Search Results

Search found 34798 results on 1392 pages for 'html escape characters'.

Page 1/1392 | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • .NET HTML Sanitation for rich HTML Input

    - by Rick Strahl
    Recently I was working on updating a legacy application to MVC 4 that included free form text input. When I set up the new site my initial approach was to not allow any rich HTML input, only simple text formatting that would respect a few simple HTML commands for bold, lists etc. and automatically handles line break processing for new lines and paragraphs. This is typical for what I do with most multi-line text input in my apps and it works very well with very little development effort involved. Then the client sprung another note: Oh by the way we have a bunch of customers (real estate agents) who need to post complete HTML documents. Oh uh! There goes the simple theory. After some discussion and pleading on my part (<snicker>) to try and avoid this type of raw HTML input because of potential XSS issues, the client decided to go ahead and allow raw HTML input anyway. There has been lots of discussions on this subject on StackOverFlow (and here and here) but to after reading through some of the solutions I didn't really find anything that would work even closely for what I needed. Specifically we need to be able to allow just about any HTML markup, with the exception of script code. Remote CSS and Images need to be loaded, links need to work and so. While the 'legit' HTML posted by these agents is basic in nature it does span most of the full gamut of HTML (4). Most of the solutions XSS prevention/sanitizer solutions I found were way to aggressive and rendered the posted output unusable mostly because they tend to strip any externally loaded content. In short I needed a custom solution. I thought the best solution to this would be to use an HTML parser - in this case the Html Agility Pack - and then to run through all the HTML markup provided and remove any of the blacklisted tags and a number of attributes that are prone to JavaScript injection. There's much discussion on whether to use blacklists vs. whitelists in the discussions mentioned above, but I found that whitelists can make sense in simple scenarios where you might allow manual HTML input, but when you need to allow a larger array of HTML functionality a blacklist is probably easier to manage as the vast majority of elements and attributes could be allowed. Also white listing gets a bit more complex with HTML5 and the new proliferation of new HTML tags and most new tags generally don't affect XSS issues directly. Pure whitelisting based on elements and attributes also doesn't capture many edge cases (see some of the XSS cheat sheets listed below) so even with a white list, custom logic is still required to handle many of those edge cases. The Microsoft Web Protection Library (AntiXSS) My first thought was to check out the Microsoft AntiXSS library. Microsoft has an HTML Encoding and Sanitation library in the Microsoft Web Protection Library (formerly AntiXSS Library) on CodePlex, which provides stricter functions for whitelist encoding and sanitation. Initially I thought the Sanitation class and its static members would do the trick for me,but I found that this library is way too restrictive for my needs. Specifically the Sanitation class strips out images and links which rendered the full HTML from our real estate clients completely useless. I didn't spend much time with it, but apparently I'm not alone if feeling this library is not really useful without some way to configure operation. To give you an example of what didn't work for me with the library here's a small and simple HTML fragment that includes script, img and anchor tags. I would expect the script to be stripped and everything else to be left intact. Here's the original HTML:var value = "<b>Here</b> <script>alert('hello')</script> we go. Visit the " + "<a href='http://west-wind.com'>West Wind</a> site. " + "<img src='http://west-wind.com/images/new.gif' /> " ; and the code to sanitize it with the AntiXSS Sanitize class:@Html.Raw(Microsoft.Security.Application.Sanitizer.GetSafeHtmlFragment(value)) This produced a not so useful sanitized string: Here we go. Visit the <a>West Wind</a> site. While it removed the <script> tag (good) it also removed the href from the link and the image tag altogether (bad). In some situations this might be useful, but for most tasks I doubt this is the desired behavior. While links can contain javascript: references and images can 'broadcast' information to a server, without configuration to tell the library what to restrict this becomes useless to me. I couldn't find any way to customize the white list, nor is there code available in this 'open source' library on CodePlex. Using Html Agility Pack for HTML Parsing The WPL library wasn't going to cut it. After doing a bit of research I decided the best approach for a custom solution would be to use an HTML parser and inspect the HTML fragment/document I'm trying to import. I've used the HTML Agility Pack before for a number of apps where I needed an HTML parser without requiring an instance of a full browser like the Internet Explorer Application object which is inadequate in Web apps. In case you haven't checked out the Html Agility Pack before, it's a powerful HTML parser library that you can use from your .NET code. It provides a simple, parsable HTML DOM model to full HTML documents or HTML fragments that let you walk through each of the elements in your document. If you've used the HTML or XML DOM in a browser before you'll feel right at home with the Agility Pack. Blacklist based HTML Parsing to strip XSS Code For my purposes of HTML sanitation, the process involved is to walk the HTML document one element at a time and then check each element and attribute against a blacklist. There's quite a bit of argument of what's better: A whitelist of allowed items or a blacklist of denied items. While whitelists tend to be more secure, they also require a lot more configuration. In the case of HTML5 a whitelist could be very extensive. For what I need, I only want to ensure that no JavaScript is executed, so a blacklist includes the obvious <script> tag plus any tag that allows loading of external content including <iframe>, <object>, <embed> and <link> etc. <form>  is also excluded to avoid posting content to a different location. I also disallow <head> and <meta> tags in particular for my case, since I'm only allowing posting of HTML fragments. There is also some internal logic to exclude some attributes or attributes that include references to JavaScript or CSS expressions. The default tag blacklist reflects my use case, but is customizable and can be added to. Here's my HtmlSanitizer implementation:using System.Collections.Generic; using System.IO; using System.Xml; using HtmlAgilityPack; namespace Westwind.Web.Utilities { public class HtmlSanitizer { public HashSet<string> BlackList = new HashSet<string>() { { "script" }, { "iframe" }, { "form" }, { "object" }, { "embed" }, { "link" }, { "head" }, { "meta" } }; /// <summary> /// Cleans up an HTML string and removes HTML tags in blacklist /// </summary> /// <param name="html"></param> /// <returns></returns> public static string SanitizeHtml(string html, params string[] blackList) { var sanitizer = new HtmlSanitizer(); if (blackList != null && blackList.Length > 0) { sanitizer.BlackList.Clear(); foreach (string item in blackList) sanitizer.BlackList.Add(item); } return sanitizer.Sanitize(html); } /// <summary> /// Cleans up an HTML string by removing elements /// on the blacklist and all elements that start /// with onXXX . /// </summary> /// <param name="html"></param> /// <returns></returns> public string Sanitize(string html) { var doc = new HtmlDocument(); doc.LoadHtml(html); SanitizeHtmlNode(doc.DocumentNode); //return doc.DocumentNode.WriteTo(); string output = null; // Use an XmlTextWriter to create self-closing tags using (StringWriter sw = new StringWriter()) { XmlWriter writer = new XmlTextWriter(sw); doc.DocumentNode.WriteTo(writer); output = sw.ToString(); // strip off XML doc header if (!string.IsNullOrEmpty(output)) { int at = output.IndexOf("?>"); output = output.Substring(at + 2); } writer.Close(); } doc = null; return output; } private void SanitizeHtmlNode(HtmlNode node) { if (node.NodeType == HtmlNodeType.Element) { // check for blacklist items and remove if (BlackList.Contains(node.Name)) { node.Remove(); return; } // remove CSS Expressions and embedded script links if (node.Name == "style") { if (string.IsNullOrEmpty(node.InnerText)) { if (node.InnerHtml.Contains("expression") || node.InnerHtml.Contains("javascript:")) node.ParentNode.RemoveChild(node); } } // remove script attributes if (node.HasAttributes) { for (int i = node.Attributes.Count - 1; i >= 0; i--) { HtmlAttribute currentAttribute = node.Attributes[i]; var attr = currentAttribute.Name.ToLower(); var val = currentAttribute.Value.ToLower(); span style="background: white; color: green">// remove event handlers if (attr.StartsWith("on")) node.Attributes.Remove(currentAttribute); // remove script links else if ( //(attr == "href" || attr== "src" || attr == "dynsrc" || attr == "lowsrc") && val != null && val.Contains("javascript:")) node.Attributes.Remove(currentAttribute); // Remove CSS Expressions else if (attr == "style" && val != null && val.Contains("expression") || val.Contains("javascript:") || val.Contains("vbscript:")) node.Attributes.Remove(currentAttribute); } } } // Look through child nodes recursively if (node.HasChildNodes) { for (int i = node.ChildNodes.Count - 1; i >= 0; i--) { SanitizeHtmlNode(node.ChildNodes[i]); } } } } } Please note: Use this as a starting point only for your own parsing and review the code for your specific use case! If your needs are less lenient than mine were you can you can make this much stricter by not allowing src and href attributes or CSS links if your HTML doesn't allow it. You can also check links for external URLs and disallow those - lots of options.  The code is simple enough to make it easy to extend to fit your use cases more specifically. It's also quite easy to make this code work using a WhiteList approach if you want to go that route. The code above is semi-generic for allowing full featured HTML fragments that only disallow script related content. The Sanitize method walks through each node of the document and then recursively drills into all of its children until the entire document has been traversed. Note that the code here uses an XmlTextWriter to write output - this is done to preserve XHTML style self-closing tags which are otherwise left as non-self-closing tags. The sanitizer code scans for blacklist elements and removes those elements not allowed. Note that the blacklist is configurable either in the instance class as a property or in the static method via the string parameter list. Additionally the code goes through each element's attributes and looks for a host of rules gleaned from some of the XSS cheat sheets listed at the end of the post. Clearly there are a lot more XSS vulnerabilities, but a lot of them apply to ancient browsers (IE6 and versions of Netscape) - many of these glaring holes (like CSS expressions - WTF IE?) have been removed in modern browsers. What a Pain To be honest this is NOT a piece of code that I wanted to write. I think building anything related to XSS is better left to people who have far more knowledge of the topic than I do. Unfortunately, I was unable to find a tool that worked even closely for me, or even provided a working base. For the project I was working on I had no choice and I'm sharing the code here merely as a base line to start with and potentially expand on for specific needs. It's sad that Microsoft Web Protection Library is currently such a train wreck - this is really something that should come from Microsoft as the systems vendor or possibly a third party that provides security tools. Luckily for my application we are dealing with a authenticated and validated users so the user base is fairly well known, and relatively small - this is not a wide open Internet application that's directly public facing. As I mentioned earlier in the post, if I had my way I would simply not allow this type of raw HTML input in the first place, and instead rely on a more controlled HTML input mechanism like MarkDown or even a good HTML Edit control that can provide some limits on what types of input are allowed. Alas in this case I was overridden and we had to go forward and allow *any* raw HTML posted. Sometimes I really feel sad that it's come this far - how many good applications and tools have been thwarted by fear of XSS (or worse) attacks? So many things that could be done *if* we had a more secure browser experience and didn't have to deal with every little script twerp trying to hack into Web pages and obscure browser bugs. So much time wasted building secure apps, so much time wasted by others trying to hack apps… We're a funny species - no other species manages to waste as much time, effort and resources as we humans do :-) Resources Code on GitHub Html Agility Pack XSS Cheat Sheet XSS Prevention Cheat Sheet Microsoft Web Protection Library (AntiXss) StackOverflow Links: http://stackoverflow.com/questions/341872/html-sanitizer-for-net http://blog.stackoverflow.com/2008/06/safe-html-and-xss/ http://code.google.com/p/subsonicforums/source/browse/trunk/SubSonic.Forums.Data/HtmlScrubber.cs?r=61© Rick Strahl, West Wind Technologies, 2005-2012Posted in Security  HTML  ASP.NET  JavaScript   Tweet !function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs"); (function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = 'https://apis.google.com/js/plusone.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })();

    Read the article

  • Install usblib package - Ubuntu

    - by Tom celic
    I need the package libusb for another package I am installing. I tried the following which seemed to install the package, sudo apt-get install libusb-dev but when I try to install the other package I get, configure: error: Package requirements (libusb-1.0 >= 0.9.1) were not met: No package 'libusb-1.0' found Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix. Alternatively, you may set the environment variables LIBUSB_CFLAGS and LIBUSB_LIBS to avoid the need to call pkg-config. See the pkg-config man page for more details. When I run the command dpkg -L libusb-dev, I get: /. /usr /usr/bin /usr/bin/libusb-config /usr/include /usr/include/usb.h /usr/lib /usr/lib/libusb.a /usr/lib/libusb.la /usr/lib/pkgconfig /usr/lib/pkgconfig/libusb.pc /usr/share /usr/share/doc /usr/share/doc/libusb-dev /usr/share/doc/libusb-dev/html /usr/share/doc/libusb-dev/html/index.html /usr/share/doc/libusb-dev/html/preface.html /usr/share/doc/libusb-dev/html/intro.html /usr/share/doc/libusb-dev/html/intro-overview.html /usr/share/doc/libusb-dev/html/intro-support.html /usr/share/doc/libusb-dev/html/api.html /usr/share/doc/libusb-dev/html/api-device-interfaces.html /usr/share/doc/libusb-dev/html/api-timeouts.html /usr/share/doc/libusb-dev/html/api-types.html /usr/share/doc/libusb-dev/html/api-synchronous.html /usr/share/doc/libusb-dev/html/api-return-values.html /usr/share/doc/libusb-dev/html/functions.html /usr/share/doc/libusb-dev/html/ref.core.html /usr/share/doc/libusb-dev/html/function.usbinit.html /usr/share/doc/libusb-dev/html/function.usbfindbusses.html /usr/share/doc/libusb-dev/html/function.usbfinddevices.html /usr/share/doc/libusb-dev/html/function.usbgetbusses.html /usr/share/doc/libusb-dev/html/ref.deviceops.html /usr/share/doc/libusb-dev/html/function.usbopen.html /usr/share/doc/libusb-dev/html/function.usbclose.html /usr/share/doc/libusb-dev/html/function.usbsetconfiguration.html /usr/share/doc/libusb-dev/html/function.usbsetaltinterface.html /usr/share/doc/libusb-dev/html/function.usbresetep.html /usr/share/doc/libusb-dev/html/function.usbclearhalt.html /usr/share/doc/libusb-dev/html/function.usbreset.html /usr/share/doc/libusb-dev/html/function.usbclaiminterface.html /usr/share/doc/libusb-dev/html/function.usbreleaseinterface.html /usr/share/doc/libusb-dev/html/ref.control.html /usr/share/doc/libusb-dev/html/function.usbcontrolmsg.html /usr/share/doc/libusb-dev/html/function.usbgetstring.html /usr/share/doc/libusb-dev/html/function.usbgetstringsimple.html /usr/share/doc/libusb-dev/html/function.usbgetdescriptor.html /usr/share/doc/libusb-dev/html/function.usbgetdescriptorbyendpoint.html /usr/share/doc/libusb-dev/html/ref.bulk.html /usr/share/doc/libusb-dev/html/function.usbbulkwrite.html /usr/share/doc/libusb-dev/html/function.usbbulkread.html /usr/share/doc/libusb-dev/html/ref.interrupt.html /usr/share/doc/libusb-dev/html/function.usbinterruptwrite.html /usr/share/doc/libusb-dev/html/function.usbinterruptread.html /usr/share/doc/libusb-dev/html/ref.nonportable.html /usr/share/doc/libusb-dev/html/function.usbgetdrivernp.html /usr/share/doc/libusb-dev/html/function.usbdetachkerneldrivernp.html /usr/share/doc/libusb-dev/html/examples.html /usr/share/doc/libusb-dev/html/examples-code.html /usr/share/doc/libusb-dev/html/examples-tests.html /usr/share/doc/libusb-dev/html/examples-other.html /usr/share/doc/libusb-dev/copyright /usr/share/doc-base /usr/share/doc-base/libusb-dev /usr/share/man /usr/share/man/man1 /usr/share/man/man1/libusb-config.1.gz /usr/lib/libusb.so /usr/share/doc/libusb-dev/changelog.Debian.gz Any ideas??

    Read the article

  • Convert HTML template (HTML Code) into an image using php library [on hold]

    - by user2727841
    I'm taking input from user through tiny mce editor which is actually html template (HTML Code) and i want to convert that html template (code) into an image using php libaray, How to do it? Is there any API (SDK) OR library for it? well I prefered API (SDK) OR library which actually convert html template (code) into an image... I've searched every where but didn't succeed, now can any one tell me any php library which convert html code into an image... Thanks in advance

    Read the article

  • Prevent malicious vulnerability scan increasing load on a server

    - by Simon
    Hi all, this week we have been suffering some malicious vulnerability scans to our servers, increasing the load on them, making them nearly unusable. The attack is easy to defend, just blocking the offending ip, but only after discovering it. Is there any form of prevent it? Is it normal that one server becomes nearly unusable due to one of these scans? These are the requests done in just one second to our server: [Fri Mar 12 19:15:27 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/zope trunk 2 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/8872fcacd7663c040f0149ed49f572e9 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/188201 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/74e118780caa0f5232d6ec393b47ae01 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/87d4b821b2b6b9706ba6c2950c0eaefd [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/138917 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/180377 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/182712 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/compl2s [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/e7ba351f0ab1f32b532ec679ac7d589d [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/184530 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/compl_s [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/55542 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/7b9d5a65aab84640c6414a85cae2c6ff [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/77257 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/157611 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/textwrapping [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/51713 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/elina [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/fd4800093500f7a9cc21bea232658706 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/59719 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/administrationexamples [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/29587 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/bdebc9c4aa95b3651e9b8fd90c015327 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/defaultchangenotetext [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/figments [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/69744 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/fastpixelperfect [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/conchmusicsoundtoolkit [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/settingwindowposition [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/windowresizing [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/84784 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/186114 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/99858 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/131677 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/167783 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/99933 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/3en17ljttc [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/gradientcode [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/pythondevelopmentandnavigationwithspe [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/10546 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/167932 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/smallerrectforspritecollision [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/176292 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/3sumvid-19yroldfuckedby2bigcocks [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/67909 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/175185 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/131319 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/99900 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/act5 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/contributors-agreement [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/128447 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/71052 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/114242 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/69768 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/debuggingwithwinpdbfromwithinspe [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/39360 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/176267 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/143468 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/140202 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/25268 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/82241 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/142920 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/downloadingipythonformswindows [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/34367 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/for_collaborators [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/pydeveclipseextensionsfabio [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/usingpdbinipython [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/142264 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/49003 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/gamelets [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/texturecoordinatearithmetic [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/project_interface [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/143177 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/pydeveclipsefabio [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/91525 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/40426 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/134819 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/usingipythonwithtextpad [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/developingpythoninipython [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/35569 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/objfileloader [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/simpleopengl2dclasses [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/191495 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/3dvilla [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/145368 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/140118 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/87799 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/142320 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/glslexample [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/39826 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/cairopygame [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/191338 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/91819 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/152003 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/gllight [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/40567 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/137877 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/188209 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/84577 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/131017 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/fightnight [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/79781 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/4731669 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/161942 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/160289 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/81594 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/12127 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/164452 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/96823 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/163598 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/159190 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/step-test fsfs+ra_local [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/davros [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/step-publish logs [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/step-cleanup [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/step-test fsfs+ra_svn [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/cdrwin_v3 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/brianpensive [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/x86-openbsd shared gcc [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/roundup-0 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/svcastle [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/56584 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/45934 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/step-build [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/97194 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/cdrwin_3 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/72243 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/117043 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/147084 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/52713 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/101489 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/134867 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/win32-dependencies [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/36548 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/43827 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/100791 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/elita_posing [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/167848 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/36314 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/49951 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/142740 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/cdromkiteletronicaptg [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/138060 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/68483 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/184474 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/137447 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/sndarray [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/127870 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/167312 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/75411 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/167969 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/surfarray [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/174941 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/59129 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/147554 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/105577 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/91734 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/96679 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/06au [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/124495 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/aah [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/164439 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/12638190 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/eliel [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/171164 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/linearinterpolator [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/step-test [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/heading_news [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/87778 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/portlet_64568222 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/graphic_ep [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/132230 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/12251 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/greencheese [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/188966 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/cdsonic [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/171522 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/elitewrap [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/184313 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/188079 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/147511 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/160952 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/132581 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/84885 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/graphic_desktop [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/win32-xp vs2005 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/128548 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/92057 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/65235 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/pyscgi [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/56926 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/svcastle-big [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/138553 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/138232 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/153367 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/42315 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/150012 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/160079 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/win32-xp vc60 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/163482 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/42642 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/174458 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/163109 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/spacer_greys [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/pdf_icon16 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/26346 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/190998 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/fforigins [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/aliens-0 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/step-update faad [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/13376 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/52647 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/155036 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/compl2 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/174323 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/42317 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/tsugumo [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/171850 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/184127 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/48321 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/162545 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/84180 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/135901 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/57817 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/6360574 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/124989 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/113314 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/sprite-tutorial [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/14294 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/191387 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/187294 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/178666 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/179653 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/wingide-users [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/16309095 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/169465 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/189399 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/172392 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/35627 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/2670901 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/177847 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/chimplinebyline [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/87518 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/154595 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/12811780 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/cdmenupro42 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/110131 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/95615 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/18464 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/lwedchoice-1999 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/5099582 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/100968 [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/j-emacs [Fri Mar 12 19:15:28 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/0206mathew [Fri Mar 12 19:15:29 2010] [error] [client 213.37.49.231] File does not exist: /var/www/html/10844356 Thanks in advance!

    Read the article

  • HTML: Creating tool in HTML which enables to mark on an image

    - by A.Amidi
    I am creating an online survey-monkey for conducting a research. Participants are asked to mark the preferred places for building the parking on the map (image). In other words, participants should be able to mark on the image (map) wherever they want and subsequently I could have an access to the saved locations after survey. I am writing to know how I can provide tools for participants to draw or mark on the map by using HTML codes.

    Read the article

  • Display Special Characters (Korean Letters) in RichTextBox

    - by Peter Lee
    Hi, My question might be a little bit confusing, but I think it's still worth of paying some attention. Basically I'm designing a program to display all printable Unicode characters in a RichTextBox. I'm using VC# 2010 Express Edition. However, the RichTextBox has a critical problem: some special characters cannot be displayed correctly. For example, some Korean Characters (??????????????????????????????), can be displayed correctly in Microsoft Word. After I copy to the RichTextBox, the characters cannot be displayed correctly. However, when I copy back to Microsoft Word, it can be displayed correctly. Therefore, it's a display problem (the characters themselves are correct). I guess it might be a font problem. Some related property info: RichTextBox.Font.GdiChaSet RichTextBox.Font How can I solve it? So that all printable Unicode characters can be displayed correctly (using different fonts for different CharSets are acceptable). Actually, I need further assistance about removing all formatting when pasting rtbxFileContent.Paste(DataFormats.GetFormat(DataFormats.Text)); // DataFormats.UnicodeText I still need to have all printable characters to be displayed correctly, but without any formatting (except font). Thanks. Hope I made myself understood.

    Read the article

  • Add Embebded HTML Code withut rendering on HTML Email

    - by Suneth Kalhara
    I creating HTML email but i need to send some html code without rendering (because this code for user he can copy and paste the code on there website) i need to send this code without rendering on html email, i tried code and pre tags but no luck <a href="###"><img src="####" width="300" height="250" border="0" alt="####/><br />Watch Local Cam</a> is there any way to do this

    Read the article

  • can't install psycopg2 in my env on mac os x lion

    - by Alexander Ovchinnikov
    I tried install psycopg2 via pip in my virtual env, but got this error: ld: library not found for -lpq (full log here: http://pastebin.com/XdmGyJ4u ) I tried install postgres 9.1 from .dmg and via port, (gksks)iMac-Alexander:~ lorddaedra$ locate libpq /Developer/SDKs/MacOSX10.7.sdk/usr/include/libpq /Developer/SDKs/MacOSX10.7.sdk/usr/include/libpq/libpq-fs.h /Developer/SDKs/MacOSX10.7.sdk/usr/include/libpq-events.h /Developer/SDKs/MacOSX10.7.sdk/usr/include/libpq-fe.h /Developer/SDKs/MacOSX10.7.sdk/usr/include/postgresql/internal/libpq /Developer/SDKs/MacOSX10.7.sdk/usr/include/postgresql/internal/libpq/pqcomm.h /Developer/SDKs/MacOSX10.7.sdk/usr/include/postgresql/internal/libpq-int.h /Developer/SDKs/MacOSX10.7.sdk/usr/include/postgresql/server/libpq /Developer/SDKs/MacOSX10.7.sdk/usr/include/postgresql/server/libpq/auth.h /Developer/SDKs/MacOSX10.7.sdk/usr/include/postgresql/server/libpq/be-fsstubs.h /Developer/SDKs/MacOSX10.7.sdk/usr/include/postgresql/server/libpq/crypt.h /Developer/SDKs/MacOSX10.7.sdk/usr/include/postgresql/server/libpq/hba.h /Developer/SDKs/MacOSX10.7.sdk/usr/include/postgresql/server/libpq/ip.h /Developer/SDKs/MacOSX10.7.sdk/usr/include/postgresql/server/libpq/libpq-be.h /Developer/SDKs/MacOSX10.7.sdk/usr/include/postgresql/server/libpq/libpq-fs.h /Developer/SDKs/MacOSX10.7.sdk/usr/include/postgresql/server/libpq/libpq.h /Developer/SDKs/MacOSX10.7.sdk/usr/include/postgresql/server/libpq/md5.h /Developer/SDKs/MacOSX10.7.sdk/usr/include/postgresql/server/libpq/pqcomm.h /Developer/SDKs/MacOSX10.7.sdk/usr/include/postgresql/server/libpq/pqformat.h /Developer/SDKs/MacOSX10.7.sdk/usr/include/postgresql/server/libpq/pqsignal.h /Developer/SDKs/MacOSX10.7.sdk/usr/lib/libpq.5.3.dylib /Developer/SDKs/MacOSX10.7.sdk/usr/lib/libpq.5.dylib /Developer/SDKs/MacOSX10.7.sdk/usr/lib/libpq.a /Developer/SDKs/MacOSX10.7.sdk/usr/lib/libpq.dylib /Library/PostgreSQL/9.1/doc/postgresql/html/install-windows-libpq.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-async.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-build.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-cancel.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-connect.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-control.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-copy.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-envars.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-events.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-example.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-exec.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-fastpath.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-ldap.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-misc.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-notice-processing.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-notify.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-pgpass.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-pgservice.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-ssl.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-status.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq-threading.html /Library/PostgreSQL/9.1/doc/postgresql/html/libpq.html /Library/PostgreSQL/9.1/include/libpq /Library/PostgreSQL/9.1/include/libpq/libpq-fs.h /Library/PostgreSQL/9.1/include/libpq-events.h /Library/PostgreSQL/9.1/include/libpq-fe.h /Library/PostgreSQL/9.1/include/postgresql/internal/libpq /Library/PostgreSQL/9.1/include/postgresql/internal/libpq/pqcomm.h /Library/PostgreSQL/9.1/include/postgresql/internal/libpq-int.h /Library/PostgreSQL/9.1/include/postgresql/server/libpq /Library/PostgreSQL/9.1/include/postgresql/server/libpq/auth.h /Library/PostgreSQL/9.1/include/postgresql/server/libpq/be-fsstubs.h /Library/PostgreSQL/9.1/include/postgresql/server/libpq/crypt.h /Library/PostgreSQL/9.1/include/postgresql/server/libpq/hba.h /Library/PostgreSQL/9.1/include/postgresql/server/libpq/ip.h /Library/PostgreSQL/9.1/include/postgresql/server/libpq/libpq-be.h /Library/PostgreSQL/9.1/include/postgresql/server/libpq/libpq-fs.h /Library/PostgreSQL/9.1/include/postgresql/server/libpq/libpq.h /Library/PostgreSQL/9.1/include/postgresql/server/libpq/md5.h /Library/PostgreSQL/9.1/include/postgresql/server/libpq/pqcomm.h /Library/PostgreSQL/9.1/include/postgresql/server/libpq/pqformat.h /Library/PostgreSQL/9.1/include/postgresql/server/libpq/pqsignal.h /Library/PostgreSQL/9.1/lib/libpq.5.4.dylib /Library/PostgreSQL/9.1/lib/libpq.5.dylib /Library/PostgreSQL/9.1/lib/libpq.a /Library/PostgreSQL/9.1/lib/libpq.dylib /Library/PostgreSQL/9.1/lib/postgresql/libpqwalreceiver.so /Library/PostgreSQL/9.1/pgAdmin3.app/Contents/Frameworks/libpq.5.dylib /Library/PostgreSQL/psqlODBC/lib/libpq.5.4.dylib /Library/PostgreSQL/psqlODBC/lib/libpq.5.dylib /Library/PostgreSQL/psqlODBC/lib/libpq.dylib /Library/WebServer/Documents/postgresql/html/install-windows-libpq.html /Library/WebServer/Documents/postgresql/html/libpq-async.html /Library/WebServer/Documents/postgresql/html/libpq-build.html /Library/WebServer/Documents/postgresql/html/libpq-cancel.html /Library/WebServer/Documents/postgresql/html/libpq-connect.html /Library/WebServer/Documents/postgresql/html/libpq-control.html /Library/WebServer/Documents/postgresql/html/libpq-copy.html /Library/WebServer/Documents/postgresql/html/libpq-envars.html /Library/WebServer/Documents/postgresql/html/libpq-events.html /Library/WebServer/Documents/postgresql/html/libpq-example.html /Library/WebServer/Documents/postgresql/html/libpq-exec.html /Library/WebServer/Documents/postgresql/html/libpq-fastpath.html /Library/WebServer/Documents/postgresql/html/libpq-ldap.html /Library/WebServer/Documents/postgresql/html/libpq-misc.html /Library/WebServer/Documents/postgresql/html/libpq-notice-processing.html /Library/WebServer/Documents/postgresql/html/libpq-notify.html /Library/WebServer/Documents/postgresql/html/libpq-pgpass.html /Library/WebServer/Documents/postgresql/html/libpq-pgservice.html /Library/WebServer/Documents/postgresql/html/libpq-ssl.html /Library/WebServer/Documents/postgresql/html/libpq-status.html /Library/WebServer/Documents/postgresql/html/libpq-threading.html /Library/WebServer/Documents/postgresql/html/libpq.html /opt/local/include/postgresql90/internal/libpq /opt/local/include/postgresql90/internal/libpq/pqcomm.h /opt/local/include/postgresql90/internal/libpq-int.h /opt/local/include/postgresql90/libpq /opt/local/include/postgresql90/libpq/libpq-fs.h /opt/local/include/postgresql90/libpq-events.h /opt/local/include/postgresql90/libpq-fe.h /opt/local/include/postgresql90/server/libpq /opt/local/include/postgresql90/server/libpq/auth.h /opt/local/include/postgresql90/server/libpq/be-fsstubs.h /opt/local/include/postgresql90/server/libpq/crypt.h /opt/local/include/postgresql90/server/libpq/hba.h /opt/local/include/postgresql90/server/libpq/ip.h /opt/local/include/postgresql90/server/libpq/libpq-be.h /opt/local/include/postgresql90/server/libpq/libpq-fs.h /opt/local/include/postgresql90/server/libpq/libpq.h /opt/local/include/postgresql90/server/libpq/md5.h /opt/local/include/postgresql90/server/libpq/pqcomm.h /opt/local/include/postgresql90/server/libpq/pqformat.h /opt/local/include/postgresql90/server/libpq/pqsignal.h /opt/local/lib/postgresql90/libpq.5.3.dylib /opt/local/lib/postgresql90/libpq.5.dylib /opt/local/lib/postgresql90/libpq.a /opt/local/lib/postgresql90/libpq.dylib /opt/local/lib/postgresql90/libpqwalreceiver.so /opt/local/var/macports/sources/rsync.macports.org/release/tarballs/ports/databases/libpqxx /opt/local/var/macports/sources/rsync.macports.org/release/tarballs/ports/databases/libpqxx/Portfile /opt/local/var/macports/sources/rsync.macports.org/release/tarballs/ports/databases/libpqxx26 /opt/local/var/macports/sources/rsync.macports.org/release/tarballs/ports/databases/libpqxx26/Portfile /usr/include/libpq /usr/include/libpq/libpq-fs.h /usr/include/libpq-events.h /usr/include/libpq-fe.h /usr/include/postgresql/internal/libpq /usr/include/postgresql/internal/libpq/pqcomm.h /usr/include/postgresql/internal/libpq-int.h /usr/include/postgresql/server/libpq /usr/include/postgresql/server/libpq/auth.h /usr/include/postgresql/server/libpq/be-fsstubs.h /usr/include/postgresql/server/libpq/crypt.h /usr/include/postgresql/server/libpq/hba.h /usr/include/postgresql/server/libpq/ip.h /usr/include/postgresql/server/libpq/libpq-be.h /usr/include/postgresql/server/libpq/libpq-fs.h /usr/include/postgresql/server/libpq/libpq.h /usr/include/postgresql/server/libpq/md5.h /usr/include/postgresql/server/libpq/pqcomm.h /usr/include/postgresql/server/libpq/pqformat.h /usr/include/postgresql/server/libpq/pqsignal.h /usr/lib/libpq.5.3.dylib /usr/lib/libpq.5.dylib /usr/lib/libpq.a /usr/lib/libpq.dylib How to tell pip to use this lib in /Library/PostgreSQL/9.1/lib/ (or may be in /usr/lib)? or may be install this lib again in my env (i try keep my env isolated from mac as possible)

    Read the article

  • The right way of using index.html

    - by Jeyekomon
    I have quite a lot of issues I'd like to hear your opinion on, so I hope I'll manage to explain it well enough. I should also note that I'm beginner equipped only with the knowledge of HTML and CSS so although I'm almost sure that there is a simple solution using powerful PHP, it won't help me. Let's say that I have my personal blog on the address example.com/blog.html and there are links to several sub-blogs example.com/blog/math.html, example.com/blog/coding.html etc. So my root folder contains blog.html and blog folder, the blog folder itself contains files math.html and coding.html. First of all, I learned (from Google Webmasters Tools) that for SEO and aesthetical purposes it's good to unify example.com.com and example.com/index.html by adding _rel="canonical"_ attribute into the source of the index.html. Using a couple of other tricks (like linking to ../ and ./) I got rid of the ugly index.html appearing in my web addresses. And now I wonder if this trick can be used not only for the root folder but for any folder? I mean, I would move my blog.html into the blog folder, rename it into the index.html and add rel="canonical" to unify example.com/blog/index.html with example.com/blog/. This trick would change the address of my blog from example.com/blog.html into example.com/blog/. Not finished! I'm also experiencing problems with the google robot indexing my folders. So when I type site:example.com/ into the google search, the link to my folder example.com/blog/ with raw files, icons etc. appears among the other results. I guess there are also other ways how to fix it, but IMHO the change mentioned above would do the trick too - the index.html in the blog folder would preserve the user from viewing the actual raw content of that folder, there would appear only the right link example.com/blog/ in the google search and (I hope that) _rel="canonical"_ would make the second, unwanted link example.com/blog/index.html not to appear in the search results. So my questions are: Is it a good practice to have the index.html file in every subfolder or is it intended to be only in the root folder? Are there any disadvantages or problems that may occur when using the second, "index in every folder" method? Which one of the two ways of structuring the website described above would you prefer?

    Read the article

  • Removing .html and index.html from URL

    - by James Turner
    I'm having some problems trying to Remove the .html extension from URLs Removing 'index.html' from an URL 1) To remove the extension I have tried using this in my htaccess file. RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME}\.html -f RewriteRule ^(.*)$ $1.html However when I click links in my HTML such as <a href="abcde.html"></a> it doesn't remove the .html from the URL and I am left with www.website.com/abcde.html 2) I tried using this to remove the index.html RewriteCond %{THE_REQUEST} \/index\.(php|html)\ HTTP [NC] RewriteRule (.*)index\.(php|html)$ /$1 [R=301,L] But when I load an index.html file on my server, my URL looks something like this www.website.com/folder// I am left with an extra / at the end. Can anyone help me out?

    Read the article

  • MSBuild - Writing Escape Characters to Files

    - by Richm7
    I've got a very similar scenario to the one described in this post. It describes how to load the contents of a file that contains properties & items, making sure they're resolved as part of the process. I'm doing the same thing except writing the contents away to another text file (generally .ini file). In short I'd start by importing a project / propertygroup which contains this text: ; ----------- [heading] setting1=$(FirstValue) setting2=$(SecondValue) setting3=list;of;values;delimited;by;semicolons setting4=bla bla bla ; ----------- & hopefully write it away to a new .ini file containing the following: ; ----------- [heading] setting1=value resolved by msbuild setting2=another value resolved by msbuild setting3=list;of;values;delimited;by;semicolons setting4=bla bla bla ; ----------- Only problem is that some files will contain semicolons. I can live without comments, but they're also used as part of values e.g. in lists. This is the result of using the WriteLinesToFile task. The semicolons are treated as escape characters & result in new lines, so the value of 'setting3' in the above example would be split over 6 lines. Is there a way around this without implementing my own task? Thanks in advance for the help!

    Read the article

  • MySQL escape string help

    - by gAMBOOKa
    I have a pretty large insert statement something like INSERT INTO multimedia (filename, regex, flag) VALUES (('adsfavr.jpg', '<div id="title">', 0), (...), (...)); How do I prepare the query for MySQL.It's too long to do it manually. It includes double quotes so I can't use the php function mysql_real_escape_string()

    Read the article

  • Need a simple tool for analysing unicode characters

    - by Steve Bennett
    I'm surprised I can't find a simple tool for this. Basically, sometimes as a result of text munging, or using some piece of software, I end up with some text that has some troublesome characters - such as looking a lot like other characters, but being distinct from them. I'd like a tool (preferably online, javascript based) where I can paste the text, and it will tell me all the characters involved, their names, unicode codes etc.

    Read the article

  • Get the rendered text from HTML (Delphi)

    - by Daisetsu
    I have some HTML and I need to extract the actual written text from the page. So far I have tried using a web browser and rendering the page, then going to the document property and grabbing the text. This works, but only where the browser is supported (IE com object). The problem is I want this to be able to run under wine also, so I need a solution that doesn't use IE COM. There must be a programatic way to do this that is reasonable.

    Read the article

  • Number nested ordered lists in HTML

    - by John
    Hi I have a nested ordered list. <ol> <li>first</li> <li>second <ol> <li>second nested first element</li> <li>second nested secondelement</li> <li>second nested thirdelement</li> </ol> </li> <li>third</li> <li>fourth</li> </ol> Currently the nested elements start back from 1 again, e.g. first second second nested first element second nested second element second nested third element third fourth What I want is for the second element to be numbered like this: first second 2.1. second nested first element 2.2. second nested second element 2.3. second nested third element third fourth Is there a way of doing this? Thanks

    Read the article

  • Force page reload with html anchors (#) - HTML & JS

    - by yuval
    Say I'm on a page called /example#myanchor1 where myanchor is an anchor in the page. I'd like to link to /example#myanchor2, but force the page to reload while doing so. The reason is that I run js to detect the anchor from the url at the page load. The problem [normally expected behavior] here though, is that the browser just sends me to that specific anchor on the page without reloading the page. How would I go about doing so (JS OK). Thanks!

    Read the article

  • Escaped International characters?

    - by FFish
    I am looking at some PHP code where there are translation strings. For French there are characters that I have never seen before and I am asking if someone could shed a light. These strings are used as HTML output, but also as body text to send emails. È = é Ë = è ‡ = à Í = ê ...

    Read the article

  • Validating allowed characters or validating disallowed characters

    - by Tom
    I've always validated my user input based on a list of valid/allowed characters, rather than a list of invalid/disallowed characters (or simply no validation). It's just a habit I picked up, probably on this site and I've never really questioned it until now. It makes sense if you wish to, say, validate a phone number, or validate an area code, however recently I've realised I'm also validating input such as Bio Text fields, User Comments, etc. for which the input has no solid syntax. The main advantage has always seemed to be: Validating allowed chars reduces the risk of you missing a potentially malicious character, but increases the risk the of you not allowing a character which the user may want to use. The former is more important. But, providing I am correctly preventing SQL Injection (with prepared statements) and also escaping output, is there any need for this extra barrier of protection? It seems to me as if I am just allowing practically every character on the keyboard, and am forgetting to allow some common characters. Is there an accepted practice for this situation? Or am I missing something obvious? Thanks.

    Read the article

  • Parsing HTML Documents with the Html Agility Pack

    Screen scraping is the process of programmatically accessing and processing information from an external website. For example, a price comparison website might screen scrape a variety of online retailers to build a database of products and what various retailers are selling them for. Typically, screen scraping is performed by mimicking the behavior of a browser - namely, by making an HTTP request from code and then parsing and analyzing the returned HTML. The .NET Framework offers a variety of classes for accessing data from a remote website, namely the WebClient class and the HttpWebRequest class. These classes are useful for making an HTTP request to a remote website and pulling down the markup from a particular URL, but they offer no assistance in parsing the returned HTML. Instead, developers commonly rely on string parsing methods like String.IndexOf, String.Substring, and the like, or through the use of regular expressions. Another option for parsing HTML documents is to use the Html Agility Pack, a free, open-source library designed to simplify reading from and writing to HTML documents. The Html Agility Pack constructs a Document Object Model (DOM) view of the HTML document being parsed. With a few lines of code, developers can walk through the DOM, moving from a node to its children, or vice versa. Also, the Html Agility Pack can return specific nodes in the DOM through the use of XPath expressions. (The Html Agility Pack also includes a class for downloading an HTML document from a remote website; this means you can both download and parse an external web page using the Html Agility Pack.) This article shows how to get started using the Html Agility Pack and includes a number of real-world examples that illustrate this library's utility. A complete, working demo is available for download at the end of this article. Read on to learn more! Read More >

    Read the article

  • Wishful Thinking: Why can't HTML fix Script Attacks at the Source?

    - by Rick Strahl
    The Web can be an evil place, especially if you're a Web Developer blissfully unaware of Cross Site Script Attacks (XSS). Even if you are aware of XSS in all of its insidious forms, it's extremely complex to deal with all the issues if you're taking user input and you're actually allowing users to post raw HTML into an application. I'm dealing with this again today in a Web application where legacy data contains raw HTML that has to be displayed and users ask for the ability to use raw HTML as input for listings. The first line of defense of course is: Just say no to HTML input from users. If you don't allow HTML input directly and use HTML Encoding (HttyUtility.HtmlEncode() in .NET or using standard ASP.NET MVC output @Model.Content) you're fairly safe at least from the HTML input provided. Both WebForms and Razor support HtmlEncoded content, although Razor makes it the default. In Razor the default @ expression syntax:@Model.UserContent automatically produces HTML encoded content - you actually have to go out of your way to create raw HTML content (safe by default) using @Html.Raw() or the HtmlString class. In Web Forms (V4) you can use:<%: Model.UserContent %> or if you're using a version prior to 4.0:<%= HttpUtility.HtmlEncode(Model.UserContent) %> This works great as a hedge against embedded <script> tags and HTML markup as any HTML is turned into text that displays as HTML but doesn't render the HTML. But it turns any embedded HTML markup tags into plain text. If you need to display HTML in raw form with the markup tags rendering based on user input this approach is worthless. If you do accept HTML input and need to echo the rendered HTML input back, the task of cleaning up that HTML is a complex task. In the projects I work on, customers are frequently asking for the ability to post raw HTML quite frequently.  Almost every app that I've built where there's document content from users we start out with text only input - possibly using something like MarkDown - but inevitably users want to just post plain old HTML they created in some other rich editing application. See this a lot with realtors especially who often want to reuse their postings easily in multiple places. In my work this is a common problem I need to deal with and I've tried dozens of different methods from sanitizing, simple rejection of input to custom markup schemes none of which have ever felt comfortable to me. They work in a half assed, hacked together sort of way but I always live in fear of missing something vital which is *really easy to do*. My Wishlist Item: A <restricted> tag in HTML Let me dream here for a second on how to address this problem. It seems to me the easiest place where this can be fixed is: In the browser. Browsers are actually executing script code so they have a lot of control over the script code that resides in a page. What if there was a way to specify that you want to turn off script code for a block of HTML? The main issue when dealing with HTML raw input isn't that we as developers are unaware of the implications of user input, but the fact that we sometimes have to display raw HTML input the user provides. So the problem markup is usually isolated in only a very specific part of the document. So, what if we had a way to specify that in any given HTML block, no script code could execute by wrapping it into a tag that disables all script functionality in the browser? This would include <script> tags and any document script attributes like onclick, onfocus etc. and potentially also disallow things like iFrames that can potentially be scripted from the within the iFrame's target. I'd like to see something along these lines:<article> <restricted allowscripts="no" allowiframes="no"> <div>Some content</div> <script>alert('go ahead make my day, punk!");</script> <div onfocus="$.getJson('http://evilsite.com/')">more content</div> </restricted> </article> A tag like this would basically disallow all script code from firing from any HTML that's rendered within it. You'd use this only on code that you actually render from your data only and only if you are dealing with custom data. So something like this:<article> <restricted> @Html.Raw(Model.UserContent) </restricted> </article> For browsers this would actually be easy to intercept. They render the DOM and control loading and execution of scripts that are loaded through it. All the browser would have to do is suspend execution of <script> tags and not hookup any event handlers defined via markup in this block. Given all the crazy XSS attacks that exist and the prevalence of this problem this would go a long way towards preventing at least coded script attacks in the DOM. And it seems like a totally doable solution that wouldn't be very difficult to implement by vendors. There would also need to be some logic in the parser to not allow an </restricted> or <restricted> tag into the content as to short-circuit the rstricted section (per James Hart's comment). I'm sure there are other issues to consider as well that I didn't think of in my off-the-back-of-a-napkin concept here but the idea overall seems worth consideration I think. Without code running in a user supplied HTML block it'd be pretty hard to compromise a local HTML document and pass information like Cookies to a server. Or even send data to a server period. Short of an iFrame that can access the parent frame (which is another restriction that should be available on this <restricted> tag) that could potentially communicate back, there's not a lot a malicious site could do. The HTML could still 'phone home' via image links and href links potentially and basically say this site was accessed, but without the ability to run script code it would be pretty tough to pass along critical information to the server beyond that. Ahhhh… one can dream… Not holding my breath of course. The design by committee that is the W3C can't agree on anything in timeframes measured less than decades, but maybe this is one place where browser vendors can actually step up the pressure. This is something in their best interest to reduce the attack surface for vulnerabilities on their browser platforms significantly. Several people commented on Twitter today that there isn't enough discussion on issues like this that address serious needs in the web browser space. Realistically security has to be a number one concern with Web applications in general - there isn't a Web app out there that is not vulnerable. And yet nothing has been done to address these security issues even though there might be relatively easy solutions to make this happen. It'll take time, and it's probably not going to happen in our lifetime, but maybe this rambling thought sparks some ideas on how this sort of restriction can get into browsers in some way in the future.© Rick Strahl, West Wind Technologies, 2005-2012Posted in ASP.NET  HTML5  HTML  Security   Tweet !function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs"); (function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = 'https://apis.google.com/js/plusone.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })();

    Read the article

1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >