Skip to content

Instantly share code, notes, and snippets.

View tzkmx's full-sized avatar
🐓
Empezando una nueva ruta

Jesus Franco tzkmx

🐓
Empezando una nueva ruta
12 followers · 49 following
View GitHub Profile
@tzkmx
tzkmx / autoCorrectionList.vb
Last active September 4, 2025 21:17
Lista de entradas de autocorrección (Macro de Word VBA)
Public Sub GenerarSoloConFormato()
Call AutoCorrectListFormatted(True)
End Sub
Public Sub GenerarListaAutocorreccion()
Call AutoCorrectListFormatted(False)
End Sub
Private Sub AutoCorrectListFormatted(Optional soloConFormato As Boolean = False)
Dim a As AutoCorrectEntry
@tzkmx
tzkmx / findings.md
Last active September 3, 2025 00:38
Moodle mini app embedded

Analysis of Moodle Dashboard Embedding Capabilities

This document summarizes the investigation into embedding custom JavaScript applications within a Moodle dashboard, showing the initial analysis and the final conclusion based on live testing.

Initial Analysis (Based on HTTP Headers and HTML)

  1. No Content-Security-Policy (CSP): The HTTP headers for the Moodle page were missing a Content-Security-Policy (CSP) header. A CSP header is the primary browser-level mechanism to control which external resources (like scripts) can be loaded. Its absence suggested that loading external scripts would be possible.

  2. HTML Sanitization Appears Minimal: An initial test of adding a simple HTML block with <div> and <h3> tags was successful, indicating that Moodle's own sanitization was not overly aggressive.

@tzkmx
tzkmx / LICENSE.txt
Created September 1, 2025 16:23
VBA Macro Password Recovery Procedure
The Artistic License 2.0
Copyright (c) 2000-2006, The Perl Foundation.
Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
Preamble
This license establishes the terms under which a given free software Package may be copied, modified, distributed, and/or redistributed. The intent is that the Copyright Holder maintains some artistic control over the development of that Package while still keeping the Package available as open source and free software.
You are always permitted to make arrangements wholly outside of this license directly with the Copyright Holder of a given Package. If the terms of this license do not permit the full use that you propose to make of the Package, you should contact the Copyright Holder and seek a different licensing arrangement.
Definitions
"Copyright Holder" means the individual(s) or organization(s) named in the copyright notice for the entire Package.
"Contributor" means any party that has contributed code or oth
@tzkmx
tzkmx / GEMINI_BEST_PRACTICES.md
Created August 22, 2025 22:39
gemini corrections

GEMINI Best Practices for Project Interaction

This document outlines a set of best practices for AI models when interacting with user projects. Adhering to these guidelines is critical for ensuring safety, consistency, and a productive collaboration.

1. Core Principles

  • User is the Priority: The user's instructions and feedback are the most important source of truth. If there is any ambiguity, ask for clarification rather than making an assumption.
  • Safety First: Never perform destructive actions (e.g., deleting files, modifying critical infrastructure) without explicit confirmation from the user. Always explain the potential impact of such actions before proceeding.
  • Clarity is Key: If the user's intent is unclear, ask for clarification. It is better to ask a question than to proceed with a wrong assumption.
@tzkmx
tzkmx / formDataToObject.ts
Created April 30, 2024 23:43
Extract from Next.js adapter for tRPC
/* eslint-disable @typescript-eslint/no-non-null-assertion */
function set(
obj: Record<string, any>,
path: string[] | string,
value: unknown,
): void {
if (typeof path === 'string') {
path = path.split(/[\.\[\]]/).filter(Boolean);
}
@tzkmx
tzkmx / handlerClass.ts
Last active April 23, 2024 23:39
Decorating App Router Route Handlers (next.js)
class HawkExperiment
{
async getEndpoint(request: Request, params: any)
{
// headers = array of key value pairs extracted from headers
let headers: {[p: string]: string} = {}
request.headers.forEach((val, key, allHeaders) => {
headers[key] = val
})
return Response.json({
@tzkmx
tzkmx / queueMachine.xstate.js
Last active October 16, 2024 23:06
Simple Machine recording requests and simulating responses sequentially
const { assign, createMachine, interpret } = require('xstate');
const { inspect } = require('util');
const queueMachine = createMachine({
id: 'queueMachine',
initial: 'idle',
context: {
invokes: [],
processing: {},
results: []
@tzkmx
tzkmx / DisposableStack.ts
Created September 13, 2023 05:22
Polyfill to use DisposableStack in Node16
class DisposableStack {
constructor() {
if (!(this instanceof DisposableStack)) {
throw new TypeError('DisposableStack must be constructed with new');
}
this.#state = 'pending';
this.#disposeCapability = newDisposeCapability();
}
get disposed() {
@tzkmx
tzkmx / in.md
Created September 7, 2023 23:31
Example of logger using DI with awilix

Notable example of Dependency Injection and use of FileTransports discussed in awilix issues

jeffijoe/awilix#128

@tzkmx
tzkmx / auth.js
Created August 23, 2023 21:17 — forked from mrpinghe/auth.js
Veracode custom HMAC request signing algorithm (used for API authorization)
var crypto = require('crypto');
const id = process.env.API_ID; // your API ID, reading from environment variable
const key = process.env.KEY; // your API key, reading from environment variable
const preFix = "VERACODE-HMAC-SHA-256";
const verStr = "vcode_request_version_1";
var resthost = "api.veracode.com"; // rest host
var xmlhost = "analysiscenter.veracode.com"; // xml host