When setting up EdgeOS with PPPoE (Centurylink) with Hairpin NAT, ensure that the Port Forward Source on the LAN interface is switch0, even if eth1 is the only one being used. Not sure what switch0 means (one would think it is the combination of eth1-4), but this appears to have fixed an issue with not allowing access to custom (>1024) ports.
When trying to do a git clone on a new installation of git behind a corporate firewall (with MITM on SSL), I got this error: # git clone https://github.com/zptaylor/public-repo.git
Cloning into 'public-repo'... fatal: unable to access 'https://github.com/zptaylor/public-repo.git/': SSL certificate problem: self signed certificate in certificate chain
First I tried switching the backend to sslchannel, but that threw a different error: # git config --global http.sslbackend schannel
# git clone https://github.com/zptaylor/public-repo.git
Cloning into 'public-repo'...
fatal: unable to access 'https://github.com/zptaylor/public-repo.git/': schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) - The revocation function was unable to check revocation for the
Of course the reason no SSL validation will work is because the SSL is for all intents and purposes invalid, so the easiest way is to just turn it off, although it completely eliminates https verification: # git config --global http.sslbackend openssl
# http.sslVerify= false
A similar solution that breaks security, but for schannel: # git config --global http.schannelCheckRevoke "false"
# git config --global http.sslbackend schannel
A more precise fix that would allow SSL would be to use openssl, create some sort of trust store of valid certs, and then add the MITM’s cert for github.com in its place. I think these fixes are reasonable for a developer machine who is on a controlled network that could not possibly allow github.com to be spoofed.
Read up more at
In the latest version of PrimeFaces they apparently made the regex validation for “allowTypes” more restrictive.
Previously we had allowTypes="/(\.|\/)(gif|jpe?g|png)$/"
This will allow .gif/.jpg/.jpeg/.png files but not allow .GIF/.JPG/.JPEG/.PNG files.
To remove the case sensitivity you just add the iflag, for insensitivity:
What is particularly bad about PF 7.0 is that it will allow it to run the uploader as it will pass the first step of the client-side validation, but when it sends to the server it will fail the validation and not alert the user that it failed (!!!), thus making a silent error that will cause users a lot of grief.
In order to defend and preserve the honor of the profession of computer programmers,
I Promise that, to the best of my ability and judgement:
I will not produce harmful code.
The code that I produce will always be my best work. I will not knowingly allow code that is defective either in behavior or structure to accumulate.
I will produce, with each release, a quick, sure, and repeatable proof that every element of the code works as it should.
I will make frequent, small, releases so that I do not impede the progress of others.
I will fearlessly and relentlessly improve my creations at every opportunity. I will never degrade them.
I will do all that I can to keep the productivity of myself, and others, as high as possible. I will do nothing that decreases that productivity.
I will continuously ensure that others can cover for me, and that I can cover for them.
I will produce estimates that are honest both in magnitude and precision. I will not make promises without certainty.
I will never stop learning and improving my craft.
It’s shameful to admit it, but I have known that these are the ethics I should live by, but I often let deadlines, expectations, and laziness come in the way. I hope to work in the next few months to uphold this oath. The hardest part is my tendency to people-please, and my low threshold for the “boring” parts of software development — writing tests, and peer reviews.
I know that logically there are no shortcuts; writing bad code to get a product out ASAP ultimately causes more frustrations and time wasted by myself and others. It is hard for me to fully digest that I will have to slow down in order to save time, but I have seen it happen, literally every day on the job, that fixing a problem in hastily developed code ultimately takes much longer than getting it right the first time. Just got to remember to breathe every now and then.
I stumbled on this when trying to run the new version of STS (Eclipse) on my work computer, which currently does not have Administrative Rights, yet has Windows 10 “Smart Screen” set to prevent running “unrecognized” applications.
If you try to run an application and the Smart Screen is preventing it from running, right click on the application, click Sent to Compressed File (.zip), then Extract the file and run it. Because Windows Smart Screen sees that you created the .zip file, it will assume that you can trust the contents when you extract it. Replace the original file with this file, and you are off to the races.
YMMV, do not do this at home, or on a computer that you are trusted to protect, etc.
Recently I found myself migrating, again, my cloud hosting provider. I like to keep a complete backup of all files so that in case I miss something it’s not forever lost in the ether.
This command comes in handy to rsync everything from one host to a backup location, which I can then use to migrate to the new cloud provider. This command skips the docker device mapper along with the other non-FS files in /dev /proc and /sys. It also uses a specified port (–rsh=’ssh -p XXXXX’) in case of non-standard SSH ports. Worked for me!