- Install composer-patches plugin
composer require cweagans/composer-patches
-
Download all the files (
*.diff&*.json) topatchessubdirectory of your project -
Add the following to your
composer.json:
"extra": {
Michal Špaček spaze
🔒
spaze
/ "Refresh DNS" RFC draft prompt.txt
Created
August 8, 2025 11:22
"Refresh DNS" RFC draft as written by ChatGPT because bots frustrate me
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| You are a RFC (Request For Comments, the Internet standards) document author. | |
| Please create a RFC document that would define a new HTTP response code in the | |
| 4xx range that would instruct the HTTP client to refresh their stale DNS records. | |
| Why? Because when moving a site to the new IP address, some HTTP clients still | |
| query the old iP even after many hours after the DNS record should be invalid | |
| because it has a TTL of 5 minutes or so. Format it using plain text, like the | |
| other RFC documents usually are. |
spaze
/ Reveal input details.js
Last active
February 18, 2025 22:37
A bookmarklet code to reveal input field content and details
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Add attributes as title tooltip | |
| document.querySelectorAll('input').forEach(function(element) { | |
| var attributes = []; | |
| for (i = 0; i < element.attributes.length; i++){ | |
| if (element.attributes[i].nodeName.toLowerCase() === 'title') { | |
| continue; | |
| } | |
| if (element.attributes[i].nodeName.toLowerCase() === 'type' && typeof element.originalType !== 'undefined') { | |
| var value = element.originalType; | |
| } else { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Optimize images for talk slides | |
| # Run in directory with images, it does the following: | |
| # 1. runs zopfli on all PNGs | |
| # 2. runs guetzli on all JPEGs | |
| # 3. creates lossy and lossless WebP, keeps the smaller one | |
| # 4. keeps the WebP if smaller than original | |
| GREEN=$(tput setaf 2) |
spaze
/ README-azure-storage-php-patches.md
Last active
March 24, 2022 17:45
azure-storage-php composer patches for cweagans/composer-patches
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -----BEGIN CERTIFICATE----- | |
| MIIDoTCCAomgAwIBAgIUHaHTeqKOXVJAuOJtLu3vqYfgVaAwDQYJKoZIhvcNAQEL | |
| BQAwYDELMAkGA1UEBhMCQ1oxDDAKBgNVBAgMA0ZvbzEMMAoGA1UEBwwDQmFyMQww | |
| CgYDVQQKDANCYXoxDjAMBgNVBAsMBVdhbGRvMRcwFQYDVQQDDA5zZWxmLnNpZ25l | |
| ZC5jejAeFw0yMTA2MDUyMTExMjRaFw0yMTA2MDYyMTExMjRaMGAxCzAJBgNVBAYT | |
| AkNaMQwwCgYDVQQIDANGb28xDDAKBgNVBAcMA0JhcjEMMAoGA1UECgwDQmF6MQ4w | |
| DAYDVQQLDAVXYWxkbzEXMBUGA1UEAwwOc2VsZi5zaWduZWQuY3owggEiMA0GCSqG | |
| SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUYp5WfN2Btdd1bg7uMP7nlUO5l4AXZXFq | |
| XIM/Vdv+1tZMaMeKMW9mwYJoXySUNJS5/ix8pPdZL7szGZ8tqMMAisdjmNMfvg0e | |
| mZu9/9yMh7vRDe/KU4u2rKPw4gvZNVx42ptIa1hAecjBwoVxysumBJh9HPo3z1d7 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| function index() | |
| { | |
| echo ascii('xsssk'); | |
| } | |
| function rick() | |
| { | |
| header('Location: https://media.giphy.com/media/Vuw9m5wXviFIQ/giphy.gif', true, 301); | |
| } |
spaze
/ find-cve-2020-15227.sh
Last active
April 10, 2025 06:26
CVE-2020-15227 nette/application RCE in-place patch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Find files in CVE-2020-15227 nette/application issue | |
| # by @spazef0rze | |
| # Run with `bash find-cve-2020-15227.sh`, works on Linux, FreeBSD, tested on Ubuntu 18.04, FreeBSD 11.4 | |
| # This is a universal finder for all affected versions. | |
| # Requirements: find, grep, bash (might work with your default shell but YMMV) | |
| # The fixes: |
spaze
/ cz-stripped-subdomains.txt
Last active
March 3, 2020 18:16
— forked from kokes/cz.txt
.cz domains *potentially* affected by this CAA problem https://letsencrypt.org/caaproblem/ - test at https://unboundtest.com/caaproblem.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Stripped subdomains (foo.example.com => example.com, doesn't mean example.com was in the original list) | |
| # regex [a-z*0-9\-]+\.cz(?=[ \]]) | |
| 05.cz | |
| 0e.cz | |
| 0oo.cz | |
| 1000miglia.cz | |
| 1000oken.cz | |
| 1000zkh.cz | |
| 1001.cz | |
| 1001hry.cz |
spaze
/ haveibeencaffeinated.php
Last active
May 9, 2019 19:04
https://www.michalspacek.com/top-10-coffee-brands-according-to-have-i-been-pwned
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // https://en.wikipedia.org/wiki/Category:Coffee_brands | |
| $covfefes = [ | |
| 'alterracoffeeroasters', | |
| 'angiangcoffee', | |
| 'angelinus', | |
| 'autocrat', | |
| 'barcaffe', | |
| 'batdorfbronson', | |
| 'bewleys', |
spaze
/ pbkdf2-symfony-polyfill.php
Last active
October 12, 2018 20:27
Symfony's PBKDF2 polyfill benchmark (TL;DR it's slow, DO NOT USE, use hash_pbkdf2 available in PHP 5.5+ if you must use PBKDF2 but just use password_hash) for the thread here https://twitter.com/spazef0rze/status/1050436425559302147
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| function hashPbkdf2($algorithm, $password, $salt, $iterations, $length = 0) | |
| { | |
| // Number of blocks needed to create the derived key | |
| $blocks = ceil($length / strlen(hash($algorithm, null, true))); | |
| $digest = ''; | |
| for ($i = 1; $i <= $blocks; $i++) { | |
| $ib = $block = hash_hmac($algorithm, $salt . pack('N', $i), $password, true); | |
| // Iterations | |
| for ($j = 1; $j < $iterations; $j++) { |
NewerOlder