TIL `github` CLI & Public Suffix List

Published May 31, 2024

While attending the Web Security workshop by Steve Kinney at Frontend Masters today he demoed a neat feature of the GitHub Desktop app: you can install it as a command line tool e.g. github. This becomes useful in the same way installing VS Code as code: when in the directory of your (Git) repo, you can simply do github . to quickly get a GUI. I personally rarely use a Git GUI, but Iโ€™ve used the GitHub Desktop app in the past and enjoyed it, so if it at all fits your workflow I think itโ€™s a great tip. As an aside, this is different from GitHubโ€™s CLI e.g. gh.

Another TIL is the Public Suffix List (PSL) contains entries like github.io and vercel.app since users get subdomains on those websites and itโ€™s important that SameSite cookies arenโ€™t shared arbitrarily. Previously, when I first discovered the PSL, I only thought it contained various TLDs. This Stack Exchange has additional context: https://security.stackexchange.com/questions/223473/for-samesite-cookie-with-subdomains-what-are-considered-the-same-site

Last modified May 31, 2024  #til   #dx   #security 

← Newer post  •  Older post →