Skip to content

Instantly share code, notes, and snippets.

Avatar

Tim Ruffles timruffles

View GitHub Profile
@timruffles
timruffles / attack.md
Last active Nov 21, 2020
Chrome/Gmail attack received 11/03/2016. Not sure if the Chrome meta refresh + data:text,html technique is novel.
View attack.md

The following attack will display a "you've been signed out" page for GMail, and attempt to steal your account credentials.

DO NOT PUT ANY ACCOUNT CREDENTIALS INTO ANY TABS CREATED AFTER VISITING THESE LINKS :)

I received an email in my GMail inbox with a fake attachment image, styled to look like the real GMail attachment UI:

fake

This linked to a page that ended up displaying a fake "you've been signed out" link, via the data:text/html... URL feature of Chrome:

@timruffles
timruffles / next.md
Last active Jul 22, 2020
Next.js page request handling
View next.md

How Next.js responds to a page request with HTML

We create the next request handler function via app.getRequestHandler(). This returns a standard express handler, so we use it like expressApp.get('*', middlewareA(), middlewareB(), nextApp.getRequestHandler()).

When the handler is invoked:

  • Server#handleRequest (next-server/server/lib/next-server.js)
    • Parses URL + query string if not already done
  • Server#run
    • Searches for matching route
@timruffles
timruffles / count_functions_loc.sh
Created Jun 12, 2020
A bash script that counts go function and method lines of code (including whitespace and comments)
View count_functions_loc.sh
#!/bin/bash
#
# Usage: bash count_functions_loc.sh some/directory
set -euo pipefail
main() {
for f in $(find $1 -name '*.go' -not -name 'test_*.go'); do
count_funcs < "$f" | awk "{ print \"$f\", \$1, \$2 }"
done
@timruffles
timruffles / dyanmic_or_di_elixir.md
Last active Jun 11, 2020
Approaches to dependency-injection/dynamic dispatch in elixir
View dyanmic_or_di_elixir.md

In many production systems you'll want to have one module capable of talking to many potential implementations of a collaborator module (e.g a in memory cache, a redis-based cache etc). While testing it's useful to control which module the module under test is talking to.

Here are the approaches I can see. The two points that seem to divide the approaches are their tool-ability (dialyzer) and their ability to handle stateful implementations (which need a pid).

Passing modules

Modules are first class, so you can pass them in. Used in EEx, where passed module must implement a behaviour.

@timruffles
timruffles / google-sheets-formula.vb
Last active Jun 2, 2020
google sheets - uk stamp duty calculator, new rate (2015)
View google-sheets-formula.vb
// put this into a cell and then name a range 'housePrice'
=MIN(MAX(0,housePrice-250000),250000-125000)*0.02 + MIN(MAX(0,housePrice - 250000), 925000-250000) * 0.05 + MIN(MAX(0,housePrice - 9250000), 1500000-925000) * 0.1
@timruffles
timruffles / snake_camel_camel_snake.js
Last active May 21, 2020
snake to camel & visa-versa for JS
View snake_camel_camel_snake.js
(function() {
var _e = {};
_e.isPlainObject = function(obj) {
return obj && obj.constructor === Object;
};
_e.camelToSnakeCase = function(string) {
return string.replace(/\B[A-Z]/g,function(word) {
return "_" + word.toLowerCase();
@timruffles
timruffles / tmux_perms_fix.md
Last active Apr 17, 2020
fix for tmux not starting up due to permissions issues
View tmux_perms_fix.md

If you try to run tmux and get:

$ tmux
create session failed: : No such file or directory
$ strace -f -e trace=file tmux
...
[pid 15852] open("/dev/ptyp0", O_RDWR)  = -1 EACCES (Permission denied)

You don't have perms for the pseudoterminals. Add your user to the tty group

@timruffles
timruffles / go-quiz.go
Last active Aug 19, 2019
What does this program output, and why? Reason it out gophers! Answers in a spoiler block - https://github.com/dear-github/dear-github/issues/166#issuecomment-236342209
View go-quiz.go
package main
import "fmt"
func main() {
type person struct {
nickname string
}
ppl := []person{
@timruffles
timruffles / ban_random_int.sh
Created Jul 11, 2019
A bad way to generate a random init in a range using only bash built-ins. Useful in a pinch when you aren't sure what external programs are available.
View ban_random_int.sh
# Gets an int between min max inclusive very inefficiently, but
# only using bash built-ins. More inefficient the smaller the gap
#
# usage: n=$( bad_random_int 1000 2000 )
bad_random_int() {
local min=$1
local max=$2
local n=0
while [[ "$n" -lt "$min" ]] || [[ "$n" -gt "$max" ]]; do
View deps.js
function Container() {
this.call = exports.call.bind(null,this);
this._deps = {};
}
Container.prototype = {
get: function(dep) {
return this._deps[dep];
},
put: function(name,thing) {
if(typeof name === "object") {
You can’t perform that action at this time.