Skip to content

Instantly share code, notes, and snippets.

@mala
mala / memcachedos.pl
Created August 13, 2010 11:49
DoS for memcached
#!/usr/local/bin/perl
# DoS tool for memcached
# ulimit -n 15000; perl memcachedos.pl 127.0.0.1 11211 3
# original: http://gist.github.com/522741
# This is Public Domain Software
use strict;
use warnings;
use AnyEvent;
/*
* epoll_sample.c
*
* forked from http://d.hatena.ne.jp/odz/20070507/1178558340
*
* compile : gcc -O3 -o epoll_sample epoll_sample.c
* bench : ab -n 10000 -c 50 http://localhost:8080/
*
* fix me :)
*

Sass/Less Comparison

In this document I am using Sass's SCSS syntax. You can choose to use the indented syntax in sass, if you prefer it, it has no functional differences from the SCSS syntax.

For Less, I'm using the JavaScript version because this is what they suggest on the website. The ruby version may be different.

Variables

@uasi
uasi / create-chrome-launcher.sh
Created March 23, 2011 05:31
Create an .app that launches Google Chrome with a specified profile
#!/bin/sh
#
# Create Google Chrome launcher (for Mac)
#
CHROME_APP="/Applications/Google Chrome.app"
CHROME_PROFILE_DIR="$HOME/Library/Application Support/Google/Chrome"
echo "Enter profile name: \c"
@mala
mala / jquery_patch.pl
Created June 21, 2011 14:57
quick patch script for jQuery http://bugs.jquery.com/ticket/9521
#!perl
# perl jquery_patch.pl jquery-n.nn.min.js > jquery-n.nn.min.patched.js
$old = join "|", map quotemeta, (
q{/^[^<]*(<(.|\s)+>)[^>]*$|^#(\w+)$/},
q{/^[^<]*(<[\w\W]+>)[^>]*$|^#([\w-]+)$/},
q{/^(?:[^<]*(<[\w\W]+>)[^>]*$|#([\w\-]+)$)/}
);
$new = q{/^(?:\s*(<[\w\W]+>)[^>]*$|#([\w\-]*)$)/};
@perusio
perusio / apache_killer.pl
Created August 20, 2011 16:24
Apache Killer by KingCope exploits mod_deflate vulnerability
#Apache httpd Remote Denial of Service (memory exhaustion)
#By Kingcope
#Year 2011
#
# Will result in swapping memory to filesystem on the remote side
# plus killing of processes when running out of swap space.
# Remote System becomes unstable.
#
use IO::Socket;
@hamano
hamano / tuningathon2_memo.txt
Created October 3, 2011 12:40
hamano's gist: 第2回 Tuningathon チューニングメモ
# 第2回 Tuningathon チューニングメモ
このメモは @hamano が [第2回 Tuningathon][1] に参加した際に行ったチュー
ニングポイントと感想です。
[1]: http://www.zusaar.com/event/agZ6dXNhYXJyDQsSBUV2ZW50GLmFBgw "第2弾!いろいろチューニングしてパフォーマンスを競うバトルイベント開催!「Tuningathon」2!! #tuningathon"
今回のお題は MediaWiki への参照性能という事でまたPHPか! とは思いました
が2台構成可、Web Serverの入れ替え可、という条件でしたのでチューニングの
範囲が大きく広がった様に感じました。
@tily
tily / scaling_isomorphic_javascript_code.ja.markdown
Last active May 1, 2023 09:03
サバクラ両方で動く JavaScript の大規模開発を行うために

サバクラ両方で動く JavaScript の大規模開発を行うために

原文:Scaling Isomorphic Javascript Code (This is just for study, please contact me at tily05 atmark gmail.com if any problem.)

考えてみれば Model-View-Controller とか MVC ってよく聞くよね。実際どんなものか知ってる? 抽象的に言うなら「オブジェクト情報の保持されるグラフィック・システム (つまり、ラスターではないグラフィック。ゲームとか) 上に構築された、表示系を中心としたアプリケーションにおいて、主要な機能どうしの関わりをうまく分離すること」とでも言おうか。もう少し深く考えを押し進めてみれば、これは当然、他のさまざまなアプリケーションにもあてはまる言葉 (bucket term ?) だ。

過去に多くの開発コミュニティが MVC による解決案を提供し、それによってよくあるユースケースにうまく対処し、地位を築くことができた。例をあげるなら、Ruby や Python コミュニティは Rails や Django を作り、MVC アーキテクチャを実現した。

Proposal for Improving Mass Assignment

For a while, I have felt that the following is the correct way to improve the mass assignment problem without increasing the burden on new users. Now that the problem with the Rails default has been brought up again, it's a good time to revisit it.

Sign Allowed Fields

When creating a form with form_for, include a signed token including all of the fields that were created at form creation time. Only these fields are allowed.

To allow new known fields to be added via JS, we could add:

Security Alert - Please reset your npm registry account
==================================================
The security of the npm registry has just been upgraded. This corrects a known
flaw which led to the leakage of the password_sha and salt fields. The good
news is that the leak is plugged. The bad news is that it existed for quite a
while.
tl;dr