| import gevent | |
| from gevent import monkey | |
| monkey.patch_socket() | |
| import hashlib | |
| import os | |
| import redis | |
For a while, I have felt that the following is the correct way to improve the mass assignment problem without increasing the burden on new users. Now that the problem with the Rails default has been brought up again, it's a good time to revisit it.
When creating a form with form_for, include a signed token including all of the fields that were created at form creation time. Only these fields are allowed.
To allow new known fields to be added via JS, we could add:
##How Homakov hacked GitHub and the line of code that could have prevented it
Please note: THIS ARTICLE IS NOT WRITTEN BY THE GITHUB TEAM or in any way associated with them. It's simply hosted as a Gist because the markdown formatting is excellent and far clearer than anything I could manage on my personal Tumblr at peternixey.com.
If you'd like to follow me on twitter my handle is @peternixey
| (function(d) { | |
| var dl = d.createElement('a'); | |
| dl.innerText = 'Download MP3'; | |
| dl.href = "http://media.soundcloud.com/stream/"+d.querySelector('#main-content-inner img[class=waveform]').src.match(/\.com\/(.+)\_/)[1]; | |
| dl.download = d.querySelector('em').innerText+".mp3"; | |
| d.querySelector('.primary').appendChild(dl); | |
| dl.style.marginLeft = '10px'; | |
| dl.style.color = 'red'; | |
| dl.style.fontWeight = 700; | |
| })(document); |
| #!/usr/bin/env sh | |
| ## | |
| # This is script with usefull tips taken from: | |
| # https://github.com/mathiasbynens/dotfiles/blob/master/.osx | |
| # | |
| # install it: | |
| # curl -sL https://raw.github.com/gist/2108403/hack.sh | sh | |
| # |
| // The contents of this file are subject to the Mozilla Public License | |
| // Version 1.1 (the "License"); you may not use this file except in | |
| // compliance with the License. You may obtain a copy of the License | |
| // at http://www.mozilla.org/MPL/ | |
| // | |
| // Software distributed under the License is distributed on an "AS IS" | |
| // basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See | |
| // the License for the specific language governing rights and | |
| // limitations under the License. | |
| // |
L1 cache reference ......................... 0.5 ns
Branch mispredict ............................ 5 ns
L2 cache reference ........................... 7 ns
Mutex lock/unlock ........................... 25 ns
Main memory reference ...................... 100 ns
Compress 1K bytes with Zippy ............. 3,000 ns = 3 µs
Send 2K bytes over 1 Gbps network ....... 20,000 ns = 20 µs
SSD random read ........................ 150,000 ns = 150 µs
Read 1 MB sequentially from memory ..... 250,000 ns = 250 µs
Locate the section for your github remote in the .git/config file. It looks like this:
[remote "origin"]
fetch = +refs/heads/*:refs/remotes/origin/*
url = [email protected]:joyent/node.git
Now add the line fetch = +refs/pull/*/head:refs/remotes/origin/pr/* to this section. Obviously, change the github url to match your project's URL. It ends up looking like this:
| begin; | |
| create table user_ratings ( | |
| id serial primary key, | |
| user_id integer not null, | |
| rating integer not null check (rating >= 0 and rating <= 5), | |
| ratable_id integer not null | |
| ); | |
| create function random_int(max integer) returns integer as $$ |
The git command-line utility has plenty of inconsistencies http://steveko.wordpress.com/2012/02/24/10-things-i-hate-about-git/
A GUI like http://sourcetreeapp.com is often helpful, but staying on the command line usually quicker. This is a list of the commands I use most frequently, listed by functional category:
git status list which (unstaged) files have changed