Skip to content

Instantly share code, notes, and snippets.

View vesan's full-sized avatar

Vesa Vänskä vesan

133 followers · 105 following
View GitHub Profile
@tannerlinsley
tannerlinsley / README.md
Last active June 12, 2023 10:19

This middleware does a few interesting things:

  • Ensures a url shape in the zustand store, where we'll store URL information.
  • Assumes we will be storing our url state slice in the ?state search parameter after it has been stringified and base 64 encoded.
  • On creation, decodes stores state from the ?state search parameter into the url slice of our store.
  • After each state update, updates the ?state search parameter with the new url state slice.
  • Sets up an event listener that listens for popstate and re-decodes the state from the URL into our store.
@gaearon
gaearon / 00-README-NEXT-SPA.md
Last active June 9, 2025 05:45
Next.js SPA example with dynamic client-only routing and static hosting

Next.js client-only SPA example

Made this example to show how to use Next.js router for a 100% SPA (no JS server) app.

You use Next.js router like normally, but don't define getStaticProps and such. Instead you do client-only fetching with swr, react-query, or similar methods.

You can generate HTML fallback for the page if there's something meaningful to show before you "know" the params. (Remember, HTML is static, so it can't respond to dynamic query. But it can be different per route.)

Don't like Next? Here's how to do the same in Gatsby.

@amkisko
amkisko / application_view_record.rb
Last active October 15, 2023 08:44
Rails application view record for using pure sql files as source of base query for the model
# AUTHOR: Andrei Makarov (github.com/amkisko)
class ApplicationViewRecord < ApplicationRecord
self.abstract_class = true
def self.attribute_names
@attribute_names ||= attribute_types.keys
end
def self.load_schema!
@motoyasu-saburi
motoyasu-saburi / lack_escape_content-disposition_filename.md
Last active March 4, 2025 05:49
Land Mine named "Content-Disposition > filename"

TL;DR

  • I found 1 browser, 1 language, and 15 vulnerabilities in { Web Framework, HTTP Client library, Email library / Web Service, etc }
  • All the vulnerabilities I found were found from a single perspective (I investigated maybe 50-80 products).
  • The RFC description of the problem (rather confusingly) describes the requirements for this problem, while the WHATWG > HTML Spec is well documented.
  • The problem is clearly targeted at the Content-Disposition fields filename and filename*.
  • This problem affects HTTP Request/Response/Email in different ways.
    • HTTP Request : request tampering (especially with file contents, tainting of other fields, etc.)
    • HTTP Response : Reflect File Download vulnerability
  • Email : Attachment tampering (e.g., extension and filename tampering and potential file content tampering)
@amkisko
amkisko / form.html.erb
Last active December 15, 2022 09:07
leaflet osm address search and reverse coordinates lookup with stimulus for Rails
<div data-controller="address-form">
<%= simple_form_for(address, url: address_path(address)) do |f| %>
<%= f.text_field :address, "data-address-form-target" => "address" %>
<%= f.hidden_field :address_lon, "data-address-form-target" => "addressLon" %>
<%= f.hidden_field :address_lat, "data-address-form-target" => "addressLat" %>
<div data-address-form-target="addressMapContainer" style="width: 500px; height: 500px; margin-left: -3.6rem;"></div>
<%= f.button :submit %>
<% end %>
</div>
@amkisko
amkisko / cleanup_apollo_schema_variants.rb
Last active November 24, 2022 15:01
Apollo Studio graph variants cleanup script (uses git branches for matching existing variants)
#!/usr/bin/env ruby
# USAGE:
# APOLLO_SCHEMA_KEY=service:... APOLLO_SCHEMA_NAME=Project-Name ./cleanup_apollo_schema_variants.rb
require "pry"
require "uri"
require "json"
require "net/http"
@shawnmclean
shawnmclean / rss-contentful.js
Created November 2, 2022 00:24
Spotify Podcast RSS to Contentful Migration
import { env } from "process";
import * as Parser from "rss-parser";
import slufigy from "slugify";
import * as Contentful from "contentful-management";
import { htmlToText } from "html-to-text";
const client = Contentful.createClient({
accessToken: env.ACCESS_TOKEN,
});
@kaspth
kaspth / routes.rb
Last active April 6, 2023 16:57
`draw` method to explore routes in the console
# All these requires are just for running via `irb`, if using `bin/rails console` you probably just need the method.
require "active_support/all" # Got an inflector NoMethodError, so I'm just being lazy here.
require "action_dispatch"
require "action_dispatch/routing/route_set"
require "action_dispatch/routing/inspector"
require "action_controller" # For the ActionController::Parameters autoload, which any route helper uses.
# Console helper play around with the routing DSL and tweak an individual route you're building.
@peteristhegreat
peteristhegreat / MacOS-colima-docker.md
Last active November 22, 2023 15:17
Colima 0.4.4 on MacOS, Attempt #2

Back in January, I tried colima and hit a snag on getting onto AWS ECR boxes. It ends up it was probably an issue with not being able to use the existing credentials file and I could have fixed it...

Today (Aug 2022) I am giving it another college try.

brew upgrade colima
ls -l $(which docker)
brew install docker
ln -s /Applications/Docker.app/Contents/Resources/bin/docker /usr/local/bin/docker-desktop
brew link --overwrite docker

brew install docker-credential-helper

@amkisko
amkisko / active_job_sidekiq_running.rb
Last active August 25, 2022 12:13
ActiveJob extension for checking if sidekiq job is running or awaiting in queues
# filepath: app/lib/sidekiq_running.rb
# source_url: https://github.com/eljojo/sidekiq-running
# usage: `include ActiveJobSidekiqRunning` to job class
module ActiveJobSidekiqRunning
def self.included(base)
base.extend ClassMethods
end
module ClassMethods