sysctl -w fs.file-max=12000500
sysctl -w fs.nr_open=20000500
# Set the maximum number of open file descriptors
ulimit -n 20000000
# Set the memory size for TCP with minimum, default and maximum thresholds
sysctl -w net.ipv4.tcp_mem='10000000 10000000 10000000'
Angelo Weiss FerraBraiZ
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script> | |
| let _iframe = document.createElement("iframe"); | |
| _iframe.setAttribute("src", `https://google.com`); | |
| _iframe.style.width = "100%"; | |
| _iframe.style.height = "50vh"; | |
| _iframe.style.border = "0px"; | |
| _iframe.onloadend = function () { | |
| console.info("https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/loadend_event"); | |
| }; | |
| _iframe.onload = function () { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script> | |
| /* Originally taken from: https://www.tikalk.com/posts/2017/11/23/your-filename/ */ | |
| (function(){ | |
| let iframe, domain, doc, where,url; | |
| try { | |
| url = '//locahost:8080/public/friendly-iframe.js'; | |
| iframe = document.createElement('iframe'); | |
| iframe.src = 'javascript:false'; | |
| iframe.title = ''; | |
| iframe.role='presentation'; |
FerraBraiZ
/ HTTP_X_FORWARDED_FOR_Properly_Done.php
Created
June 29, 2019 14:22
HTTP_X_FORWARDED_FOR properly done
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| In the light of the latest httpoxy (https://httpoxy.org/) vulnerabilities, | |
| there is really a need for a full example, how to use HTTP_X_FORWARDED_FOR properly. | |
| So here is an example written in PHP, how to detect a client IP address, if you know | |
| that client may be behind a proxy and you know this proxy can be trusted. | |
| If you don't known any trusted proxies, just use REMOTE_ADDR | |
| */ |
FerraBraiZ
/ CORS simple request safelist.txt
Last active
April 9, 2021 17:19
PHP CORS-safelisted request-header
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Problemas de CORS | |
| Fonte: https://developer.mozilla.org/pt-BR/docs/Web/HTTP/Controle_Acesso_CORS#Requisi%C3%A7%C3%B5es_simples (TL;DR;) | |
| o Navegador de internet bloqueia requisições que não sejam consideradas simples e seguras, “CORS-safelisted request-header”, ou seja a sua requisição é barrada no proprio navegador e o webserver ( nginx, apache, lighthttpd, etc... ) nem chega a passar (passthrough) a requisição para o PHP ou outro CGI. | |
| ok! mas como eu corrijo ou mitigo esse comportamento??? | |
| -> https://gist.github.com/FerraBraiZ/22335146a814b6309fab0a8d6cf9683c | |
| e Afinal o que são requisições simples? |
FerraBraiZ
/ S3-CORS-config.xml
Last active
August 21, 2019 00:21
— forked from zxbodya/S3-CORS-config.xml
Client side uploads to s3, with pre-signed upload form (PHP/JS)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> | |
| <CORSRule> | |
| <AllowedOrigin>*</AllowedOrigin> | |
| <AllowedMethod>PUT</AllowedMethod> | |
| <AllowedMethod>POST</AllowedMethod> | |
| <AllowedMethod>GET</AllowedMethod> | |
| <AllowedMethod>HEAD</AllowedMethod> | |
| <MaxAgeSeconds>3000</MaxAgeSeconds> | |
| <AllowedHeader>*</AllowedHeader> |
FerraBraiZ
/ Slack incoming webhook with php guzzle
Last active
October 16, 2023 16:25
Slack incoming webhook with php guzzle
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| ini_set('ignore_repeated_errors', 'On'); | |
| ini_set('html_errors', 'On'); | |
| ini_set('display_errors', 'On'); | |
| error_reporting(E_ALL); | |
| date_default_timezone_set('America/Sao_Paulo'); | |
| // Composer autoloading | |
| if (file_exists('vendor/autoload.php')) { |
FerraBraiZ
/ network-tweak.md
Created
November 25, 2019 14:51
— forked from mustafaturan/network-tweak.md
Linux Network Tweak for 2 million web socket connections
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* BOOLEAN UTILS */ | |
| const isFunction = value => value && (Object.prototype.toString.call(value) === "[object Function]" || "function" === typeof value || value instanceof Function); | |
| const isReady = (condition, fn) => { | |
| if (document.readyState == "complete" && eval('typeof ' + condition) !== 'undefined' && condition) { | |
| fn(); | |
| } else { | |
| setTimeout(function () { | |
| isReady(condition, fn); | |
| }, 100); |
FerraBraiZ
/ Desabilitar o CORS
Last active
June 28, 2025 00:49
Desabilitar o CORS ( --disable-web-security ) no Linux e Windows no Google Chrome ou Chromium para fins de teste.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| no Linux abra um terminal ( shell ): | |
| google-chrome --disable-web-security --user-data-dir="/tmp/" | |
| chromium-browser --disable-web-security --user-data-dir="/tmp/" | |
| no Windows abra um terminal ( shell ) | |
| C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --disable-web-security --user-data-dir="c:/tmp" |
FerraBraiZ
/ GitHub curl.sh
Created
March 3, 2020 16:29
— forked from Integralist/GitHub curl.sh
Download a single file from a private GitHub repo. You'll need an access token as described in this GitHub Help article: https://help.github.com/articles/creating-an-access-token-for-command-line-use
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl --header 'Authorization: token INSERTACCESSTOKENHERE' \ | |
| --header 'Accept: application/vnd.github.v3.raw' \ | |
| --remote-name \ | |
| --location https://api.github.com/repos/owner/repo/contents/path | |
| # Example... | |
| TOKEN="INSERTACCESSTOKENHERE" | |
| OWNER="BBC-News" | |
| REPO="responsive-news" |