mirror of https://github.com/garritfra/garrit.xyz
garritfra
3 weeks ago
313 changed files with 459 additions and 459 deletions
@ -1 +1 @@
|
||||
<!DOCTYPE html><html><head><meta name="viewport" content="width=device-width, initial-scale=1"/><meta charSet="utf-8"/><title></title><meta name="Description" content="Generalist software developer writing about scalable infrastructure, fullstack development and DevOps practices."/><link rel="icon" type="image/svg+xml" href="/favicon.svg"/><link rel="manifest" href="/site.webmanifest"/><link rel="webmention" href="https://webmention.io/garrit.xyz/webmention"/><link rel="pingback" href="https://webmention.io/garrit.xyz/xmlrpc"/><meta name="next-head-count" content="8"/><link rel="preload" href="/_next/static/css/386ff04d0e85da2f.css" as="style" crossorigin=""/><link rel="stylesheet" href="/_next/static/css/386ff04d0e85da2f.css" crossorigin="" data-n-g=""/><noscript data-n-css=""></noscript><script defer="" crossorigin="" nomodule="" src="/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js"></script><script src="/_next/static/chunks/webpack-ee7e63bc15b31913.js" defer="" crossorigin=""></script><script src="/_next/static/chunks/framework-5429a50ba5373c56.js" defer="" crossorigin=""></script><script src="/_next/static/chunks/main-d2ba44903cd47711.js" defer="" crossorigin=""></script><script src="/_next/static/chunks/pages/_app-79c931a4d8897bd8.js" defer="" crossorigin=""></script><script src="/_next/static/chunks/pages/404-08cd16f8c995e693.js" defer="" crossorigin=""></script><script src="/_next/static/NRlraLO72gUw9pI0w2ru1/_buildManifest.js" defer="" crossorigin=""></script><script src="/_next/static/NRlraLO72gUw9pI0w2ru1/_ssgManifest.js" defer="" crossorigin=""></script></head><body><div id="__next"><section class="layout"><header class="header"><nav class="nav" role="navigation" aria-label="main navigation"><div class="header__container"><a href="/" class="header__container__logo"></a></div><ul class="header__links"><li><a href="/posts">Blog</a></li><li><a href="/contact">Contact</a></li><li><a href="/links">More ...</a></li></ul></nav></header><div class="content"><article class="page h-entry"><div class="page__body e-content"><h1>404 - Page Not Found</h1><a href="/">Go back home</a></div></article></div><footer class="footer"><div class="notice"><p>I invite you to read my new book<!-- --> <a target="_blank" href="https://www.buymeacoffee.com/garrit/e/233695">Five Years of Blogging: Ideas, Opinions and Guides written 2019 to 2024</a>. Becoming a member on<!-- --> <a target="_blank" href="https://www.buymeacoffee.com/garrit">Buy Me a Coffee</a> <!-- -->will grant you free access to the book!</p><a href="https://www.buymeacoffee.com/garrit/extras"><img src="/assets/five-years-of-blogging-cover-3d.png" alt="Cover of Five Years of Blogging" loading="lazy"/></a></div><div class="footer__content"><h3>Links of Interest</h3><a href="/rss.xml">RSS Feed</a><br/><a href="/todo">Todo List</a><br/><a href="https://keys.openpgp.org/vks/v1/by-fingerprint/2218337E54AA1DBE207B404DBB54AF7EB0939F3D">PGP Key</a><br/><a href="/guestbook">Guestbook</a><br/><a href="/blogroll">Blogroll</a><br/><a href="/ctf">Capture the Flag</a><h3>Elsewhere</h3><a href="https://github.com/garritfra" rel="me">Github</a><br/><a href="https://www.linkedin.com/in/garritfranke/">LinkedIn</a><br/><a href="https://fosstodon.org/@garritfra">Mastodon (ActivityPub)</a><br/><a href="/contact">Contact</a></div><a href="https://www.buymeacoffee.com/garrit" target="_blank"><img src="https://img.buymeacoffee.com/button-api/?text=Buy me a tea&emoji=&slug=garrit&button_colour=FFB300&font_colour=000000&font_family=Cookie&outline_colour=000000&coffee_colour=ffffff"/></a><p>👻 Proud member of<!-- --> <a target="_blank" href="https://darktheme.club/">darktheme.club</a> <!-- -->👻</p><p>© 2018-<!-- -->2024<!-- --> Garrit Franke<br/><a href="/privacy">Privacy</a> |<!-- --> <a target="_blank" href="https://github.com/garritfra/garrit.xyz">Source Code</a></p></footer></section></div><script id="__NEXT_DATA__" type="application/json" crossorigin="">{"props":{"pageProps":{}},"page":"/404","query":{},"buildId":"NRlraLO72gUw9pI0w2ru1","nextExport":true,"autoExport":true,"isFallback":false,"scriptLoader":[]}</script></body></html> |
||||
<!DOCTYPE html><html><head><meta name="viewport" content="width=device-width, initial-scale=1"/><meta charSet="utf-8"/><title></title><meta name="Description" content="Generalist software developer writing about scalable infrastructure, fullstack development and DevOps practices."/><link rel="icon" type="image/svg+xml" href="/favicon.svg"/><link rel="manifest" href="/site.webmanifest"/><link rel="webmention" href="https://webmention.io/garrit.xyz/webmention"/><link rel="pingback" href="https://webmention.io/garrit.xyz/xmlrpc"/><meta name="next-head-count" content="8"/><link rel="preload" href="/_next/static/css/386ff04d0e85da2f.css" as="style" crossorigin=""/><link rel="stylesheet" href="/_next/static/css/386ff04d0e85da2f.css" crossorigin="" data-n-g=""/><noscript data-n-css=""></noscript><script defer="" crossorigin="" nomodule="" src="/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js"></script><script src="/_next/static/chunks/webpack-ee7e63bc15b31913.js" defer="" crossorigin=""></script><script src="/_next/static/chunks/framework-5429a50ba5373c56.js" defer="" crossorigin=""></script><script src="/_next/static/chunks/main-d2ba44903cd47711.js" defer="" crossorigin=""></script><script src="/_next/static/chunks/pages/_app-79c931a4d8897bd8.js" defer="" crossorigin=""></script><script src="/_next/static/chunks/pages/404-08cd16f8c995e693.js" defer="" crossorigin=""></script><script src="/_next/static/P34lTGIjVHF8P2quUJoEx/_buildManifest.js" defer="" crossorigin=""></script><script src="/_next/static/P34lTGIjVHF8P2quUJoEx/_ssgManifest.js" defer="" crossorigin=""></script></head><body><div id="__next"><section class="layout"><header class="header"><nav class="nav" role="navigation" aria-label="main navigation"><div class="header__container"><a href="/" class="header__container__logo"></a></div><ul class="header__links"><li><a href="/posts">Blog</a></li><li><a href="/contact">Contact</a></li><li><a href="/links">More ...</a></li></ul></nav></header><div class="content"><article class="page h-entry"><div class="page__body e-content"><h1>404 - Page Not Found</h1><a href="/">Go back home</a></div></article></div><footer class="footer"><div class="notice"><p>I invite you to read my new book<!-- --> <a target="_blank" href="https://www.buymeacoffee.com/garrit/e/233695">Five Years of Blogging: Ideas, Opinions and Guides written 2019 to 2024</a>. Becoming a member on<!-- --> <a target="_blank" href="https://www.buymeacoffee.com/garrit">Buy Me a Coffee</a> <!-- -->will grant you free access to the book!</p><a href="https://www.buymeacoffee.com/garrit/extras"><img src="/assets/five-years-of-blogging-cover-3d.png" alt="Cover of Five Years of Blogging" loading="lazy"/></a></div><div class="footer__content"><h3>Links of Interest</h3><a href="/rss.xml">RSS Feed</a><br/><a href="/todo">Todo List</a><br/><a href="https://keys.openpgp.org/vks/v1/by-fingerprint/2218337E54AA1DBE207B404DBB54AF7EB0939F3D">PGP Key</a><br/><a href="/guestbook">Guestbook</a><br/><a href="/blogroll">Blogroll</a><br/><a href="/ctf">Capture the Flag</a><h3>Elsewhere</h3><a href="https://github.com/garritfra" rel="me">Github</a><br/><a href="https://www.linkedin.com/in/garritfranke/">LinkedIn</a><br/><a href="https://fosstodon.org/@garritfra">Mastodon (ActivityPub)</a><br/><a href="/contact">Contact</a></div><a href="https://www.buymeacoffee.com/garrit" target="_blank"><img src="https://img.buymeacoffee.com/button-api/?text=Buy me a tea&emoji=&slug=garrit&button_colour=FFB300&font_colour=000000&font_family=Cookie&outline_colour=000000&coffee_colour=ffffff"/></a><p>👻 Proud member of<!-- --> <a target="_blank" href="https://darktheme.club/">darktheme.club</a> <!-- -->👻</p><p>© 2018-<!-- -->2024<!-- --> Garrit Franke<br/><a href="/privacy">Privacy</a> |<!-- --> <a target="_blank" href="https://github.com/garritfra/garrit.xyz">Source Code</a></p></footer></section></div><script id="__NEXT_DATA__" type="application/json" crossorigin="">{"props":{"pageProps":{}},"page":"/404","query":{},"buildId":"P34lTGIjVHF8P2quUJoEx","nextExport":true,"autoExport":true,"isFallback":false,"scriptLoader":[]}</script></body></html> |
@ -1 +0,0 @@
|
||||
{"pageProps":{"post":{"slug":"2024-04-15-beware-of-base64-encoded-strings","markdownBody":"\nI just encountered a fun little bug that I thought is worth sharing.\r\n\r\n**TL;DR**: Here's the commit that fixes the issue:\r\n\r\n<img width=\"1588\" alt=\"image (3)\" src=\"https://github.com/garritfra/garrit.xyz/assets/32395585/dba76692-c89f-44da-b70a-f6732a406d75\">\r\n\r\n\r\nIt started when we noticed that a cronjob that used wget to regularly call an endpoint failed on one specific environment. The endpoint uses [Basic Auth](https://en.wikipedia.org/wiki/Basic_access_authentication), which is essentially a header with a [Base64](https://en.wikipedia.org/wiki/Base64) encoded representation of a username and password. [Curl](https://curl.se/) has this functionality [built in](https://curl.se/docs/manpage.html#-u), but to keep the attack surface as small as possible, we decided to stick to [wget](https://www.gnu.org/software/wget/), which is part of busybox, to keep the container image size under 1 MB (!). After all, all we want to do is ping an endpoint.\r\n\r\nThis is the command we used up to this point:\r\n\r\n```\r\nwget --post-data=\"\" -O - --header=\"Authorization: Basic $(echo -n $BASIC_AUTH_USERNAME:$BASIC_AUTH_PASSWORD | base64)\" http://endpoint:8080/v1/cache\r\n```\r\n\r\nWe noticed that the request worked fine on non-prod environments, but it failed on production with the following error:\r\n\r\n```\r\nThe HTTP header line [b2verlk1rwjsnutbcapkjh==] does not conform to RFC 7230. The request has been rejected.\r\n```\r\n\r\nAfter digging around for a while and separating out the individual pieces of the commands, I noticed that the subcommand to build the header value (`echo -n $BASIC_AUTH_USERNAME:$BASIC_AUTH_PASSWORD | base64`) behaved differently on prod vs. non-prod. The password on prod is way longer compared to the other environments. Let's run this command with a short input:\r\n\r\n```sh\r\n/ $ echo -n someuser:somepassword | base64\r\nc29tZXVzZXI6c29tZXBhc3N3b3Jk\r\n/ $\r\n```\r\n\r\nAnd again with a long input:\r\n\r\n```sh\r\n/ $ echo -n someuser:somepasswordthatswaylongerthanthefirstonebutalsoverysecureandsafe | base64\r\nc29tZXVzZXI6c29tZXBhc3N3b3JkdGhhdHN3YXlsb25nZXJ0aGFudGhlZmlyc3RvbmVidXRhbHNv\r\ndmVyeXNlY3VyZWFuZHNhZmU=\r\n/ $\r\n```\r\n\r\nBingo! There's a rogue newline character in the output of `base64`. The fix is very straight-forward. Using the `-w0` [flag for base64](https://www.man7.org/linux/man-pages/man1/base64.1.html), we can force the output to be on the same line:\r\n\r\n```\r\n/ $ echo -n someuser:somepasswordthatswaylongerthanthefirstonebutalsoverysecureandsafe | base64 -w0\r\nc29tZXVzZXI6c29tZXBhc3N3b3JkdGhhdHN3YXlsb25nZXJ0aGFudGhlZmlyc3RvbmVidXRhbHNvdmVyeXNlY3VyZWFuZHNhZmU=\r\n```\r\n\r\nThis eventually fixed the issue. Not something I would've ever thought of!\n","frontmatter":{"title":"Beware of base64 encoded strings","date":"2024-04-15","tags":"guide, note, learnings, web, til, tech, programming"},"tags":["guide","note","learnings","web","til","tech","programming"]},"recommendedPosts":[{"slug":"2024-04-11-a-simple-search-bar","frontmatter":{"title":"A simple search bar","date":"2024-04-11","tags":"guide, note, meta, web, tech, programming"},"tags":["guide","note","meta","web","tech","programming"]},{"slug":"2024-04-10-beating-elden-ring","frontmatter":{"title":"Beating Elden Ring","date":"2024-04-10","tags":"note, learnings, life, review, gaming"},"tags":["note","learnings","life","review","gaming"]},{"slug":"2024-04-04-pandoc-convert-links-to-footnotes-the-easy-way","frontmatter":{"title":"Pandoc: Convert links to footnotes (the easy way)","date":"2024-04-04","tags":"guide, note, writing, til, tech, programming, pandoc"},"tags":["guide","note","writing","til","tech","programming","pandoc"]},{"slug":"2024-04-02-fuck-trees-use-tags","frontmatter":{"title":"Fuck trees, use tags","date":"2024-04-02","tags":"note, opinion, tech"},"tags":["note","opinion","tech"]},{"slug":"2024-01-30-to-prove-something-is-true-try-disproving-it-first","frontmatter":{"title":"To prove something is true, try disproving it first","date":"2024-01-30","tags":"note, quote, practices, til, science"},"tags":["note","quote","practices","til","science"]}]},"__N_SSG":true} |
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in new issue