VirtualTam's bookmarks

1. h2c Smuggling: Request Smuggling Via HTTP/2 Cleartext (h2c) 2024-11-04

   tags: network/http, network/reverse-proxy, programming/go, security, websocket

   [ permalink ]

   • BishopFox/h2csmuggler
2. feed reader best practices | Rachel By The Bay 2024-10-26

   tags: feed, network/http, network/http/header, personal-knowledge/blog, storage/cache, web/syndication

   [ permalink ]

   Test feed:

   • feed reader score project
   • A sysadmin's rant about feed readers and crawlers
   • Feeds, updates, 200s, 304s, and now 429s
   • So many feed readers, so many bizarre behaviors
   • The feed reader score service is now online

   RFCs:

   • RFC 1945 - Hypertext Transfer Protocol - HTTP/1.0 - If-Modified-Since
   • RFC 7232 - Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests - Entity Tag (ETag)
   • RFC 9110 - HTTP Semantics

   Related:

   • Bret Simmons - NetNewsWire and Conditional GET Issues
   • John Brayton - Feed Polling for Unread Cloud
   • Jeff Kaufman - Looking at RSS User-Agents
   • Chris Siebenmann - The case of the very old If-Modified-Since HTTP header
   • ETag and HTTP caching
   • HTTP Conditional Requests Explained
   • Caching - What takes precedence: the ETag or Last-Modified HTTP header?
3. go-http-metrics - Modular HTTP middleware to measure HTTP requests 2023-07-26

   tags: network/http, observability/metrics, observability/time-series/prometheus, programming/go

   [ permalink ]

   • Expose Prometheus metrics in a separate port in golang
4. HAProxy - TLS Termination Setup 2023-07-24

   tags: cryptography/encryption, network/http, network/http-server/haproxy, network/reverse-proxy, network/transport-layer-security, security

   [ permalink ]

   • Traffic Routing - Rewrite Requests
   • Client IP Preservation - X-Forwarded-For
   • HAProxy & HTTP Strict Transport Security (HSTS)
   • Secure Cookies Using HAProxy Enterprise
5. WebAuthn - An API for accessing Public Key Credentials 2023-06-11

   tags: cryptography/public-key-infrastructure, internet/browser, security/authentication

   [ permalink ]

   The Web Authentication API (also known as WebAuthn) is a specification written by the W3C and FIDO, with the participation of Google, Mozilla, Microsoft, Yubico, and others. The API allows servers to register and authenticate users using public key cryptography instead of a password.

   • Guide to Web Authentication
   • Asynchronous Remote Key Generation: An Analysis of Yubico’s Proposal for W3C WebAuthn [PDF]
   • Issue 664630: Web Authentication API for Chrome
   • Bugzilla - [meta] Update WebAuthn JS API to the L1-REC spec
   • keepassxc#1870 - Feature Request: Integration with the Web Authentication API
6. reMarkable 2 - 3rd-party accessories and homebrew software 2023-01-21

   tags: e-ink, e-reader, linux, network/ssh, programming/c, programming/c++, programming/go, user-interface/qt

   [ permalink ]

   Stylus:

   • https://remarkablewiki.com/tech/stylus
   • https://www.joshualowcock.com/guide/remarkable-2-compatible-pens-remarkable-marker-alternatives/
   • https://www.joshualowcock.com/guide/how-to-install-the-lamy-al-star-pen-button-eraser-hack-on-the-remarkable-2/
   • https://www.reddit.com/r/RemarkableTablet/comments/nvtwt8/alternative_pen_which_is_compatible_with/

   Case:

   • https://www.joshualowcock.com/guide/remarkable-2-folio-remarkable-case-alternative/

   Guides:

   • https://www.meganwalker.me.uk/2021/01/installing-remux-koreader-on-the-remarkable-2/
   • https://www.reddit.com/r/RemarkableTablet/comments/lzuxti/experience_using_the_remarkable_2_as_a_linux/
   • https://www.simplykyra.com/category/remarkable/

   System:

   • https://remarkablewiki.com/tech/ssh
   • • https://www.reddit.com/r/RemarkableTablet/comments/10ymr95/til_you_can_request_that_rm_not_use_your_private/

   Usage:

   • https://www.reddit.com/r/RemarkableTablet/comments/jl3tue/is_anybody_else_having_trouble_turning_pages_on/

   Software:

   • https://eeems.website/toltec/
   • https://www.reddit.com/r/RemarkableTablet/comments/aqfflg/xochitl_question/
   • https://github.com/reMarkable
   • https://github.com/reHackable/awesome-reMarkable
   • https://github.com/isaacwisdom/RemarkableLamyEraser
   • https://github.com/ddvk/remarkable2-framebuffer
   • https://github.com/ddvk/rmfakecloud
   • https://github.com/ddvk/remarkable-hacks
   • https://github.com/ddvk/remarkable-stylus
   • https://github.com/juruen/rmapi
   • https://rmkit.dev/apps/remux
   • https://github.com/dps/remarkable-keywriter

   Articles:

   • https://rmkit.dev/eink-is-so-retropunk/
7. Go - How to process a request that has multiple inputs and multiple files at the same time? 2022-04-23

   tags: file, programming/go, programming/html/form

   [ permalink ]

   • https://pkg.go.dev/mime/multipart#Reader
   • https://pkg.go.dev/mime/multipart#Part
   • https://www.rfc-editor.org/rfc/rfc7578
8. Git helpers for shared commit authoring 2022-03-07

   tags: programming/pair-programming, source-code-management/git

   [ permalink ]

   • https://tuple.app/pair-programming-guide/template
   • https://github.com/kejadlen/git-together
   • https://github.com/git-duet/git-duet
   • https://github.com/chrisk/git-pair
   • https://docs.github.com/en/pull-requests/committing-changes-to-your-project/creating-and-editing-commits/creating-a-commit-with-multiple-authors
9. Fan Is A Tool-Using Animal—dConstruct Conference Talk 2020-12-13

   tags: community, fan, fan-art, fiction, knowledge, personal-knowledge/bookmark, software, tag, web

   [ permalink ]

   • Pinboard Feature Requests
   • pinboard-dev Google Group
10. What is "AWS Security Scanner" in my server logs? 2020-07-31

    tags: cloud/aws, network, security

    [ permalink ]

    • https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html
    • https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html
    • https://docs.aws.amazon.com/cli/latest/reference/ec2/modify-instance-metadata-options.html
    • https://aws.amazon.com/blogs/security/defense-in-depth-open-firewalls-reverse-proxies-ssrf-vulnerabilities-ec2-instance-metadata-service/
    • https://aws.amazon.com/blogs/aws/new-host-based-routing-support-for-aws-application-load-balancers/
    • https://aws.amazon.com/about-aws/whats-new/2018/07/elastic-load-balancing-announces-support-for-redirects-and-fixed-responses-for-application-load-balancer/
    • https://www.reddit.com/r/aws/comments/e18e5n/botexploit_what_is_this_trying_to_do_and_how
    • https://www.reddit.com/r/aws/comments/e18e5n/botexploit_what_is_this_trying_to_do_and_how/f8qympp/
    • https://forums.aws.amazon.com/thread.jspa?threadID=316889
    • https://owasp.org/www-community/attacks/Server_Side_Request_Forgery
    • https://www.wired.com/story/capital-one-paige-thompson-case-hacking-spree/
    • https://krebsonsecurity.com/2019/08/what-we-can-learn-from-the-capital-one-hack/
    • https://krebsonsecurity.com/2019/07/capital-one-data-theft-impacts-106m-people/
    • http://www.thecloudavenue.com/2019/08/how-capital-one-hack-was-achieved-in-aws.html
    • http://www.thecloudavenue.com/2019/11/changes-to-aws-ec2-instance-metadata-service.html
11. PRM - Pull Request Manager 2019-07-25

    tags: source-code-management/git, source-code-management/github

    [ permalink ]

    • https://github.com/ldez/prm
12. CloudWatch GetMetricData support by mtanda · Pull Request #11624 · grafana/grafana · GitHub 2019-04-04

    tags: cloud/aws, observability, observability/grafana

    [ permalink ]

    • https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDataQuery.html
    • https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html
    • https://community.grafana.com/t/how-to-plot-the-rate-of-change-or-the-incline-of-a-line-plot/14334/6
13. Insomnia REST Client 2019-04-01

    tags: network/http, postman, programming/api, programming/api/rest, programming/testing, request

    [ permalink ]

    • https://github.com/getinsomnia/insomnia
14. Kubernetes Best Practices - GCP Blog 2018-09-28

    tags: cloud/gcp, distributed-system/cluster, linux/container/docker, linux/container/kubernetes, resource

    [ permalink ]

    • https://cloudplatform.googleblog.com/2018/04/Kubernetes-best-practices-how-and-why-to-build-small-container-images.html
    • https://cloudplatform.googleblog.com/2018/04/Kubernetes-best-practices-Organizing-with-Namespaces.html
    • https://cloudplatform.googleblog.com/2018/05/Kubernetes-best-practices-Setting-up-health-checks-with-readiness-and-liveness-probes.html
    • https://cloudplatform.googleblog.com/2018/05/Kubernetes-best-practices-Resource-requests-and-limits.html
    • https://cloudplatform.googleblog.com/2018/05/Kubernetes-best-practices-terminating-with-grace.html
    • https://cloudplatform.googleblog.com/2018/05/Kubernetes-best-practices-mapping-external-services.html
    • https://cloudplatform.googleblog.com/2018/06/Kubernetes-best-practices-upgrading-your-clusters-with-zero-downtime.html
15. Jenkins - Pipeline as YAML: Alpha release 2018-09-27

    tags: configuration, continuous-integration/jenkins, pipeline, programming/yaml, source-code-management, source-code-management/git

    [ permalink ]

    • https://jenkins.io/blog/2018/06/15/simple-pull-request-plugin/
    • https://issues.jenkins-ci.org/browse/JENKINS-52452
    • https://github.com/jenkinsci/simple-pull-request-job-plugin
    • https://jenkins.io/projects/gsoc/2018/simple-pull-request-job-plugin/
16. numfmt - reads numbers in various representations and reformats them as requested 2018-09-24

    tags: bit, byte, file, filesystem, gnu, size, unit

    [ permalink ]

    • https://unix.stackexchange.com/questions/44040/a-standard-tool-to-convert-a-byte-count-into-human-kib-mib-etc-like-du-ls1
17. Using Kubernetes in Jenkins (declarative?) pipelines 2018-09-14

    tags: continuous-integration/jenkins, linux/container/docker, linux/container/kubernetes, pipeline

    [ permalink ]

    Kubernetes plugin and examples:

    • https://github.com/jenkinsci/kubernetes-plugin
    • https://jenkins.io/doc/pipeline/steps/kubernetes/

    Kubernetes pipeline plugin:

    • https://github.com/jenkinsci/kubernetes-pipeline-plugin
    • https://jenkins.io/doc/pipeline/steps/kubernetes-pipeline-steps/

    Relevant issues:

    • https://issues.jenkins-ci.org/browse/JENKINS-48135 - Multiple containers in declarative pipelines
    • https://issues.jenkins-ci.org/browse/JENKINS-51353 - Request for volumes in declarative pipelines

    Persisting volumes:

    • https://kubernetes.io/docs/concepts/storage/persistent-volumes/
    • https://cloud.google.com/kubernetes-engine/docs/concepts/persistent-volumes
    • https://devopscube.com/persistent-volume-google-kubernetes-engine/
    • http://www.monkeylittle.com/blog/2017/02/08/adding-persistent-volumes-to-jenkins-with-kubernetes-volumes.html
    • https://stackoverflow.com/questions/48068973/volume-mounting-in-jenkins-on-kubernetes

    Declarative pipelines with YAML spec:

    • https://github.com/jenkinsci/kubernetes-plugin/blob/master/examples/declarative-multiple-containers.groovy
    • https://stackoverflow.com/questions/47470498/how-to-define-multiple-containers-in-declarative-pipeline

    Scripted pipelines:

    • https://www.twistlock.com/2018/07/24/jenkins-pipeline-kubernetes-building-containers-integrating-security/

    XML (!):

    • https://itnext.io/running-jenkins-builds-in-containers-458e90ff2a7b
18. Getting The PHP-FPM Status From The Command Line | Max Chadwick 2018-07-26

    tags: command-line, network/socket, programming/php, status

    [ permalink ]

    • https://brandonwamboldt.ca/understanding-the-php-fpm-status-page-1603/
    • http://www.gregfreeman.io/2016/how-to-connect-to-php-fpm-directly-to-resolve-issues-with-blank-pages/
    • https://www.thatsgeeky.com/2012/02/directly-connecting-to-php-fpm/
    • https://easyengine.io/tutorials/php/fpm-status-page/

    $ SCRIPT_NAME=/status \
        SCRIPT_FILENAME=/status \
        QUERY_STRING=json \
        REQUEST_METHOD=GET \
        cgi-fcgi -bind -connect /var/run/php/php7.0-fpm.sock \
        | grep '{' \
        | jq '.'
    

19. Gitlab - "Allow requests to the local network from hooks and services" should be ENABLED by default 2018-06-19

    tags: network, source-code-management/git, source-code-management/gitlab

    [ permalink ]

    • https://gitlab.com/gitlab-org/gitlab-ce/issues/44480
20. Flickering after upgrading to kernel 4.16.0 · Issue #601 · jonls/redshift 2018-05-10

    tags: driver, graphics, light, linux, linux/archlinux, linux/kernel, screen

    [ permalink ]

    • https://forum.manjaro.org/t/new-kernel-4-16-causes-display-flashes-on-amd-r9-3xx-tonga/44302/13
    • https://bugzilla.kernel.org/show_bug.cgi?id=199407
    • https://www.reddit.com/r/archlinux/comments/7vxnam/redshift_flickering_display_after_415_kernel/
    • https://www.phoronix.com/scan.php?page=news_item&px=AMDGPU-DC-Pull-Request-4.15
    • https://github.com/jonls/redshift/issues/221