlerts,
UpdateAssetCounterPartyRiskWithAlerts,
UpdateDDCounterPartyRisk,
UpdateHitStatus,
UpdateBatchStatus,
} = require("@schemas/grid");
const axios = require("axios");
@samuelkarani
samuelkarani / csrf.html
Created December 14, 2022 09:50
<html>
<body>
<button onclick="aml()">test aml</button>
<button onclick="eurazeo()">test eurazio</button>
<script>
history.pushState("", "", "/");
</script>
<script>
function submitRequest(url) {
var xhr = new XMLHttpRequest();
@samuelkarani
samuelkarani / eicar.txt
Created December 14, 2022 10:19
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
@samuelkarani
samuelkarani / script.html
Created December 14, 2022 10:21
<script>
alert("I am a malicious file");
</script>
@samuelkarani
samuelkarani / client-mime-check.js
Last active December 16, 2022 11:09
import * as fileType from 'file-type';
const MIN_FILE_SIZE = 0;
const MAX_FILE_SIZE = Number.MAX_SAFE_INTEGER;
const ALLOWED_FILE_MIMETYPES: string[] = [];
function validateFileSize(file: File): boolean {
return file.size >= MIN_FILE_SIZE && file.size <= MAX_FILE_SIZE;
}
function validateFileMimetype(file: File): Promise<boolean> {
@samuelkarani
samuelkarani / user-authorization.js
Last active December 16, 2022 11:13
const ROLES = {...}
// middleware
function checkRole(role) {
return (req, res, next) => {
if (req.user.role !== role) {
res.status(401)
return res.send('Not allowed')
}
@samuelkarani
samuelkarani / server-virus-scanning.js
Last active December 16, 2022 11:14
const NodeClam = require('clamscan');
module.exports = async function scanFile(filePath) {
console.log(`Attempting virus scan for ${filePath}`);
const clamscan = await new NodeClam().init({
remove_infected: true,
debug_mode: false,
scan_recursively: false,
@samuelkarani
samuelkarani / convert-upload-to-file.js
Created December 19, 2022 16:43
const fs = require('fs');
const crypto = require("crypto");
app.post('/upload', async (req, res) => {
const randomId = crypto.randomBytes(16).toString("hex");
const filePath = __dirname + "/uploads/" + randomId;
const writeStream = fs.createWriteStream(filePath);
writeStream.on('finish', () => {
const { is_infected, viruses } = await scanFile(filePath);
if (!is_infected) {