Skip to content

Instantly share code, notes, and snippets.

View oscarychen's full-sized avatar

Oscar Y Chen oscarychen

23 followers · 9 following
  • Calgary
View GitHub Profile
@oscarychen
oscarychen / csp.md
Last active January 19, 2023 04:07
Content Security Policy explained

Content Security Policy (CSP)

CSP limits our site from making requests to other sites, controls what resources the page is allowed to load. It limits the damage even if malicious code is running in a user's browser within our site's context.

Common examples

  • Content-Security-Policy: default-src ‘self’ Prevents loading resources from other domains. Prevents inline scripts, such as <script>alert('hello')</script>.

  • Content-Security-Policy: default-src ‘self’ *.trusted.com

@oscarychen
oscarychen / drf-exception-handling.md
Last active January 25, 2025 15:25
Exception handling in Django REST Framework

Exception Handling in Django REST Framework

In Django REST Framework views (this includes anything that might be called from a view), anytime when an exception occurs it will get handled by the framework.

  • If the Exception is DRF APIException, or Django PermissionDenied, the View will return the appropriate HTTP response with a HTTP status code and detail about the error.
  • If the Exception is other types of Django or Python Exceptions, HTTP 500 response will be returned.

To provide more customized error response with the appropriate status code, you will want to raise a subclass of APIException:

from rest_framework.exceptions import ValidationError
@oscarychen
oscarychen / rust_notes.md
Last active November 15, 2022 16:50
Rust notes

Cargo commands

cargo new <project_name>: start new project

cargo run: compile and run project

cargo build: build executable

Language basics

Primitive types

bool: boolean

@oscarychen
oscarychen / go_notes.md
Last active February 2, 2024 18:27
Go notes

Go commands

go mod init: start new module, this will put a "go.mod" file in the current directory

go get <package>: install dependency

go run <module_name>: Run

go build <module_name>: compile executable

Language basics

@oscarychen
oscarychen / postgres_ltree.sql
Created March 11, 2023 02:07
Postgres Ltree Cheatsheet
CREATE EXTENSION ltree;
CREATE TABLE test (path ltree);
-- Top
-- / | \
-- Science Hobbies Collections
-- / | \
-- Astronomy Amateurs_Astronomy Pictures
@oscarychen
oscarychen / django_design_pattern.md
Last active April 10, 2025 13:54
Building Django project like a Java developer: design pattern for complex web projects

Background

Django and Django REST Framework are designed around Active Records design pattern where each Record Object represents a “living” database record that can be interacted with where the changes as resulted of the interaction is reflected on the underlying database record automatically. This has allowed many of Django's libraries including Django REST Framework to access data and modify data from all parts of the application, and thus encourages vertically integrated features where behaviors that are defined by Models, such as using ModelSerializer and ModelViewset.

Challenges

This design pattern presents several areas of concerns:

  • Tight coupling: mixes data access and business logic, violates Single Responsibility, makes unit test difficult. DRF Serializer is one such example that does much more than what the name suggests, it not only serializes data but also performs CRUD operation on models.
  • Performance limitation: heavy object creation and retrieval for simple database operati