carlware

tl;dr

1. Don't run as root.
2. For sessions, set httpOnly (and secure to true if running over SSL) when setting cookies.
3. Use the Helmet for secure headers: https://github.com/evilpacket/helmet
4. Enable csrf for preventing Cross-Site Request Forgery: http://expressjs.com/api.html#csrf
5. Don't use the deprecated bodyParser() and only use multipart explicitly. To avoid multiparts vulnerability to 'temp file' bloat, use the defer property and pipe() the multipart upload stream to the intended destination.

carlware

import redis
import threading

class Listener(threading.Thread):
    def __init__(self, r, channels):
        threading.Thread.__init__(self)
        self.redis = r
        self.pubsub = self.redis.pubsub()
        self.pubsub.subscribe(channels)
    

carlware

# https://groups.google.com/forum/#!topic/django-rest-framework/WTZ0H6dyJe4

class TranslateSerializer(serializers.ModelSerializer):
    def __init__(self, *args, **kwargs):
        super(TranslateSerializer, self).__init__(*args, **kwargs)
        self.translate_fields = getattr(self.Meta, 'translate_fields', ())
        if kwargs.get('context', None):
            self.lang = utils.get_request_language(kwargs['context'].get('request', None))

    def to_native(self, obj):

carlware

angular.module('ClientSuccess.services').factory 'fileService', (authService, $q, $rootScope)->
  service = {}

  service.uploadAvatar = (file) ->
    deferred = $q.defer()
    apiAuth = authService.enableAuth()
    query =
      binary: null
      id: null
    postIt = () ->

carlware

# This is an example resource file for rTorrent. Copy to
# ~/.rtorrent.rc and enable/modify the options as needed. Remember to
# uncomment the options you wish to enable.

# Maximum and minimum number of peers to connect to per torrent.
min_peers = 1
max_peers = 100

# Same as above but for seeding completed torrents (-1 = same as downloading)

carlware

# -*- coding: utf-8 -*-
'''
Tricky admin -> xadmin merger.
Alex Moiseenko aka IMDagger.
'''
import logging
import types
from functools import wraps, update_wrapper
from django.http import HttpRequest
from django.contrib.admin import ModelAdmin

carlware

.directive('directiveName', [function () {
  var directiveDefinitionObject = {
    priority: 0,
    template: '<div></div>', // or // function(tElement, tAttrs) { ... },
    // or
    // templateUrl: 'directive.html', // or // function(tElement, tAttrs) { ... },
    replace: false,
    transclude: false,
    restrict: 'A',
    scope: false,

carlware

// Source: https://groups.google.com/forum/#!topic/angular/hVrkvaHGOfc
// jsFiddle: http://jsfiddle.net/pkozlowski_opensource/PxdSP/14/
// author: Pawel Kozlowski

var myApp = angular.module('myApp', []);

//service style, probably the simplest one
myApp.service('helloWorldFromService', function() {
    this.sayHello = function() {
        return "Hello, World!"

carlware

## .gitconfig

[alias]
	dt = difftool
	mt = mergetool
[diff]
	tool = bc3
[difftool]
	prompt = false
[difftool "bc3"]

carlware

"
" Prevent various Vim features from keeping the contents of pass(1) password
" files (or any other purely temporary files) in plaintext on the system.
"
" Either append this to the end of your .vimrc, or install it as a plugin with
" a plugin manager like Tim Pope's Pathogen.
"
" Author: Tom Ryder <[email protected]>
"