Skip to content

Instantly share code, notes, and snippets.

@cerebrl
cerebrl / 1-securing-express.md
Last active October 7, 2024 23:16
Securing ExpressJS

tl;dr

  1. Don't run as root.
  2. For sessions, set httpOnly (and secure to true if running over SSL) when setting cookies.
  3. Use the Helmet for secure headers: https://github.com/evilpacket/helmet
  4. Enable csrf for preventing Cross-Site Request Forgery: http://expressjs.com/api.html#csrf
  5. Don't use the deprecated bodyParser() and only use multipart explicitly. To avoid multiparts vulnerability to 'temp file' bloat, use the defer property and pipe() the multipart upload stream to the intended destination.
@joepie91
joepie91 / express-server-side-rendering.md
Last active July 26, 2024 09:56
Rendering pages server-side with Express (and Pug)

Terminology

  • View: Also called a "template", a file that contains markup (like HTML) and optionally additional instructions on how to generate snippets of HTML, such as text interpolation, loops, conditionals, includes, and so on.
  • View engine: Also called a "template library" or "templater", ie. a library that implements view functionality, and potentially also a custom language for specifying it (like Pug does).
  • HTML templater: A template library that's designed specifically for generating HTML. It understands document structure and thus can provide useful advanced tools like mixins, as well as more secure output escaping (since it can determine the right escaping approach from the context in which a value is used), but it also means that the templater is not useful for anything other than HTML.
  • String-based templater: A template library that implements templating logic, but that has no understanding of the content it is generating - it simply concatenates together strings, potenti
@benjamincharity
benjamincharity / autonomous.txt
Last active October 24, 2024 21:53
Instructions on how to reset the autonomous desk. This fixes a problem where the desk will not lower (also reportedly fixes incorrectly reported heights).
> Thank you for reaching out to Autonomous! I am sorry to hear that you are having some trouble with your SmartDesk
> but I will be glad to assist. It sounds like your system needs a "hard reset" can I please have you follow these
> steps thoroughly.
Reset Steps:
1. Unplug the desk for 20 seconds. Plug it back in. Wait a full 20 seconds.
2. Press the up and down buttons until the desk lowers all the way and beeps or 20 seconds pass.
3. Release both buttons.
4. Press the down buttons until the desk beeps one more time or 20 seconds pass.

ServiceNow UI Developer cheat sheet


Utility URLs

URL Purpose
/stats.do Quick stats
/cache.do Clear your instance cache
@bmaupin
bmaupin / free-database-hosting.md
Last active November 16, 2024 22:43
Free database hosting
@lovromazgon
lovromazgon / README.md
Last active November 4, 2024 22:27
Schedule starting/stopping a CloudSQL instance on GCP

To use this cloud function follow these steps:

  1. Create a pub/sub topic which will be used to trigger the cloud function.
  2. Create the cloud function and copy in the code below.
    1. Make sure to set the correct project ID in line 8.
    2. Set the trigger to Pub/Sub and choose the topic created in step 1.
  3. Create a cloud scheduler job to trigger the cloud function on a regular basis.
    1. Choose the frequency when you want the cloud function to be triggered.
    2. Set the target to Pub/Sub and define the topic created in step 1.
    3. The payload should be set to start [CloudSQL instance name] or stop [CloudSQL instance name] to start or stop the specified instance (e.g. start my_cloudsql_instance will start the CloudSQL instance with the name my_cloudsql_instance)
@Fanna1119
Fanna1119 / countries.js
Created October 2, 2022 15:13
object literal for country info using ISO 2 as key
const c = {
"AF": {
"Country": "Afghanistan",
"Alpha-2 code": "AF",
"Alpha-3 code": "AFG",
"Numeric code": 4,
"Latitude (average)": 33,
"Longitude (average)": 65,
"emoji_flag": "🇦🇫"
},