Skip to content

Instantly share code, notes, and snippets.

Avatar

Serhii Khoma srghma

View GitHub Profile
View MindTrash.md

How to debug sublime plugins:

  • install rpdb through pip
  • import rpdb; rpdb.set_trace()
  • telnet 127.0.0.1 4444

Разница между CSRF (Cross-Site Request Forgery) и XSS (Cross-Site Scripting)

Оба - атака на пользователя, в отличие от SQL Injection (атака на сервер)

XSS:
  • цель - заставить браузер жертв(ы) исполнить код
View notes
# connect
ssh centos@pubip_or_dns
ssh -i ~/.ssh/amazon/us-east-1 centos@pubip_or_dns
# add local key
paste ~/.ssh/id_rsa.pub to ~/.ssh/authorized_keys
# filezilla
https://forums.aws.amazon.com/thread.jspa?messageID=741338 but interactive
@srghma
srghma / fn.js
Created Jan 18, 2018
doAsyncOnSubmit
View fn.js
function doAsyncOnSubmit(form, asyncFn) {
const onSubmitFunction = async function(e) {
e.preventDefault()
form.off('submit', onSubmitFunction)
const doSubmit = await asyncFn()
if (doSubmit) {
form.submit()
@srghma
srghma / Postgraphile questions
Last active Feb 27, 2018
Postgraphile questions
View Postgraphile questions
Solved questions:
- how to send email after calling function? - postgres listen, notify
Unsolved questions:
- postgresql multidispatch functions?
- how to upload image and save it in db? (maybe schema stitching)
- rails like polymorphic relations?
- how to make vdare like role permissions?
View gist:b6220f7439334bd98f0b3908538f5191
export DB_NAME=
export DB_USER=
mysqldump -p -u "$DB_USER" "$DB_NAME" | gzip > "$HOME/$DB_NAME-backup-$(date +%F).sql.gz"
@srghma
srghma / 0-ELFINDER TOKEN AUTHENTICATION, rails, tinymce, elfinder, nginx.md
Last active Mar 9, 2018
ELFINDER TOKEN AUTHENTICATION, rails, tinymce, elfinder, nginx
View 0-ELFINDER TOKEN AUTHENTICATION, rails, tinymce, elfinder, nginx.md

This is an example of using elfinder with bcrypt tokens.

It works like this:

  • backend and elfinder knows about secret token
  • user can access elfinder on localhost:8000/elFinder/elfinder.html, but cant write without token
  • backend adds hashed token to url only on some pages (admin panel for example)
  • tinymce opens elfinder.html in iframe with hashed token, elfinder.html iframe pass this token to connector, connector validates token
  • I use nginx to bypass cors issue

Sorry can provide more elaborate exmaple (proprietary software)

@srghma
srghma / Makefile
Last active Jun 11, 2018
nixops files from some of my project
View Makefile
make_dhparam:
openssl dhparam -out backend/dhparams.pem 2048
nixops_create:
nixops create '<base.nix>'
nixops_purge:
nixops destroy --all
nixops delete --all
@srghma
srghma / Server crashes Ive experienced and their causes.md
Last active Jul 23, 2018
Server crashes Ive experienced and their causes
View Server crashes Ive experienced and their causes.md

Rails, bad configuration

We thought it was memory leak, but it was bad configuration

configuration that didnt work before:

  1. puma (RAILS_MAX_THREADS: 8, WEB_CONCURRENCY: 8)
  2. db pool - 10
  3. memory cache
You can’t perform that action at this time.