Frozen global object

If your app uses global object as a config, you should make sure, that this object is truly readonly. So that an attacker can not modify it in dev console. This is how to do it. // example of frozen global object // freeze the config object properties const config = Object.freeze({ httpApi: ‘http://127.0.0.1:20003/v1’, wsApi: ‘ws://127.0.0.1:3000’, enableReduxDevTools: true, minLegalAge: 18 // in years }); // make sure that the config object can not be replaced Object.defineProperty(window, “config”, { value: config, configurable: false, writable: false }); PS: I assume that “window” is sufficient as a global object. If your app runs …

Continue Reading

Custom command line shortcuts with Doskey

I’ve learned this nice trick from Petr Horáček aka Besir while working on Nakamotox. So the credit goes to him. You can define custom commands via doskey (only on Windows) and then invoke them via command line. It is quite powerfull, because you can define alias for command with predefined attributes, so it save you lot of repetitive typing. Steps: Open any text editor and define your shortcut commands @echo off REM example shortcut for docker-compose doskey dcdu=docker-compose -f docker-compose-dev.yml up doskey dcdd=docker-compose -f docker-compose-dev.yml down Add path to file with commands to registry: open regedit go to \HKEY_CURRENT_USER\Software\Microsoft\Command Processor define AutoRun enter path to …

Continue Reading

Email validator for Angular

Angular has built in email validator, but it is very benevolent one. It allows for single letter domains, therefore email a@b is considered valid. Their motivation is that when used in intranet it can be perfectly valid email, because you can have custom domain names. But it does not make much sense in the broader internet. I would prefer if the built in validator would be stricter, or that there would be two validators, something like emailValidator and intranetEmailValidator. Here is my solution, hope it will help someone import {FormControl} from ‘@angular/forms’; // copied from http://emailregex.com/ export const emailRegexp = /^(([^<>()\[\]\\.,;:\s@”]+(\.[^<>()\[\]\\.,;:\s@”]+)*)|(“.+”))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/; …

Continue Reading

Print document from cross-origin iframe

When you need to show content from some other site, such as Google Docs, you can easily embed it inside an iframe. Google Docs even generates it for you. But what if you need to print that document via some button click? You can not do that, because the cross-origin policy does not allow it. You have basically two options. A) Create some proxy function on your server. But that is only available when you actually have a server and not just some hosted WordPress. B) Create proxy iframe, which you are actually allowed to print, because there is no cross-origin involved. Then …

Continue Reading

Workaround for ExpressionChangedAfterItHasBeenCheckedError in async pipe

Imagine that you have this piece of code, where userInfo$ is Observable and it value is not yet emitted. <app-change-email [currentEmail]=”(userInfo$ | async).user.email”></app-change-email> The code works, but it will report error ExpressionChangedAfterItHasBeenCheckedError to the console (only in dev mode). That is because the component has received the value, but the value has changed later. Angular does not like it. I googled for solutions, but could not use them, or it would be too complicated in given setup. Workaround is easy <ng-template #loading> <div id=”loading”></div> </ng-template> <ng-container *ngIf=”userInfo$ | async; let userInfoState; else loading”> <app-change-email [currentEmail]=”userInfoState.user.email”></app-change-email> </ng-container>

Continue Reading