Skip to content

Instantly share code, notes, and snippets.

@peltho
peltho / svelte.md
Last active April 19, 2026 06:15
Svelte cheatsheet
@samsch
samsch / stop-using-jwts.md
Last active July 8, 2026 04:28
Stop using JWTs

Stop using JWTs!

TLDR: JWTs should not be used for keeping your user logged in. They are not designed for this purpose, they are not secure, and there is a much better tool which is designed for it: regular cookie sessions.

If you've got a bit of time to watch a presentation on it, I highly recommend this talk: https://www.youtube.com/watch?v=pYeekwv3vC4 (Note that other topics are largely skimmed over, such as CSRF protection. You should learn about other topics from other sources. Also note that "valid" usecases for JWTs at the end of the video can also be easily handled by other, better, and more secure tools. Specifically, PASETO.)

A related topic: Don't use localStorage (or sessionStorage) for authentication credentials, including JWT tokens: https://www.rdegges.com/2018/please-stop-using-local-storage/

The reason to avoid JWTs comes down to a couple different points:

  • The JWT specification is specifically designed only for very short-live tokens (~5 minute or less). Sessions
@ericremoreynolds
ericremoreynolds / client.html
Last active February 25, 2024 21:55
Flask-socket.io emit to specific clients
<html>
<body>
<h1>I feel lonely</h1>
<script type="text/javascript" src="//code.jquery.com/jquery-2.1.3.min.js"></script>
<script type="text/javascript" src="//cdnjs.cloudflare.com/ajax/libs/socket.io/0.9.16/socket.io.min.js"></script>
<script type="text/javascript" charset="utf-8">
var socket = io.connect('http://' + document.domain + ':' + location.port);
socket.on('connect', function() {
socket.emit('connected');
@nojvek
nojvek / Tinder Auto-liker
Last active November 12, 2021 18:28
Tinder Auto-liker script
<?php
// Licence: WTFPL ! http://www.wtfpl.net/about/
$fbAuth = array("facebook_id" => "123456789", "facebook_token" => "<Use charles proxy to do man-in-middle SSL sniffing and extract fb token>");
// Do the magic.
$tinderToken = tinderCall("auth", "token", $fbAuth); // Authenticate
$authToken = "X-Auth-Token: $tinderToken\r\nAuthorization: Token token=\"$tinderToken\"\r\n";
@staltz
staltz / introrx.md
Last active June 23, 2026 21:33
The introduction to Reactive Programming you've been missing
@nicktoumpelis
nicktoumpelis / repo-rinse.sh
Created April 23, 2014 13:00
Cleans and resets a git repo and its submodules
git clean -xfd
git submodule foreach --recursive git clean -xfd
git reset --hard
git submodule foreach --recursive git reset --hard
git submodule update --init --recursive
@larrybotha
larrybotha / A.markdown
Last active December 4, 2025 03:24
Fix SVGs not scaling in IE9, IE10, and IE11

Fix SVG in <img> tags not scaling in IE9, IE10, IE11

IE9, IE10, and IE11 don't properly scale SVG files added with img tags when viewBox, width and height attributes are specified. View this codepen on the different browsers.

Image heights will not scale when the images are inside containers narrower than image widths. This can be resolved in 2 ways.

Use sed in bash to remove width and height attributes in SVG files

As per this answer on Stackoverflow, the issue can be resolved by removing just the width and height attributes.

@evansdiy
evansdiy / guid.js
Created December 11, 2012 07:44
Generate fake GUID(also known as UUID) by using javascript
// original from http://guid.us/GUID/JavaScript
function S4() {
return (((1+Math.random())*0x10000)|0).toString(16).substring(1);
}
function generateGuid() {
return (S4() + S4() + "-" + S4() + "-4" + S4().substr(0,3) + "-" + S4() + "-" + S4() + S4() + S4()).toLowerCase();
}
@MohamedAlaa
MohamedAlaa / tmux-cheatsheet.markdown
Last active July 5, 2026 20:32
tmux shortcuts & cheatsheet

tmux shortcuts & cheatsheet

start new:

tmux

start new with session name:

tmux new -s myname
@jlong
jlong / uri.js
Created April 20, 2012 13:29
URI Parsing with Javascript
var parser = document.createElement('a');
parser.href = "http://example.com:3000/pathname/?search=test#hash";
parser.protocol; // => "http:"
parser.hostname; // => "example.com"
parser.port; // => "3000"
parser.pathname; // => "/pathname/"
parser.search; // => "?search=test"
parser.hash; // => "#hash"
parser.host; // => "example.com:3000"