tkt028

Programming Achievements: How to Level Up as a Developer

This gist is part of a blog post. Check it out at:

http://jasonrudolph.com/blog/2011/08/09/programming-achievements-how-to-level-up-as-a-developer

tkt028

// Get current stack trace in Java
// - http://stackoverflow.com/questions/1069066/get-current-stack-trace-in-java
// - http://stackoverflow.com/questions/944991/is-there-a-way-to-dump-a-stack-trace-without-throwing-an-exception-in-java
// - http://javarevisited.blogspot.com/2013/04/how-to-get-current-stack-trace-in-java-thread.html

import org.apache.commons.lang.exception.ExceptionUtils;

public void testGetListElevesOfClassInEnclassmentForNonViecourante() {
    String fullStackTrace = ExceptionUtils.getFullStackTrace(new Throwable("TKT Unit Test"));
    System.out.println(fullStackTrace);

tkt028

// @Note: Sample code from Broadleaf

@Entity
@Inheritance(strategy = InheritanceType.JOINED)
@Table(name = "BLC_CUSTOMER", uniqueConstraints = @UniqueConstraint(columnNames = { "USER_NAME" }))
public class CustomerImpl implements Customer, AdminMainEntity {

    @Id
    @Column(name = "CUSTOMER_ID")
    protected Long id;

tkt028

; IMPORTANT INFO ABOUT GETTING STARTED: Lines that start with a
; semicolon, such as this one, are comments.  They are not executed.

; This script has a special filename and path because it is automatically
; launched when you run the program directly.  Also, any text file whose
; name ends in .ahk is associated with the program, which means that it
; can be launched simply by double-clicking it.  You can have as many .ahk
; files as you want, located in any folder.  You can also run more than
; one .ahk file simultaneously and each will get its own tray icon.

tkt028

• To re-compile all packages in ELPA, type M-: (byte-recompile-directory package-user-dir nil 'force) - stackoverflow

tkt028

• What does "Refresh" and "Project -> Clean, Build" do in Eclipse?
  • https://wiki.eclipse.org/FAQ_When_should_I_use_refreshLocal%3F
  • http://www.coderanch.com/t/104846/vc/Eclipse-refresh-clean
  • http://www.coderanch.com/t/528330/vc/Project-Clean-Eclipse
• http://stackoverflow.com/questions/9415076/does-refreshing-in-eclipse-also-clean-the-project

tkt028

Installing Arch:


sudo vim /etc/pacman.conf
Update packages list: sudo pacman -Syy
run sudo pacman -Syu  before installing any software (to update the repositories first)

* Timing issue:
    - Change hardware clock to use UTC time:
        sudo timedatectl set-local-rtc 0

tkt028

#
# Working with branches
#

# Get the current branch name (not so useful in itself, but used in
# other aliases)
branch-name = "!git rev-parse --abbrev-ref HEAD"
# Push the current branch to the remote "origin", and set it to track
# the upstream branch
publish = "!git push -u origin $(git branch-name)"

tkt028

tl;dr

1. Don't run as root.
2. For sessions, set httpOnly (and secure to true if running over SSL) when setting cookies.
3. Use the Helmet for secure headers: https://github.com/evilpacket/helmet
4. Enable csrf for preventing Cross-Site Request Forgery: http://expressjs.com/api.html#csrf
5. Don't use the deprecated bodyParser() and only use multipart explicitly. To avoid multiparts vulnerability to 'temp file' bloat, use the defer property and pipe() the multipart upload stream to the intended destination.

tkt028

Secure sessions are easy, but it's not very well documented, so I'm changing that.  
Here's a recipe for secure sessions in Node.js when NginX is used as an SSL proxy:

The desired configuration for using NginX as an SSL proxy is to offload SSL processing 
and to put a hardened web server in front of your Node.js application, like:

[NODE.JS APP] <- HTTP -> [NginX] <- HTTPS -> [CLIENT]

To do this, here's what you need to do: