Including js from raw.github.com - javascript

I have a github.com demo page that is linking to https://raw.github.com/.../master/.../file.js so that I don't need to always copy the .js file over to the gh-pages branch every time it's changed. This works in every browser except IE which complains:
SEC7112: Script from https://raw.github.com/cwolves/jQuery-iMask/master/dist/jquery-imask-min.js was blocked due to mime type mismatch
This complaint is coming from the fact that the file is transferred with:
X-Content-Type-Options: nosniff
Content-Type: text/plain
which I can't change.
Anyone have any ideas how to accomplish this same thing? Somehow allowing me to link to the file in the master branch without having to always push it to the gh-pages branch?
Actual page: http://cwolves.github.com/jQuery-iMask/
(Minor update -- I changed the gh-pages in this exact instance to include the .js file, so IE is no longer broken, but would still like any feedback :))

You can try using https://rawgit.com/ service.
Just replace raw.github.com with rawgit.com
UPDATE
The Rawgit service (former Rawgithub) has been shutdown.
RawGit has reached the end of its useful life
October 8, 2018
GitHub repositories that served content through RawGit within the last month will continue to be served until at least October of 2019. URLs for other repositories are no longer being served.
If you're currently using RawGit, please stop using it as soon as you can.

I can't help you with tricking IE, and I think from that angle what you are looking for is impossible (and discouraged, since that is not the purpose of Github's raw URLs).
However, you can automate committing the changes to gh-pages and pushing to make your life easier. You can do it with a post-commit hook to update the relevant files in the gh-pages branch automatically. I've cooked up such a post-commit script that watches for changes to certain files and commits them to another branch:
#!/bin/sh
WATCH_BRANCH="master"
WATCH_FILES="jquery-imask-min.js"
DEST_BRANCH="gh-pages"
# bail out if this commit wasn't made in the watched branch
THIS_BRANCH=$(git branch --no-color | sed -e '/^[^*]/d' -e 's/* \(.*\)/\1/');
if [ "$THIS_BRANCH" != "$WATCH_BRANCH" ]; then
exit 0
fi
# only update if watched files have changed in the latest commit
CHANGED_FILES=$(git show --pretty="format:" --name-only $WATCH_BRANCH)
if $(echo "$CHANGED_FILES" | grep "^$WATCH_FILES$" -q); then
# checkout destination branch, then
# checkout latest version of each watched file and add to index
git checkout -q $DEST_BRANCH
git pull -q
SAVEIFS=$IFS
IFS=$(echo -n "|")
for file in $WATCH_FILES; do
git checkout $WATCH_BRANCH -- $file
git add $file > /dev/null
done
IFS=$SAVEIFS
# commit with a chance to edit the message, then go back to watched branch
LATEST_COMMIT=$(git rev-parse $WATCH_BRANCH)
git commit -m "Also including changes from $WATCH_BRANCH's $LATEST_COMMIT"
git push origin $DEST_BRANCH
git checkout -q $WATCH_BRANCH
fi
Note that this is a general script, though I have specified the config vars at the top for your purposes. $WATCH_FILES can be set to a list of files delimited by braces | such as index.html|js/jquery.js. Paths must be specified relative to the root of the repo.
Let me know if you have any questions, and if the script helps you!

Take a look at raw.githack.com. The idea of this service is inspired from rawgit.com. I just realized that using a whole framework (node.js + express.js) for such simple thing as requests proxying is overkilling, and made same stuff using nginx only.
Replace "githubusercontent" domain name chunk in your github/gist URL with "githack" and you're done!
Furthermore, it supports bitbucket.com - simply replace whole bitbucket domain with bb.githack.com.

Github's raw URLs aren't designed to be a generic web host. Push that stuff off to proper host, like say pages.github.com.

Nowadays theres jsDelivr, its open source, free and fast.
And supports GitHub! https://www.jsdelivr.com/
Furthermore its from trusted people/company.
I say this because I'm not sure we can trust https://raw.githack.com/

I am also trying to achieve this. However, I cannot seem to get the solution from #shelhamer to work in my codebase. Below is the updated post-commit hook script that I used to get it working:
#!/bin/sh
WATCH_BRANCH="master"
WATCH_FILES="jquery-imask-min.js"
DEST_BRANCH="gh-pages"
# bail out if this commit wasn't made in the watched branch
THIS_BRANCH=$(git branch --no-color | sed -e '/^[^*]/d' -e 's/* \(.*\)/\1/');
if [ "$THIS_BRANCH" != "$WATCH_BRANCH" ]; then
exit 0
fi
# only update if watched files have changed in the latest commit
CHANGED_FILES=$(git show --pretty="format:" --name-only $WATCH_BRANCH)
if $(echo "$CHANGED_FILES" | grep "^$WATCH_FILES$" -q); then
# checkout destination branch, then
# checkout latest version of each watched file and add to index
git checkout -q $DEST_BRANCH
git pull -q
SAVEIFS=$IFS
IFS=$(echo -n "|")
for file in $WATCH_FILES; do
git checkout $WATCH_BRANCH -- $file
git add $file > /dev/null
done
IFS=$SAVEIFS
# commit with a chance to edit the message, then go back to watched branch
LATEST_COMMIT=$(git rev-parse $WATCH_BRANCH)
git commit -m "Also including changes from $WATCH_BRANCH's $LATEST_COMMIT"
git push origin $DEST_BRANCH
git checkout -q $WATCH_BRANCH
fi
I had to update the use of grep to make the regex successfully match (-P was not an option on the grep implementation included in Git Bash shell for Windows), add a git pull and a git push origin $DEST_BRANCH. Oh, and I had to add an empty shell of the directories and files in advance (perhaps just the directories would have sufficed?).
Since this is actually doing a push, I think it may be better to switch this script to being a post-receive script instead of post-commit. Otherwise, you could be pushing code to gh-pages that never made it into master [if you choose not to push it].

Related

Publish a site in a subfolder with traefik and Next JS

I'm trying publish a website in a subfolder (exemple.com/sitename) usign Traefik.
The site is build with Next JS.
What is happening when I run deploy is that all script links in the builded site disregard the folder (sitename). For example, js script named generatedfile.js is being accessed by the link example.com/generatedfile.js, the corret way would be example.com/sitename/generatedfile.js
My traefik args:
-l traefik.frontend.rule="Host:example.com; PathPrefixStrip:/sitename" -l traefik.frontend.entryPoints="http, https" -l traefik.frontend.headers.SSLRedirect="true"
I had tried add basePath to my next.config.js, but when I do this, I only access de site in the link exemple.com/sitename/sitename
next.config.js:
module.exports = withFonts({
basePath: '/sitename'
});
I'm using docker to deploy in AWS.
I've been trying to solve this all day, I don't even know what else to try to solve it.
Sorry for my english, it's not my first language.
PathPrefixStrip means match the path and strip the matched string before forwarding the request to your application. Use PathPrefix instead.
Looks like you're using v1.x of Traefik. Here's the documentation explaining the difference better: https://doc.traefik.io/traefik/v1.7/basics/
It's worth mentioning that if you have multiple routing rules, Traefik sorts them by their string length in a descending order and goes through them to match the incoming request. In other words, /api is matched before /.

Git return "'pull' is not a git command. See 'git --help'" from remote on Windows 10

I have a bonobo server on my server that is running windows 10.
I'm trying to link a new hook on "Update", so the files from the node development server can get updated directly from git.
I tried to do so using a cmd file, examples to follow:
update file in hooks
cmd //C "start C:\webServer\node\testServer\update.bat"
update.bat on the same folder on testServer
set PATH=%PATH%;C:\Program Files\Git\cmd\git.exe
cd C://webServer/node/testServer
git pull
That was returning the following error:
git: 'pull' is not a git command. See 'git --help'
I did some research and found out this post "git pull" broken where they talk about using -exec-path on Mac, I tried to search the equivalent in Windows and found out some variables for path related issues, tried them an none of them worked, also tried to reinstall git without any other result, at that point I was tired of it and I tried to use a node library, simple-git, that allows me to do a pull request using node specifying the path! I tried it on the server, and it worked! (I will attach the code of the file below) so I thought to try it from the remote server, but then I got the same error again, pull is not a git command, I tried to call the node file in different ways, I tried some python script to run a cmd command that runs the node server, I tried using bat and sh files, even using node to run another instance of node, and nothing worked, it always returns pull is not a git command :/
Node simple-git code
require('simple-git')("C:\\webServer\\node\\testServer")
.pull(function(a,b){
console.log(a,b); //for debug
})
Has additional information, git is properly set up as an environmental variable and I can access it without problems from the server, this issue only happens when trying to execute the pull from the hooks!
If anyone can give me some tips on what to try that would be awesome, thanks!

How can I let multiple Java scripts to run concurrently in Frida?

I want to bypass root detection, certificate pinning, and a crc integrity check for an android app using Frida. I can't run more than 1 script at once, is there any solution?
Concatenate all scripts into one file and load is the trivial (and probably good enough) answer.
I have another suggestion that you can do even without a computer, just put text editor on your device and get a bluetooth keyboard.
frida-inject which can be downloaded from frida release page
Push frida-inject & the scripts to the device and execute the following that iterates scripts , inject them to the process and exists.
for f in $(ls /sdcard/scripts/*js) do; ./frida-inject -p $(pidof com.app.name) -s $f --eternalize
frida-inject options
frida -U -f [APP_ID] -l script1.js -l script2.js
you can try this too

Javascript - ERR_CONTENT_LENGTH_MISMATCH

I'm making a basic jQuery playground site. I am getting Error: net::ERR_CONTENT_LENGTH_MISMATCH is happening on page load and the background images are not loading on the page.
The image in question is 300kb and is also dynamically changing. I am assuming this has something to do with file sizes, but I don't really know what.
HTML used originally:
<p style="margin:0px; padding:0px;">
<img id="background" src="/bg1.jpg" style='width:100%;' border="0" alt="Null">
</p>
JavaScript / jQuery used to change the background:
var changebg = function() {
if (myscore % 20 == 0) {
level++;
document.getElementById("level").innerHTML = "Level: " + level;
$("#level").fadeIn(1500, function(){$("#level").hide()})
backgroundindex++;
if (backgroundindex > 6) {
backgroundindex == Math.floor((Math.random()*6)+1)};
document.getElementById("background").src="/bg"+backgroundindex+".jpg";
};
}
I am getting Error: net::ERR_CONTENT_LENGTH_MISMATCH
Have a look at your server logs to determine what the real issue is.
For me the problem lay somewhere between nginx and file permissions:
tail -f /usr/local/var/log/nginx/error.log or run nginx -t to determine your conf location, where you could specify a custom log path.
refresh the asset in your browser, eg http://localhost:3000/assets/jquery/jquery.js
You may see something like this in the logs:
"/usr/local/var/run/nginx/proxy_temp/9/04/0000000049" failed (13:
Permission denied) while reading upstream for file xyz
Heres how I fixed:
sudo nginx -s stop
sudo rm -rf /usr/local/var/run/nginx/*
sudo nginx
Summary
Here is a more detailed explanation of what happened in my case. The selected answer here helped me solve my problem and this is basically a more detailed version of the selected answer on hows and whys!
Explaining Nginx Permissions
You can run nginx as a nobody user and that is the common practice in most sample configs. You will find this line at the top of your config:
user nobody;
It is however suggested that for your web-apps static contents, such as css, js, and image files to allow nginx access and cash it through bypassing your web-app
container. This the part of your config where it reads:
location ^~ /static {
alias /path/to/your/static/folder/;
autoindex on;
expires max;
}
This is the folder nginx needs to have access to.
On the other hand, there is nginx dedicated folder where in the above answer's case was in:
/usr/local/var/run/nginx/
In my case (CentOS) it was in:
/var/lib/nginx/
How can things go wrong?
In either of these cases you can break nginx:
1- Nginx runs as nobody but doesn't have the right access to your static folder.
2- Nginx runs as nobody but then runs as root to gain access to your static folder.
Solution
Best solution in my case was to change the permission of the nginx dedicated folder to match with my static folder. And then run nginx with as a user with the right access to both.
If you are using nginx + proxied server, try:
proxy_buffering off;
More infos: https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/
My team saw this on a single javascript file we were serving up. Every other file worked fine. We originally saw net::ERR_HTTP2_PROTOCOL_ERROR. We switched from http2 back to http1.1 and then either net::ERR_INCOMPLETE_CHUNKED_ENCODING or ERR_CONTENT_LENGTH_MISMATCH. We ultimately discovered that there was a corporate filter (Trustwave) that was erroneously detecting an "infoleak" (we suspect it detected something in our file/filename that resembled a social security number). Getting corporate to tweak this filter resolved our issues.
In my case, I was using nodemon server.js in a next.js (server side rendered) app. By switching back to node server.js, the error disappeared.
I had the same error when building a rails app. I replaced an image with a different image and didn't change the file name, which threw the error above. Simply changing the file name made the problem disappear.
Another case where this error showed up for me : When trying to download a file from a node server with Angular 7, I had to redirect with window.location.href = <node_server_url> instead of the usual httpClient.get<any>(<node_server_url>).
I had this error when there ware no space left on web server disk.
simply fixing the permission of nginx folder fixed the issue.
chmod -R 755 /opt/nginx/
Here's another way to resolve this issue:
http://derekneely.com/2009/06/nginx-failed-13-permission-denied-while-reading-upstream/
NOTE: From a security point of view, I don't agree with the link where the author suggests to give 777 permissions to the folders. Give the minimum level needed to get the job done (in this case, 700 should be fine, you could even lower, though I did not try that yet).

Ubuntu 8.04 Hardy and node.js upstart script

I am trying to write an upstart script for my ubuntu machine, which is version 8.04 "Hardy". I have followed the instructions on this site: upstart for node.js but it seems like these instructions are for a current version of ubuntu.
I noticed that the /etc/init directory does not exist on my machine, first I tried putting the script in the /etc/init.d directory and then I created the /etc/init dir and placed it there.
I will post my upstart script below (which is basically the same as from the website above with some path changes), but when I run start jobname, I just get an error "start: Unknown job: jobname". So then I changed the script around to a slimmed down version, posted below, and still I get the same result.
For now, I am using the 'nohup' command to run my node server but I would like a more permanent solution.
Please, any help?
SCRIPT 1:
description "node.js chat server"
author "iandev ith3"
# used to be: start on startup
# until we found some mounts weren't ready yet while booting:
start on started mountall
stop on shutdown
# Automatically Respawn:
respawn
respawn limit 99 5
script
# Not sure why $HOME is needed, but we found that it is:
export HOME="/root"
exec /root/local/node/bin/node /home/ian/chat.js >> /var/log/node.log 2>&1
end script
post-start script
# optionally put a script here that will notifiy you node has (re)started
# /root/bin/hoptoad.sh "node.js has started!"
end script
SCRIPT 2:
description "node.js chat server"
author "iandev ith3"
script
exec /root/local/node/bin/node /home/ian/chat.js >> /var/log/node.log 2>&1
end script
Just use Forever. https://github.com/indexzero/forever
From looking at the website you provided I'd say that the /etc/init was just a typo and it should be /etc/init.d/. Some things you may want to check:
executable flag on your scripts. With most versions of Ubuntu executable files show up green when running 'ls' from the command line. If you want to check if your file is executable run 'ls -l /etc/init.d/YOUR_SCRIPT' from the command line. You will see something like this:
-rwxr-xr-x 1 root root 1342 2010-09-16 10:13 YOUR_SCRIPT
The x's mean that it is executable.
To set the executable flag if it is not set, run chmod u+x YOUR_SCRIPT
I'm pretty sure for older versions of ubuntu you need to have the script in /etc/rc.d/rc3.d or /etc/rc3.d. What linux does is run through rc0.d to rc5.d and execute every script in there. From what it looks like, ubuntu is moving away from this to something simpler so if you have rc directories you may need to edit your script a little.
Anyway I think i'm getting a little over complicated here. Check your executable flag and if you have rc directories and we'll move on from there.
May not be the best thing to start a process with sudo, but here's what I have setup on my local pc:
#!upstart
description "node.js server"
author "alessio"
start on startup
stop on shutdown
script
export HOME="/ubuntu"
exec sudo -u ubuntu /usr/bin/node /home/ubuntu/www/test.js 2>&1 >> /var/log/node.log
end script
Hope this helps.

Categories