Lazy loading images + Scroll to Text Fragment XSLeak.
With Water Paddler.
We can upload images, make "notes" containing this image and a title, and share this "notes" with an authed bot displaying the flag in its footer.
rebane2001
/ glass-with-controls.html
Last active
April 15, 2026 16:21
glass effect test css/svg thing (messy) - demo: https://codepen.io/rebane2001/details/OPVQXMv
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <div style="position:absolute;top:-999px;left:-999px"> | |
| <svg | |
| id="effectSvg" | |
| width="200" | |
| height="200" | |
| viewBox="0 0 200 200" | |
| xmlns="http://www.w3.org/2000/svg"> | |
| <filter id="displacementFilter4"> |
jorgectf
/ LINE CTF 2022 - title todo.md
Last active
December 26, 2025 00:19
LINE CTF 2022 - title todo
Chocksy
/ sentry-config.html
Last active
September 12, 2024 09:14
— forked from impressiver/raven-config.html
Sentry.js configuration for logging JavaScript exceptions to Sentry (https://sentry.io/). Without the added ignore options, you'll quickly find yourself swamped with unactionable exceptions due to shoddy browser plugins and 3rd party script errors.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- Sentry.js Config --> | |
| <script src="https://js.sentry-cdn.com/{{ENV['SENTRY_PUBLIC_DSN']}}.min.js" type="text/javascript"></script> | |
| <script type="text/javascript"> | |
| // custom functions to handle errors in JS. | |
| function handleRouteError(err) { | |
| Sentry.captureException(err); | |
| } | |
| function errorHandler(error, data, level) { | |
| level = level || 'info'; |
The package that linked you here is now pure ESM. It cannot be require()'d from CommonJS.
This means you have the following choices:
- Use ESM yourself. (preferred)
Useimport foo from 'foo'instead ofconst foo = require('foo')to import the package. You also need to put"type": "module"in your package.json and more. Follow the below guide. - If the package is used in an async context, you could use
await import(…)from CommonJS instead ofrequire(…). - Stay on the existing version of the package until you can move to ESM.
ccnokes
/ event-emitter.js
Last active
October 23, 2023 02:09
Custom event emitter using native DOM APIs. Read more here: https://cameronnokes.com/blog/build-your-own-event-emitter-using-only-native-dom-apis/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class EventEmitter { | |
| constructor() { | |
| this.target = new EventTarget(); | |
| } | |
| on(eventName, listener) { | |
| return this.target.addEventListener(eventName, listener); | |
| } | |
| once(eventName, listener) { | |
| return this.target.addEventListener(eventName, listener, { once: true }); | |
| } |
robin-a-meade
/ unofficial-bash-strict-mode.md
Last active
March 11, 2026 18:58
Unofficial bash strict mode
Sometimes a programming language has a "strict mode" to restrict unsafe constructs. E.g., Perl has use strict, Javascript has "use strict", and Visual Basic has Option Strict. But what about bash? Well, bash doesn't have a strict mode as such, but it does have an unofficial strict mode:
set -euo pipefail
set -e
https://icons.duckduckgo.com/ip2/{hostname}.icohttps://www.google.com/s2/favicons?domain_url={hostname}https://favicon.yandex.net/favicon/{hostname1}/{hostname2}/https://f1.allesedv.com/16/{hostname}http://grab-favicons.herokuapp.com/api/v1/grab-favicons/?url={hostname}https://besticon-demo.herokuapp.com/icon?url={hostname}&size=80..120..200http://favicongrabber.com/service-api-reference
For pip < 10.0.1:
import pip
from subprocess import call
packages = [dist.project_name for dist in pip.get_installed_distributions()]
for package in packages:
try:
call("pip install --upgrade " + package, shell=True)
median-man
/ .gitmessage
Last active
April 22, 2025 21:11
— forked from adeekshith/.git-commit-template.txt
This commit message template helps you write **useful** commit messages.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # <type>: <subject> (Max 50 char, Why is this change necessary?) | |
| # |<---- Using a Maximum Of 50 Characters ---->| | |
| # |<---- Try To Limit Each Line to a Maximum Of 72 Characters ---->| | |
| # Explain how the commit addresses the issue | |
| # IMPORTANT!! Describe any side effects of the change. | |
| # Provide links or keys to any relevant tickets, articles or other resources | |
| # Examples: "Jira issue [ABC-123]" or "Closes Github issue #123" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [+] Server is listening on 5001 | |
| ...pre-payoad: | |
| ...post-payoad: | |
| ...pre-payoad: d | |
| ...post-payoad: 3 | |
| ...pre-payoad: d3 | |
| ...post-payoad: d3 | |
| ...pre-payoad: d3a | |
| ...post-payoad: 0d3 | |
| ...pre-payoad: d3ad |
NewerOlder