Search Results

Search found 1170 results on 47 pages for 'forgery gem'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 10/47 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >

  • which ruby twitter library/gem to use?

    - by Radek
    there is a list of ruby gems for twitter could anybody recommend me one that is good to start to learn/use? that have some history of development etc etc? I want to the stuff below on my linux box search for keywords and follow autofollow rewteet

    Read the article

  • How could i configure Rmagick gem or ImageMagick to solve following problem

    - by chs
    I am getting following error while running local script/server of my rails project /usr/lib/ruby/gems/1.8/gems/rmagick-2.13.1/lib/RMagick2.so: This installation of RMagick was configured with ImageMagick 6.6.1 but ImageMagick 6.4.5 is in use. (RuntimeError) and RMagick2.so is blank. and identify --version command shows following result Version: ImageMagick 6.6.1-10 2010-05-21 Q8 http://www.imagemagick.org So, my question is how and where should i make changes to work it fine; I had already reinstall ImageMagick but didnt work for me, so any suggestions Thanks in advance

    Read the article

  • ruby parseexecel gem - array not implemented

    - by josh
    I am trying to work with two worksheets at the same time. So I have code require 'parseexcel' #Open the excel file passed in from the commandline workbook = Spreadsheet::ParseExcel.parse(ARGV[0]) workbook2 = Spreadsheet::ParseExcel.parse(ARGV[1]) #Get the first worksheet worksheet = workbook.worksheet(0) worksheet2 = workbook2.worksheet(0) However, when I run this code I get an error: array is not implemented This error goes away when I comment out line: workbook2 = Spreadsheet::ParseExcel.parse(ARGV[1]) Why is this happeneing? Way I am running script is: ruby -rubygems traverse.rb excel.xls so.xls

    Read the article

  • Using twitter gem to signup and authenticate users

    - by Jim Jones
    Hi, I'd like to allow users the option to register using their Twitter account. Basically, I'll present them with a standard signup form (name, login, email, pwd, pwd_confirm) as well as a "Signup with Twitter" link. If a user chooses to signup with Twitter creds, then I'll create a user record in db. Then I'd like to be able to allow a user to authenticate using their Twitter creds on returning visits. Also, I'm using restful_authentication, so I need to have this work within that context. What is the best way to do this? I haven't been to find any tutorials on allowing the signup and authentication pieces. Most examples just show how to authenticate a Twitter user into your app. Thanks.

    Read the article

  • Twitter API - oauth gem - not getting callback

    - by haries
    I redirect the user of my application to Twitter for oauth style authentication using my app's request_token. The user is able to enter username and password on Twitter's page BUT then, instead of calling back my application, Twitter displays a page You've successfully granted access to MyAppName! Simply return to MyAppName and enter the following PIN to complete the process. 123456 Why is this happening? I have set the callback url in my app's settings. Thanks

    Read the article

  • Trouble reinstalling Gem after failure

    - by Sirupsen
    Yesterday I tried to install Jeweler via Rubygems, however somewhere in the middle of the process I had a power failure, resulting in my computer turning off in the middle of the installation process. Once I got it back up, I tried to reinstall Jeweler, however resulting in an error I've had trouble decoding. Does anyone have any idea on how to fix this problem? (I tried uninstall, cleanup and check)

    Read the article

  • Ruby-on-rails: routing problem: controller action looks for show when it should look for finalize

    - by cbrulak
    background: trying to use the twitter gem for ruby-on-rails. in routes: map.resources :twitter_sessions map.finalize_twitter_sessions 'twitter_sessions/finalize', :controller => 'twitter_sessions', :action => 'finalize' (twitter_sessions is the controller for the twitter sessions in my app). The view has one file new.html.erb and is very simple: <% form_tag(twitter_sessions_path) do |f| %> <p><%= submit_tag "twitter!" %></p> <% end %> and the twitter_sessions_controller.rb: def new end def create oauth.set_callback_url(finalize_twitter_sessions_url) session['rtoken'] = oauth.request_token.token session['rsecret'] = oauth.request_token.secret redirect_to oauth.request_token.authorize_url end def destroy reset_session redirect_to new_session_path end def finalize oauth.authorize_from_request(session['rtoken'], session['rsecret'], params[:oauth_verifier]) profile = Twitter::Base.new(oauth).verify_credentials session['rtoken'] = session['rsecret'] = nil session[:atoken] = oauth.access_token.token session[:asecret] = oauth.access_token.secret sign_in(profile) redirect_back_or root_path end However, after I click the "twitter" button, I get this error: 401 Unauthorized .../gems/oauth-0.3.6/lib/oauth/consumer.rb:200:in `token_request' .../gems/oauth-0.3.6/lib/oauth/consumer.rb:128:in `get_request_token' .../gems/twitter-0.9.2/lib/twitter/oauth.rb:32:in `request_token' .../gems/twitter-0.9.2/lib/twitter/oauth.rb:25:in `set_callback_url' app/controllers/twitter_sessions_controller.rb:7:in `create' If I go to the finalize url, http://localhost:3000/twitter_sessions/finalize, directly, I get this error: Unknown action No action responded to show. Actions: create, destroy, finalize, isLoggedInToBeta, login_required, and new Any ideas? Thanks

    Read the article

  • Import Excel into Rails app

    - by Jack
    Hi, I am creating a small rails app for personal use and would like to be able to upload excel files to later be validated and added to the database. I had this working previously with csv files, but this has since become impractical. Does anyone know of a tutorial for using the roo or spreadsheet gem to upload the file, display the contents to the user and then add to the database (after validating)? I know this is quite specific, but I want to work through this step by step. All I have so far is an 'import' view: <% form_for :dump, :url=>{:controller=>"students", :action=>"student_import"}, :html => { :multipart => true } do |f| -%> Select an Excel File : <%= f.file_field :excel_file -%> <%= submit_tag 'Submit' -%> <% end -%> But have no idea how to access this uploaded file in the controller. Any suggestions/help would be welcomed. Thanks

    Read the article

  • updating rails to 2.3.6

    - by Nik
    can you update your 2.3.5 app with just "gem update rails" and change the version # in environment.rb? I did that and lots of errors came out like in console just typing Post.all would show "undefined method `retrieve_connection' for nil:NilClass". Any ideas? By the way, I have these gems in my environment.rb config.gem "aws-s3", :version = "= 0.6.2", :lib = "aws/s3" config.gem "less" config.gem "authlogic" config.gem "be9-acl9", :source = "http://gems.github.com", :lib = "acl9" config.gem "hash_extension" config.gem "prawn"

    Read the article

  • Chef Knife-Windows

    - by Nick Zagoreos
    I'm trying to bootstrap a windows 2008 R2 Server with chef and i'm receiving this error :"CScript Error: Execution of the Windows Script Host failed. (0x800A0007)". After some research i find out that i must install the "specific_install" gem and use Knife-windows gem from git but when i'm trying to install gem with this command "gem specific_install -l https://github.com/opscode/knife-windows.git" i'm receiving the following error : "ERROR: While executing gem ... (NoMethodError) undefined method `build' for Gem::Package:Module" What am i doing wrog? Thank you in advance

    Read the article

  • Installing Rails, MySQL, etc. everything goes wrong

    - by Rits
    I've been struggling with this for a few hours. Everything just stopped working and I can't get it to work anymore. I'm a noob at Ruby, Ruby on Rails and the Terminal in general. This is really frustrating me so I just try to describe my problem as detailed as possible hoping someone can give me a solution. I'm on Mac OS X Snow Leopard. I couldn't get Rails working at all just now: Could not find gem 'rails' headaches But after some tries of reinstalling it, it suddenly worked again. But now I just can't get MySQL to work, and it sometimes even breaks the Rails installation again. This is what I do: sudo gem uninstall rails sudo gem uninstall mysql sudo gem uninstall mysql2 After these commands, I check the installed gems with gem list. No MySQL gem is listed anymore, but I can still see rails (2.3.5, 2.2.2, 1.2.6) . Is this normal? Does this mean I have 3 Rails installations? It doesn't make sense to me. Anyway, then I do this: sudo gem clean Which fails completely. I get a bunch of errors like this: Attempting to uninstall fcgi-0.8.7 Unable to uninstall fcgi-0.8.7: Gem::InstallError: cannot uninstall, check gem list -d fcgi It doesn't uninstall anything. At this point, I try to install everything again. I start with: sudo gem install rails Which succeeds (I think): Successfully installed rails-3.0.3 Successfully installed builder-2.1.2 2 gems installed Installing ri documentation for rails-3.0.3... File not found: lib Then, I update RubyGems: sudo gem update --system sudo gem install rubygems-update sudo update_rubygems Then it says I have 1.3.7 installed, so it succeeded, I think. So now I proceed with installing MySQL. I already got MySQL 5.5.8 installed on my machine. I did some research about installing MySQL on Snow Leopard, and it seems I have to use this command: sudo env ARCHFLAGS="-arch x86_64" gem install mysql -- --with-mysql-config=/usr/local/mysql/bin/mysql_config I get a bunch of errors like this: No definition for time_set_neg No definition for time_set_second_part No definition for time_equal No definition for error_errno At this point, I assume I got both Rails and the MySQL gem installed, so I try to start a new project. rails new user_group -d mysql It works! Rails is installed correctly. Now, I try generating a model. cd user_group rails generate model User It fails with this error: Could not find gem 'mysql2 (= 0, runtime)' in any of the gem sources listed in your Gemfile. Try running bundle install. So I try running bundle install. It installs a lot of gems. Then I try to generate my model again. I get this error: Library/Ruby/Gems/1.8/gems/mysql2-0.2.6/lib/mysql2/mysql2.bundle: dlopen(/Library/Ruby/Gems/1.8/gems/mysql2-0.2.6/lib/mysql2/mysql2.bundle, 9): Library not loaded: libmysqlclient.16.dylib (LoadError) Referenced from: /Library/Ruby/Gems/1.8/gems/mysql2-0.2.6/lib/mysql2/mysql2.bundle Reason: image not found - /Library/Ruby/Gems/1.8/gems/mysql2-0.2.6/lib/mysql2/mysql2.bundle This is as far as I can get. What should I do? And why should this be so hard...

    Read the article

  • Missing a constant on load.. how can i get around this? (Rails::Plugin::OpenID)

    - by Chris Kimpton
    I have a Rails 2 project that I am trying to upgrade to Rails 3, but getting some issues with bundler. When I run "rake", it runs the tests just fine. But when I run "bundle exec rake" it fails to find a constant. The error is this: /Users/kimptoc/.rvm/gems/ruby-1.8.7-p330@p-borisbikestats-pre-rails3/gems/activesupport-2.3.9/lib/active_support/dependencies.rb:131:in `const_missing': uninitialized constant Rails::Plugin::OpenID (NameError) from /Users/kimptoc/Documents/ruby/borisbikes/borisbikestats.pre3/vendor/plugins/open_id_authentication/init.rb:16:in `evaluate_init_rb' from /Users/kimptoc/.rvm/gems/ruby-1.8.7-p330@p-borisbikestats-pre-rails3/gems/activesupport-2.3.9/lib/active_support/callbacks.rb:182:in `call' from /Users/kimptoc/.rvm/gems/ruby-1.8.7-p330@p-borisbikestats-pre-rails3/gems/activesupport-2.3.9/lib/active_support/callbacks.rb:182:in `evaluate_method' from /Users/kimptoc/.rvm/gems/ruby-1.8.7-p330@p-borisbikestats-pre-rails3/gems/activesupport-2.3.9/lib/active_support/callbacks.rb:166:in `call' from /Users/kimptoc/.rvm/gems/ruby-1.8.7-p330@p-borisbikestats-pre-rails3/gems/activesupport-2.3.9/lib/active_support/callbacks.rb:90:in `run' from /Users/kimptoc/.rvm/gems/ruby-1.8.7-p330@p-borisbikestats-pre-rails3/gems/activesupport-2.3.9/lib/active_support/callbacks.rb:90:in `each' from /Users/kimptoc/.rvm/gems/ruby-1.8.7-p330@p-borisbikestats-pre-rails3/gems/activesupport-2.3.9/lib/active_support/callbacks.rb:90:in `send' from /Users/kimptoc/.rvm/gems/ruby-1.8.7-p330@p-borisbikestats-pre-rails3/gems/activesupport-2.3.9/lib/active_support/callbacks.rb:90:in `run' from /Users/kimptoc/.rvm/gems/ruby-1.8.7-p330@p-borisbikestats-pre-rails3/gems/activesupport-2.3.9/lib/active_support/callbacks.rb:276:in `run_callbacks' from /Users/kimptoc/.rvm/gems/ruby-1.8.7-p330@p-borisbikestats-pre-rails3/gems/actionpack-2.3.9/lib/action_controller/dispatcher.rb:51:in `send' from /Users/kimptoc/.rvm/gems/ruby-1.8.7-p330@p-borisbikestats-pre-rails3/gems/actionpack-2.3.9/lib/action_controller/dispatcher.rb:51:in `run_prepare_callbacks' from /Users/kimptoc/.rvm/gems/ruby-1.8.7-p330@p-borisbikestats-pre-rails3/gems/rails-2.3.9/lib/initializer.rb:631:in `prepare_dispatcher' from /Users/kimptoc/.rvm/gems/ruby-1.8.7-p330@p-borisbikestats-pre-rails3/gems/rails-2.3.9/lib/initializer.rb:185:in `process' from /Users/kimptoc/.rvm/gems/ruby-1.8.7-p330@p-borisbikestats-pre-rails3/gems/rails-2.3.9/lib/initializer.rb:113:in `send' from /Users/kimptoc/.rvm/gems/ruby-1.8.7-p330@p-borisbikestats-pre-rails3/gems/rails-2.3.9/lib/initializer.rb:113:in `run' from /Users/kimptoc/Documents/ruby/borisbikes/borisbikestats.pre3/config/environment.rb:9 from ./test/test_helper.rb:2:in `require' from ./test/test_helper.rb:2 I have these gems installed: $ gem list *** LOCAL GEMS *** actionmailer (2.3.9) actionpack (2.3.9) activerecord (2.3.9) activeresource (2.3.9) activesupport (2.3.9) authlogic (2.1.3) bundler (1.0.7) gravtastic (2.2.0) linecache (0.43) mocha (0.9.10) newrelic_rpm (2.13.4) parseexcel (0.5.2) rack (1.1.0) rack-openid (1.1.1) rails (2.3.9) rake (0.8.7) ruby-debug-base (0.10.5.jb2, 0.10.4) ruby-debug-ide (0.4.15) ruby-openid (2.1.8, 2.1.7, 2.0.4) sqlite3-ruby (1.3.2) The bundler Gemfile is as follows: source 'http://rubygems.org' #gem 'rails', '3.0.3' gem "rails", "2.3.9" gem "activesupport", "2.3.9" gem "ruby-openid", "2.1.7", :require => "openid" #gem "authlogic-oid", "1.0.4" # Bundle edge Rails instead: # gem 'rails', :git => 'git://github.com/rails/rails.git' gem 'sqlite3-ruby', :require => 'sqlite3' gem "authlogic", "= 2.1.3" gem "newrelic_rpm" # gem "facebooker" gem "parseexcel" gem 'gravtastic', '= 2.2.0' gem "rack-openid", '=1.1.1', :require => 'rack/openid' # not sure what this does... gem "mocha" I have these plugins installed: 2dc_jqgrid authlogic_openid open_id_authentication squirrel I see these similar questions: Missing a constant on load.. how can i get around this? and Requiring gem in Rails 3 Controller failing with "Constant Missing" But their solutions dont seem to work for my situation. I am guessing the issue is around the plugins, but my ruby-foo is too weak. Thanks in advance, Chris

    Read the article

  • getting rid of ruby gems that won't die

    - by holden
    I've got a few ruby gems that won't go away. I think it has to do with when I installed them. Occasionally I have forgotten to use "sudo" before doing a gem install, which results in a write error and from what I can gather puts a copy of the gem in my user directory instead of somewhere it can run. But gem uninstall doesn't work. It continually shows up in 'gem list' but can't uninstall it from either gem uninstall, or sudo gem uninstall. I tried directly deleting one gem after finding the path in my 'gem environment', but that still left the gem on the list. Also is it possible just to remove all gems and start from scratch? These are driving me nuts. I'm running OS X. Thanks,

    Read the article

  • problem with uninitialized constant

    - by VinTem
    Hi, I have the following controller class ActiveUsersController < ApplicationController def edit end end And my routes.rb is like this: map.resources :active_users When I try to access the controller using the url http://localhost:3000/active_users/COo8e45RqQAHr6CqSCoI/edit I got the following error: NameError in Active usersController#edit uninitialized constant ActiveUsersController RAILS_ROOT: /Users/vintem/Documents/Projetos/Pessoal/bugfreela Application Trace | Framework Trace | Full Trace /Users/vintem/.gem/ruby/1.8/gems/activesupport-2.3.5/lib/active_support/dependencies.rb:443:in load_missing_constant' /Users/vintem/.gem/ruby/1.8/gems/activesupport-2.3.5/lib/active_support/dependencies.rb:80:inconst_missing' /Users/vintem/.gem/ruby/1.8/gems/activesupport-2.3.5/lib/active_support/dependencies.rb:92:in const_missing' /Users/vintem/.gem/ruby/1.8/gems/activesupport-2.3.5/lib/active_support/inflector.rb:361:inconstantize' /Users/vintem/.gem/ruby/1.8/gems/activesupport-2.3.5/lib/active_support/inflector.rb:360:in each' /Users/vintem/.gem/ruby/1.8/gems/activesupport-2.3.5/lib/active_support/inflector.rb:360:inconstantize' /Users/vintem/.gem/ruby/1.8/gems/activesupport-2.3.5/lib/active_support/core_ext/string/inflections.rb:162:in constantize' /Users/vintem/.gem/ruby/1.8/gems/actionpack-2.3.5/lib/action_controller/routing/route_set.rb:443:inrecognize' /Users/vintem/.gem/ruby/1.8/gems/actionpack-2.3.5/lib/action_controller/routing/route_set.rb:436:in `call' Can anyone help me? Thanks

    Read the article

  • What's wrong with Bundler working with RubyGems to push a Git repo to Heroku?

    - by stanigator
    I've made sure that all the files are in the root of the repository as recommended in this discussion. However, as I follow the instructions in this section of the book, I can't get through the section without the problems. What do you think is happening with my system that's causing the error? I have no clue at the moment of what the problem means despite reading the following in the log. Thanks in advance for your help! stanley@ubuntu:~/rails_sample/first_app$ git push heroku master Warning: Permanently added the RSA host key for IP address '50.19.85.156' to the list of known hosts. Counting objects: 96, done. Compressing objects: 100% (79/79), done. Writing objects: 100% (96/96), 28.81 KiB, done. Total 96 (delta 22), reused 0 (delta 0) -----> Heroku receiving push -----> Ruby/Rails app detected -----> Installing dependencies using Bundler version 1.2.0.pre Running: bundle install --without development:test --path vendor/bundle --binstubs bin/ --deployment Fetching gem metadata from https://rubygems.org/....... Installing rake (0.9.2.2) Installing i18n (0.6.0) Installing multi_json (1.3.5) Installing activesupport (3.2.3) Installing builder (3.0.0) Installing activemodel (3.2.3) Installing erubis (2.7.0) Installing journey (1.0.3) Installing rack (1.4.1) Installing rack-cache (1.2) Installing rack-test (0.6.1) Installing hike (1.2.1) Installing tilt (1.3.3) Installing sprockets (2.1.3) Installing actionpack (3.2.3) Installing mime-types (1.18) Installing polyglot (0.3.3) Installing treetop (1.4.10) Installing mail (2.4.4) Installing actionmailer (3.2.3) Installing arel (3.0.2) Installing tzinfo (0.3.33) Installing activerecord (3.2.3) Installing activeresource (3.2.3) Installing coffee-script-source (1.3.3) Installing execjs (1.3.2) Installing coffee-script (2.2.0) Installing rack-ssl (1.3.2) Installing json (1.7.3) with native extensions Installing rdoc (3.12) Installing thor (0.14.6) Installing railties (3.2.3) Installing coffee-rails (3.2.2) Installing jquery-rails (2.0.2) Using bundler (1.2.0.pre) Installing rails (3.2.3) Installing sass (3.1.18) Installing sass-rails (3.2.5) Installing sqlite3 (1.3.6) with native extensions Gem::Installer::ExtensionBuildError: ERROR: Failed to build gem native extension. /usr/local/bin/ruby extconf.rb checking for sqlite3.h... no sqlite3.h is missing. Try 'port install sqlite3 +universal' or 'yum install sqlite-devel' and check your shared library search path (the location where your sqlite3 shared library is located). *** extconf.rb failed *** Could not create Makefile due to some reason, probably lack of necessary libraries and/or headers. Check the mkmf.log file for more details. You may need configuration options. Provided configuration options: --with-opt-dir --without-opt-dir --with-opt-include --without-opt-include=${opt-dir}/include --with-opt-lib --without-opt-lib=${opt-dir}/lib --with-make-prog --without-make-prog --srcdir=. --curdir --ruby=/usr/local/bin/ruby --with-sqlite3-dir --without-sqlite3-dir --with-sqlite3-include --without-sqlite3-include=${sqlite3-dir}/include --with-sqlite3-lib --without-sqlite3-lib=${sqlite3-dir}/lib --enable-local --disable-local Gem files will remain installed in /tmp/build_3tplrxvj7qa81/vendor/bundle/ruby/1.9.1/gems/sqlite3-1.3.6 for inspection. Results logged to /tmp/build_3tplrxvj7qa81/vendor/bundle/ruby/1.9.1/gems/sqlite3-1.3.6/ext/sqlite3/gem_make.out An error occurred while installing sqlite3 (1.3.6), and Bundler cannot continue. Make sure that `gem install sqlite3 -v '1.3.6'` succeeds before bundling. ! ! Failed to install gems via Bundler. ! ! Heroku push rejected, failed to compile Ruby/rails app To [email protected]:growing-mountain-2788.git ! [remote rejected] master -> master (pre-receive hook declined) error: failed to push some refs to '[email protected]:growing-mountain-2788.git' ------Gemfile------------------------ As requested, here's the auto-generated gemfile: source 'https://rubygems.org' gem 'rails', '3.2.3' # Bundle edge Rails instead: # gem 'rails', :git => 'git://github.com/rails/rails.git' gem 'sqlite3' gem 'json' # Gems used only for assets and not required # in production environments by default. group :assets do gem 'sass-rails', '~> 3.2.3' gem 'coffee-rails', '~> 3.2.1' # See https://github.com/sstephenson/execjs#readme for more supported runtimes # gem 'therubyracer', :platform => :ruby gem 'uglifier', '>= 1.0.3' end gem 'jquery-rails' # To use ActiveModel has_secure_password # gem 'bcrypt-ruby', '~> 3.0.0' # To use Jbuilder templates for JSON # gem 'jbuilder' # Use unicorn as the app server # gem 'unicorn' # Deploy with Capistrano # gem 'capistrano' # To use debugger # gem 'ruby-debug'

    Read the article

  • Guarding against CSRF Attacks in ASP.NET MVC2

    - by srkirkland
    Alongside XSS (Cross Site Scripting) and SQL Injection, Cross-site Request Forgery (CSRF) attacks represent the three most common and dangerous vulnerabilities to common web applications today. CSRF attacks are probably the least well known but they are relatively easy to exploit and extremely and increasingly dangerous. For more information on CSRF attacks, see these posts by Phil Haack and Steve Sanderson. The recognized solution for preventing CSRF attacks is to put a user-specific token as a hidden field inside your forms, then check that the right value was submitted. It's best to use a random value which you’ve stored in the visitor’s Session collection or into a Cookie (so an attacker can't guess the value). ASP.NET MVC to the rescue ASP.NET MVC provides an HTMLHelper called AntiForgeryToken(). When you call <%= Html.AntiForgeryToken() %> in a form on your page you will get a hidden input and a Cookie with a random string assigned. Next, on your target Action you need to include [ValidateAntiForgeryToken], which handles the verification that the correct token was supplied. Good, but we can do better Using the AntiForgeryToken is actually quite an elegant solution, but adding [ValidateAntiForgeryToken] on all of your POST methods is not very DRY, and worse can be easily forgotten. Let's see if we can make this easier on the program but moving from an "Opt-In" model of protection to an "Opt-Out" model. Using AntiForgeryToken by default In order to mandate the use of the AntiForgeryToken, we're going to create an ActionFilterAttribute which will do the anti-forgery validation on every POST request. First, we need to create a way to Opt-Out of this behavior, so let's create a quick action filter called BypassAntiForgeryToken: [AttributeUsage(AttributeTargets.Method, AllowMultiple=false)] public class BypassAntiForgeryTokenAttribute : ActionFilterAttribute { } Now we are ready to implement the main action filter which will force anti forgery validation on all post actions within any class it is defined on: [AttributeUsage(AttributeTargets.Class, AllowMultiple = false)] public class UseAntiForgeryTokenOnPostByDefault : ActionFilterAttribute { public override void OnActionExecuting(ActionExecutingContext filterContext) { if (ShouldValidateAntiForgeryTokenManually(filterContext)) { var authorizationContext = new AuthorizationContext(filterContext.Controller.ControllerContext);   //Use the authorization of the anti forgery token, //which can't be inhereted from because it is sealed new ValidateAntiForgeryTokenAttribute().OnAuthorization(authorizationContext); }   base.OnActionExecuting(filterContext); }   /// <summary> /// We should validate the anti forgery token manually if the following criteria are met: /// 1. The http method must be POST /// 2. There is not an existing [ValidateAntiForgeryToken] attribute on the action /// 3. There is no [BypassAntiForgeryToken] attribute on the action /// </summary> private static bool ShouldValidateAntiForgeryTokenManually(ActionExecutingContext filterContext) { var httpMethod = filterContext.HttpContext.Request.HttpMethod;   //1. The http method must be POST if (httpMethod != "POST") return false;   // 2. There is not an existing anti forgery token attribute on the action var antiForgeryAttributes = filterContext.ActionDescriptor.GetCustomAttributes(typeof(ValidateAntiForgeryTokenAttribute), false);   if (antiForgeryAttributes.Length > 0) return false;   // 3. There is no [BypassAntiForgeryToken] attribute on the action var ignoreAntiForgeryAttributes = filterContext.ActionDescriptor.GetCustomAttributes(typeof(BypassAntiForgeryTokenAttribute), false);   if (ignoreAntiForgeryAttributes.Length > 0) return false;   return true; } } The code above is pretty straight forward -- first we check to make sure this is a POST request, then we make sure there aren't any overriding *AntiForgeryTokenAttributes on the action being executed. If we have a candidate then we call the ValidateAntiForgeryTokenAttribute class directly and execute OnAuthorization() on the current authorization context. Now on our base controller, you could use this new attribute to start protecting your site from CSRF vulnerabilities. [UseAntiForgeryTokenOnPostByDefault] public class ApplicationController : System.Web.Mvc.Controller { }   //Then for all of your controllers public class HomeController : ApplicationController {} What we accomplished If your base controller has the new default anti-forgery token attribute on it, when you don't use <%= Html.AntiForgeryToken() %> in a form (or of course when an attacker doesn't supply one), the POST action will throw the descriptive error message "A required anti-forgery token was not supplied or was invalid". Attack foiled! In summary, I think having an anti-CSRF policy by default is an effective way to protect your websites, and it turns out it is pretty easy to accomplish as well. Enjoy!

    Read the article

  • How can I make Rails work when it is installed as a gem in Ubuntu?

    - by Koning WWWWWWWWWWWWWWWWWWWWWWW
    I have installed Ruby on Rails in Ubuntu 10.04: $ sudo gem install rails $ echo $PATH prints: /home/koningbaard/.gem/ruby/1.8/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games But when I run $ rails --version, BASH tells me that rails is not currenly installed, and that I can install it with apt-get, which I don't want (I want it installed through gem). Can anyone help me where I can find it and how I can add it to my PATH? Thanks

    Read the article

  • How do I compile and build the taf2-curb Ruby gem on Windows XP with MinGW?

    - by Laran Evans
    How do I compile and build the taf2-curb Ruby gem on Windows XP with MinGW? I tried this, but I'm kinda fishing, unsuccessfully. C:\Documents and Settings\Megem install taf2-curb -- --with-curl-include=C:/curl-7.19.5-devel-mingw32/include --with-curl-dir=C:/curl-7.19.5 --with-curl-lib=C:/curl-7.19.5-devel-mingw32/lib --prefix=C:/MinGW --with-curllib Bulk updating Gem source index for: http://gems.rubyforge.org Updating metadata for 73 gems from http://gems.rubyonrails.org ......................................................................... complete Bulk updating Gem source index for: http://gems.github.com Building native extensions. This could take a while... ERROR: Error installing taf2-curb: ERROR: Failed to build gem native extension. C:/Ruby/bin/ruby.exe extconf.rb install taf2-curb -- --with-curl-include=C:/curl-7.19.5-devel-mingw32/include --with-cur l-dir=C:/curl-7.19.5 --with-curl-lib=C:/curl-7.19.5-devel-mingw32/lib --prefix=C:/MinGW --with-curllib checking for curl-config... no checking for main() in true.lib... no *** extconf.rb failed *** Could not create Makefile due to some reason, probably lack of necessary libraries and/or headers. Check the mkmf.log file for more details. You may need configuration options. Provided configuration options: --with-opt-dir --without-opt-dir --with-opt-include --without-opt-include=${opt-dir}/include --with-opt-lib --without-opt-lib=${opt-dir}/lib --with-make-prog --srcdir=. --curdir --ruby=C:/Ruby/bin/ruby --with-curl-dir --with-curl-include=${curl-dir}/include --with-curl-lib=${curl-dir}/lib --with-curllib extconf.rb:9: Can't find libcurl or curl/curl.h (RuntimeError) Try passing --with-curl-dir or --with-curl-lib and --with-curl-include options to extconf. Gem files will remain installed in C:/Ruby/lib/ruby/gems/1.8/gems/taf2-curb-0.4.8.0 for inspection. Results logged to C:/Ruby/lib/ruby/gems/1.8/gems/taf2-curb-0.4.8.0/ext/gem_make.out C:\Documents and Settings\Me I've installed curl-7.19.5 and curl-7.19.5-devel-mingw from this url: http://curl.haxx.se/download.html Help! And thanks!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >