Search Results

Search found 635 results on 26 pages for 'bypass'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 15/26 | < Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >

  • Invite friends from facebook on my application using facebook api

    - by Seema
    Hello all, I create a application which allow user integration through facebook(connect with facebook).when user sign-in in application , i want to show all facebook friends of sign-in user for invite them to join my application. In current i am using multi friend selector for invite friends. <fb:serverfbml width="615"> <script type="text/fbml"> <fb:request-form action="action url" method="POST" invite="true" type="invite" content=" my message"> <fb:multi-friend-selector showborder="true" bypass="cancel" cols=3 email_invite="false" import_external_friends="false" actiontext="Invite your friend from facebook"/> </fb:request-form> </script> </fb:serverfbml> I want to customize mult friend selector 1 Can change css and show all friend in a single column? 2 can i show disable the friends whose are already connect with my application? please give your suggestion or if any other option for this. Thanks

    Read the article

  • Django, CSRF protection and js generated form

    - by Neewok
    I have to create a form dynamically via javascript (yeah, that sounds ugly, but read this for the reason) and wants to make its submission CSRF proof. Usually, I use the @csrf_protect decorator in my views, and the {% csrf_token %} tag in my templates, as recommanded in the doc. But what should I do with a client-side generated form ? If I add a '/get_token/' view to generate a token on the server and obtain its value (say, via JSONP), then that means that I'm creating a backdoor an attacker could use to bypass the protection. Kinda head-scratching. What would you recommand ?

    Read the article

  • RewriteCond and Full QUERY_STRING

    - by Tim
    I'm having hard time getting my head wrapped around this one - and it should be trivial. I would like to redirect one URL with a specific query string to another URL. I want to send any requests that contain the query string in the URL http://mysite.com/index.php?option=com_user&view=register To: http://mysite.com/index.php?option=com_regme&view=form&regme=4&random=0&Itemid=6 If they add anything to the end of the first URL, it should still go to the second URL so that they cannot bypass the redirection. Nothing in the first query string needs to be preserved and passed to the second - all I want to do is change the URL completely. I'm tearing my hair out trying to get this to work yet it should be trivial. Suggestions? Thanks, -Tim

    Read the article

  • Best way to implement a 404 in ASP.NET

    - by Ben Mills
    I'm trying to determine the best way to implement a 404 page in a standard ASP.NET web application. I currently catch 404 errors in the Application_Error event in the Global.asax file and redirect to a friendly 404.aspx page. The problem is that the request sees a 302 redirect followed by a 404 page missing. Is there a way to bypass the redirect and respond with an immediate 404 containing the friendly error message? Does a web crawler such as Googlebot care if the request for a non existing page returns a 302 followed by a 404?

    Read the article

  • how to exploit vulnerability of php?

    - by Dr Deo
    i have never seen a buffer overflow exploit in live action. supporse I have found a server that seems to have vulnerabilities. Where can i get proof of the concept code preferably in c/c++ to exploit the vulnerability? eg i found this vulnerability Multiple directory traversal vulnerabilities in functions such as 'posix_access()', 'chdir()', 'ftok()' may allow a remote attacker to bypass 'safe_mode' restrictions. (CVE-2008-2665 and CVE-2008-2666). How can i get proof of concept code for educational purposes PS I am a student and my only desire is to learn

    Read the article

  • .NET Process.Start() on an executable on a remote system - security warning?

    - by BrettRobi
    I've created a Windows Service that accepts commands from remote machines via WCF. One of those commands is to run a specified executable (let's ignore the security implications of such functionality). In my Service I am using Process.Start() to run the executable. All works well if the executable is local to the machine, but if it is on a remote file share it is failing with no error (or more accurately just hanging). I suspect the problem is that it is triggering the standard Windows 'Unverified Publisher' warning that one would see if they double click an exe on a remote system. Is there any way I can bypass this from my service so that I can truly run any executable? As I said I understand the security implications of allowing it to run any executable, but this is really what I need. I would have thought this warning was only a user mode concept, but it really does seem to be getting in the way of my Service. Ideas?

    Read the article

  • Refactor/rewrite code or continue?

    - by Dan
    I just completed a complex piece of code. It works to spec, it meets performance requirements etc etc but I feel a bit anxious about it and am considering rewriting and/or refactoring it. Should I do this (spending time that could otherwise be spent on features that users will actually notice)? The reasons I feel anxious about the code are: The class hierarchy is complex and not obvious Some classes don't have a well defined purpose (they do a number of unrelated things) Some classes use others internals (they're declared as friend classes) to bypass the layers of abstraction for performance, but I feel they break encapsulation by doing this Some classes leak implementation details (eg, I changed a map to a hash map earlier and found myself having to modify code in other source files to make the change work) My memory management/pooling system is kinda clunky and less-than transparent They look like excellent reasons to refactor and clean code, aiding future maintenance and extension, but could be quite time consuming. Also, I'll never be perfectly happy with any code I write anyway... So, what does stackoverflow think? Clean code or work on features?

    Read the article

  • IE won't start session from an iframe?..

    - by jayarjo
    The task was to bypass login form on remote server with a session_id acquired through a call to server's web API. So that user wouldn't have to login twice. Since there's no way to set cookies for different domain. What we came up to was - put a little file on remote server, to which we pass encrypted session_id from hidden iframe and which is supposed to start a proper session for a remote app, which is then loaded in another iframe. This approach works fine in FF/Chrome, but not IE... However if I copy url to self-made remote authorization script from iframe's src attribute to to IE's address bar and load it from there, session get's created as expected. But for some reason it just doesn't want to do the same from an iframe. Does anyone have any clue, why this is happening?

    Read the article

  • How can I fix the scroll bug when using Windows rich edit controls in wxpython?

    - by ChrisD
    When using wx.TextCtl with the wx.TE_RICH2 option in windows, I get this strange bug with the auto-scroll when using the AppendText function. It scrolls so that all the text is above the visible area, which isn't very useful behaviour. I tried just adding a call to ScrollLines(-1) after appending the text - which does scroll it to the correct position - but this can lead to the window flashing when it auto-scrolls. So I'm looking for another way to automatically scroll to the bottom. So far, my solution is to bypass the AppendText functions auto-scroll and implement my own, like this: def append_text(textctrl, text): before_number_of_lines = textctrl.GetNumberOfLines() textctrl.SetInsertionPointEnd() textctrl.WriteText(text) after_number_of_lines = textctrl.GetNumberOfLines() textctrl.ScrollLines(before_number_of_lines - after_number_of_lines + 1) Is there a better way?

    Read the article

  • DLL/TLB in Java<->DCOM communication

    - by beermann
    I have to write an OpenOffice add-on (in Java) which communicates with DCOM server of some closed-source application. The major problem is that, I don't have any documentation about server's Interfaces . All I have is a VB/C++ SDK kit for the Application. SDK contain a library in dll and a bunch of *.tlb files. In SDK documentation there is an information, I can use java, but there is no example at all. I have read provided examples and it looks like all the communication wit DCOM goes through this dll. Is there a way to somehow import such dll/tlb functions def directly to java, bypass dll and comunicate with DCOM or I have to write a C++ wrapper(dll)? What is the best way to do it? Any hints are welcomed.

    Read the article

  • How to clone a mercurial repository over an ssh connection initiated by fabric when http authorizati

    - by Monika Sulik
    I'm attempting to use fabric for the first time and I really like it so far, but at a certain point in my deployment script I want to clone a mercurial repository. When I get to that point I get an error: err: abort: http authorization required My repository requires http authorization and fabric doesn't prompt me for the user and password. I can get around this by changing my repository address from: https://hostname/repository to: https://user:password@hostname/repository But for various reasons I would prefer not to go this route. Are there any other ways in which I could bypass this problem?

    Read the article

  • CakePHP - Just Layout?

    - by Kieran
    I want to set $this->layout to json in the controller action. In the json layout, there will be a line saying $this->Javascript>object(); which will parse through the data given to it by the controller, and output the jSON. However, creating a new view file for each jSON request, eg. recipe_view, ingredient_view isn't necessary, I just need a layout. Is there a way to bypass the view file altogether and have just the layout, without the notorious Missing View! error? Many Thanks Kieran

    Read the article

  • Syncronize an SVN repo (svnsync) with encoding errors

    - by Hamish
    Is it possible to fix/bypass non-UTF8 encoded svn:log records when syncronizing repositories with svnsync? Background I'm in the process of taking over the maintenance of an open source module that is stored within a large (well over 10,000 revisions) subversion (1.5.5) repository. I do not have admin access to the remote repository to dump/filter/load the module. The old repository is being discontinued and I am trying to sync the original sub module to my local (1.6+) repository with svnsync. For example: svnsync file://home/svn/temp-repo/ http://path.to.repo/modulename/ The problem is that the old repository didn't enforce UTF8 encoding and I'm hitting errors like: svnsync: Cannot accept 'svn:log' property because it is not encoded in UTF-8 I can't modify the log property in the source repository so I need to somehow modify or ignore the property value when the encoding is unknown/invalid. Any ideas? For example, is it possible to write a pre-revprop-change script to modify the log property in transit?

    Read the article

  • .NET ORM and Security

    - by Sphynx
    We're going to use an ORM tool with a .NET desktop application. The tool allows creation of persistent classes. It generates all database tables automatically. In addition to other data, our system needs to store user credentials, and deliver access control. The question is, is there any possibility of access control by means of ORM, without creating the database authentication mechanisms manually? Is there any product on the market which allows this? We thought of limiting the access in the program itself, but users can easily access the database directly, and bypass the program limitations. Thanks.

    Read the article

  • How combine 2 functions on submit?

    - by Mahmoud
    hey there, as you can see, i have to functions first to check if all forms are not empty and the second function is to verify the captcher, when i combine them together both work at the same time, i want to first to verify the first function, when that function returns true then the other function starts, here is the code that i used on form <form action="reg.php" method="post" enctype="application/x-www-form-urlencoded" onsubmit=" Checking(this); return jcap();" > As you can see both function execute at the same time so i tried this <form action="reg.php" method="post" enctype="application/x-www-form-urlencoded" onsubmit=" if(Checking(this) == true ){ return jcap();}" > is bypass both i also tried this <form action="reg.php" method="post" enctype="application/x-www-form-urlencoded" onsubmit=" return(Checking(this) && jcap(this));" > and it bypassed jcap function

    Read the article

  • IHTMLTxtRange.execCommand("Copy",false,null) fails due to IE settings

    - by srirambalaji-s
    We have a .Net application that is used for editing/rendering customized HTML documents. It is hosted in IE using the AxSHDocVw.AxWebBrowser controls. We proceed with navigating to "about:blank" page initially then we change the Document by writing our custom values into it. The problem we are facing is the call to IHTMLTxtRange.execCommand("Copy",false,null) is failing if we don't enable the IE Security Settings in the Internet Security zone (Scripting-Allow Programmatic Access to Clipboard ). In order to bypass the security setting ,I tried to point to a local html file initially while navigating. But this fails as soon as I modify the Document. I want to use the IHTMLTxtRange.execCommand("Copy",false,null) command so that I can customize our Copy/Paste operations. Is there any other way I can do this. Please share your ideas inorder to overcome this situation. Thanks. Sriram

    Read the article

  • How to secure authiorization of methods

    - by Kurresmack
    I am building a web site in C# using MVC.Net How can I secure that no unauthorized persons can access my methods? What I mean is that I want to make sure that only admins can create articles on my page. If I put this logic in the method actually adding this to the database, wouldn't I have business logic in my data layer? Is it a good practise to have a seperate security layer that is always in between of the data layer and the business layer to make? The problem is that if I protect at a higher level I will have to have checks on many places and it is more likely that I miss one place and users can bypass security. Thanks!

    Read the article

  • Bypassing Windows Copy design

    - by Scott S
    I have been trying to figure out a way to streamline copying files from one drive (network or external in my case) to my main system drives. Short of creating a program that I will have to activate each time then choosing all the info in it, I have no really good design to bypass it. I have been wondering if there was a way to intercept a straight-forward windows copy with a program to do it my way. The basic design would be that upon grabbing the copy (actually for this to be efficient, a group of different copies), the program would organize all the separate copies into a single stream of copies. I've been wanting to do this as recently I have been needing to make backups of a lot of data and move it a lot as all my drives seem to be failing the past few months.

    Read the article

  • How to select text that is not marked up with CSS/jquery?

    - by Gal
    I want to apply some CSS to text that I can't get marked up in span's. So for example: <li><a href="google.com">This is marked up</a> and this is not </li> I want to select, with either CSS (preferably) or jQuery this bit: and this is not. Maybe there's a method of selecting the entire li then excluding a, that seems like a bypass. The reason why I can't get it marked up is because I'm using WP and prefer to do that than dig into endless lines of php code. Thanks a lot for the help.

    Read the article

  • immediate=true is set on a jsf command button but still seeing validation

    - by Zack Macomber
    I have the following command button set up in a facelet: <h:commandButton action="#{addressAction.deletePreviousAddress}" value="#{bundle['button.deleteAddress']}" styleClass="deg-form-button" immediate="true"> <f:setPropertyActionListener target="#{addressAction.addressActionForm.previousAddress}" value="#{address}"> </f:setPropertyActionListener> </h:commandButton> In AddressAction, the following code gets run to delete a previous address on the form: public Enum<NavigationConstants> deletePreviousAddress() { addressActionForm.getPreviousAddresses().remove(addressActionForm.getPreviousAddress()); return NavigationConstants.addresses; } Before I made the address input components "required=true", this code worked fine and removed the previous address from the jsf form successfully. Right now, I can't successfully delete a previous address because validation is occurring and stating that the input components need to be filled in on the previous address record on the form. How can I bypass this validation? I thought the "immediate=true" attribute on the command button would have accomplished it but that's not cutting it in my case...

    Read the article

  • saving appengine mail from spam filters

    - by Fh
    One of my clients uses Trend Micro InterScan Messaging Security to protect their internal mail services. Suddenly InterScan decided to filter out all messages coming from Google App Engine. Unfortunately they haven't been able to whitelist the sender address as each e-mail gets a different one. For example, *3ckihSOVMMHlZHSL.JSMMHlZHSL.JS*@apphosting.bounces.google.com, with everything before the @ being variable. Update I'm including this screenshot of how Interscan sees the incoming e-mail. Notice that all senders are different: If I look into the e-mail headers, the apphosting domain appears inside the Return-Path field: Return-Path: <36kSiSwYIBh0883XL3E7.5EH883XL3E7.5E@apphosting.bounces.google.com> The "From" field looks ok. It says what I set it to say, but the spam filter only looks at the Return-Path. My client sysadmin doesn't want to whitelist the whole apphosting domain, as it wouldn't be only whitelisting my application. How could I bypass this e-mail filters if I can't get an unique sender? Thanks,

    Read the article

  • linq to sql string property from non-null column with default

    - by Barry Fandango
    I have a LINQ to SQL class "VoucherRecord" based on a simple table. One property "Note" is a string that represents an nvarchar(255) column, which is non-nullable and has a default value of empty string (''). If I instantiate a VoucherRecord the initial value of the Note property is null. If I add it using a DataContext's InsertOnSubmit method, I get a SQL error message: Cannot insert the value NULL into column 'Note', table 'foo.bar.tblVoucher'; column does not allow nulls. INSERT fails. Why isn't the database default kicking in? What sort of query could bypass the default anyway? How do I view the generated sql for this action? Thanks for your help!

    Read the article

  • How to write my own download manager using Objective C for iOS devices

    - by Saurabh
    I am writing a download manager for iPhone using objective C. I am using ASIHTTP framework and its working great. But my problem is I am not able to download from file sharing sites like filesonic, rapidshare, hotfile etc. I want to know how can I get download (actual download) url from these sites, or at least how these sites are hiding this info (and where), so I can get that somehow... Is there any open source library or framework to help me with this? How firefox or other desktop browser get this link? Any help will be much appreciated! Update 1 : I don't want to bypass their advertising and revenue streams. Almost all file sharing companies also provide free downloads with low bandwidth, I only want to use that service. there are many download managers available now for iPhone like - "Downloads Lite". I just want to build a similar functionality.

    Read the article

  • Capturing stdout within the same process in Python

    - by danben
    I've got a python script that calls a bunch of functions, each of which writes output to stdout. Sometimes when I run it, I'd like to send the output in an e-mail (along with a generated file). I'd like to know how I can capture the output in memory so I can use the email module to build the e-mail. My ideas so far were: use a memory-mapped file (but it seems like I have to reserve space on disk for this, and I don't know how long the output will be) bypass all this and pipe the output to sendmail (but this may be difficult if I also want to attach the file)

    Read the article

  • How to get details like PHP's stat() but using (raw) FTP (CURL)?

    - by Christian Sciberras
    Hello all! I'm new here. I've got a question related to PHP, FTP and CURL. I need to emulate PHP's stat() with CURL FTP. I already know that it may take more than one command to do it. Here's what I've got so far (PHP/STAT ... FTP/CURL): dev ino mode ... LIST * nlink uid ... LIST * gid ... LIST * rdev size ... SIZE (or better still, use from LIST) atime mtime ... MDTM ctime blksize blocks *How is FTP LIST used and parsed (preferably on a single file)? What I need most are the values for atime and ctime, there rest is to be filled for the sake of having full functionality. My end goal is to have a class for proper FTP access with streamWrapper functionality (so as to bypass allow_url_fopen). Cheers!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >