Search Results

Search found 25503 results on 1021 pages for 'browser security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 157/1021 | < Previous Page | 153 154 155 156 157 158 159 160 161 162 163 164  | Next Page >

  • Preventing a security breach

    - by Wiz
    I am creating a website where you "post", and the form content is saved in a MySql database, and upon loading the page, is retrieved, similar to facebook. I construct all the posts and insert raw html into a template. The thing is, as I was testing, I noticed that I could write javascript or other HTML into the form and submit it, and upon reloading, the html or JS would treated as source code, not a post. I figured that some simple encoding would do the trick, but using is not working. Is there an efficient way to prevent this type of security hole?

    Read the article

  • How to normalize SVG path data (cross browser)?

    - by Timo
    I have tried to find a way to implement cross browser path normalizer. There IS a native way which is described here and functional example is here, but it works only in newest Opera (but not in IE, FF, Safari, Chrome). The native way uses pathElm.normalizedPathSegList and it converts all relative coordinates to absolute ones and represents all path segment types as a following subset of types: M,L,C,z. I have found only one javascript code and jsfiddled functional example of it, but it works only in IE and FF. Chrome gives "Uncaught Error: INDEX_SIZE_ERR: DOM Exception 1". How this could be fixed to work also in Opera, Safari and Chrome or is there any other way for normalizing SVG paths?

    Read the article

  • ASP.Net website makes browser load unwanted (non-referenced) plugins

    - by alec0001
    I've found that some of my ASP.Net web apps prompt the browser to load plugins that I'm not explicitely using and certainly haven't deliberately referenced in the project settings. Two that come to mind are for MS MediaPlayer and the "SVG Viewer for Netscape". The only commonality I've determined so far is that the two sites/apps affected both use Master pages (nested in some cases). We don't use SVG file types (just the normal mix of jpg/gif/png) and no video/audio (not yet anyway). Can anyone provide a hint as to where the references for these might be creeping in? e.g. Is it a server-level include? Or a .Net runtime default when using master pages? Does anyone else even experience this, or is it just me? No urgency, I'd just like to remove it if possible. Thanks. Al

    Read the article

  • how to force browser to re-request page after history.back()

    - by yellowred
    Hi, I've got two scripts: 1.php and 1.php. Here they are: 1.php <?php header('Pragma: no-cache'); header('Cache-Control: max-age=1; no-cache'); header('Expires: Tue, 1 May 1985 01:10:00 GMT'); header('ETag: "'.md5(rand(1, 1000)).'"'); print date('H:i:s'); ?> <a href="2.php">pay</a> 2.php <a href="javascript:history.back()">back</a> Visitor lands on 1.php and then goes to 2.php. I want browser to re-request 1.php after vistor's click on "back" link. On current state it doesn't work. How it can be managed?

    Read the article

  • Programmatically set browser cookie (Firefox)

    - by Andrew
    I know from this question that Firefox 3.0 and up stores its cookies in an SQLite database. My question is: can you access this database from other desktop programs in such a way that you could add a cookie? I realize this has security implications. However, I do not want to read them at all. I want to be able to set one cookie if possible. I don't even want to overwrite a cookie. I just want to add it if it isn't there already. This is sort of a personal project I'm working on for fun. This question is mostly language agnostic. I would prefer a solution in C#, but proof of concept in any language will suffice. Extra credit: It would be cool to set the same cookie in Internet Explorer, too

    Read the article

  • Session attacks, what are the new breeds of attacks ?

    - by user352321
    Hello, I am collecting as information as possible about http(s) session attacks. There is a plenty of information about existing attacks, but, i would like to know if some new breeds of attacks are now made possible either by security flaws in popular software or technologies or by new smarter security engineering. Do you have some recommendations about new techniques or tools ? Thanks,

    Read the article

  • Entity Framework Security

    - by NYSystemsAnalyst
    In my organization, we are just beginning to use the Entity Framework for some applications. In the past, we have pushed developers to utilize stored procedures for all database access. In addition to helping with SQL injection, we tried to grant logins access to stored procedures only to keep security relatively tight. Although inserting, updating, and deleting are easily done through stored procedures in the EF, it appears to be difficult to use stored procedures to query data with EF. However, using LINQ or Entity SQL and allowing EF to create the queries means giving a user read access to the entire database. How have others handled this dilemma?

    Read the article

  • browser scroll not going at bottom of toggle?

    - by metal-gear-solid
    I 'm using this code to make a toogle effect at bottom of the page. it's working but toogle div going under the fold but browser do not to scroll at bottom following the toogle area <script type="text/javascript"> jQuery.noConflict(); jQuery(document).ready(function() { // toggles the slickbox on clicking the noted link jQuery('a#sm_toggle').click(function() { jQuery('#sitemapContainer').slideToggle(400); return false; }); }); </script>

    Read the article

  • CSS: Fixed background images taller than the browser viewport

    - by jj_aa
    I've got a large photo (940x1210) as the background image for a #page div which wraps around all the content on a site. Since the photo is a headshot, it looks pretty silly tiled, so I've set it not to repeat, and positioned it at 0,0. When the content enclosed by #page is taller than 1210px and the background image is set to scroll, the photo scrolls out of view, but if it's fixed, only the part of the image displayed initially in the browser viewport shows up- either the top half (fixed top left) or bottom half (fixed bottom left). Here's the question: how can I fix the background image to the bottom of #page (or the body) while scrolling through the full height of the image until I get to the bottom?

    Read the article

  • Uploadify & Integrated Windows Authentication

    - by vdh_ant
    Hi guys I'm running into an issue with Uploadify and I hope someone can help. I have put Uploadify into my app and all works fine in dev (using the VS web server). All worked fine and checked until I deployed the app into my test environment which uses Integrated Windows Authentication. When I actually go to upload the file, the browser brings up a login prompt. At this point, even if you type in the correct username and password, the request seems not to complete and even if you tell the browser to remember the password it still brings up the login prompt. When this started to occur, I decided to spin up Fiddler and see what was going on. But guess what, when ever Fiddler is running the issue doesn't occur. Unfortunately I can't make running Fiddler a reuqierment for running the app. Hence does anyone have any ideas. I know there are some issues with Uploadify/flash when using forms authentication but I didn't think they carried across to Integrated Windows Authentication. Cheers Anthony

    Read the article

  • Detect IE version in Javascript

    - by Chad Decker
    I want to bounce users of our web site to an error page if they're using a version of Internet Explorer prior to v9. It's just not worth our time and money to support IE pre-v9. Users of all other non-IE browsers are fine and shouldn't be bounced. Here's the proposed code: if(navigator.appName.indexOf("Internet Explorer")!=-1){ //yeah, he's using IE var badBrowser=( navigator.appVersion.indexOf("MSIE 9")==-1 && //v9 is ok navigator.appVersion.indexOf("MSIE 1")==-1 //v10, 11, 12, etc. is fine too ); if(badBrowser){ // navigate to error page } } Will this code do the trick? To head off a few comments that will probably be coming my way: [1] Yes, I know that users can forge their useragent string. I'm not concerned. [2] Yes, I know that programming pros prefer sniffing out feature-support instead of browser-type but I don't feel this approach makes sense in this case. I already know that all (relevant) non-IE browsers support the features that I need and that all pre-v9 IE browsers don't. Checking feature by feature throughout the site would be a waste. [3] Yes, I know that someone trying to access the site using IE v1 (or = 20) wouldn't get 'badBrowser' set to true and the warning page wouldn't be displayed properly. That's a risk we're willing to take. [4] Yes, I know that Microsoft has "conditional comments" that can be used for precise browser version detection. IE no longer supports conditional comments as of IE 10, rendering this approach absolutely useless. Any other obvious issues to be aware of? Thanks.

    Read the article

  • Truncating long strings with CSS: feasible yet?

    - by Sam Stokes
    Is there any good way of truncating text with plain HTML and CSS, so that dynamic content can fit in a fixed-width-and-height layout? I've been truncating server-side by logical width (i.e. a blindly-guessed number of characters), but since a 'w' is wider than an 'i' this tends to be suboptimal, and also requires me to re-guess (and keep tweaking) the number of characters for every fixed width. Ideally the truncation would happen in the browser, which knows the physical width of the rendered text. I've found that IE has a text-overflow: ellipsis property that does exactly what I want, but I need this to be cross-browser. This property seems to be (somewhat?) standard but isn't supported by Firefox. I've found various workarounds based on overflow: hidden, but they either don't display an ellipsis (I want the user to know the content was truncated), or display it all the time (even if the content wasn't truncated). Does anyone have a good way of fitting dynamic text in a fixed layout, or is server-side truncation by logical width as good as I'm going to get for now?

    Read the article

  • Method for launching audio player on Android from web page for streaming media

    - by Brad
    To link to SHOUTcast/HTTP internet radio streams, traditionally you would link to a playlist file, such as an M3U or PLS. From there, the browser would launch the audio player registered to handle the playlist. This works great on any PC, Palm, Blackberry, and iPhone. This method does not work in Android without installing extra software. Sure, Just Playlists or StreamFurious can handle it just fine, but I am assuming there has to be a way to invoke the audio or video player commonly installed by default on Android installations. By default, no audio player is capable of handling M3U or PLS. The player seems to open it, but says "Unsupported Media Type". To make this more annoying, the browser is capable of streaming MP3 audio over HTTP, simply by opening a link to an MP3 file. I have tried simply linking directly to the MP3 stream hosted by SHOUTcast, which should end up in the same result, but SHOUTcast detects "Mozilla" in the user-agent string, and instead of sending the stream, it sends the information page for the station. How should I link to a SHOUTcast stream on Android, from a normal mobile site, without using extra applications?

    Read the article

  • UnauthorizedAccessException in ComRegisterFunction when accessing registry on Win 7 64.

    - by sanbornc
    I have a [ComRegisterFunction] that I am using to register a BHO Internet explorer extension. During registration on 64-bit windows 7 machines, a UnauthorizedAccessException is thrown on the call to subKey.SetValue("NoExplorer", 1). The registry appears to have BHO's located @ \HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects, however, I get them same exception when trying to register there. Any Help would be appreciated. [ComRegisterFunction] public static void RegisterBho(Type type) { string BhoKeyName= "Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects"; RegistryKey registryKey = Registry.LocalMachine.OpenSubKey(BhoKeyName, true) ?? Registry.LocalMachine.CreateSubKey(BhoKeyName); if(registryKey == null) throw new ApplicationException("Unable to register Bho"); registryKey.Flush(); string guid = type.GUID.ToString("B"); RegistryKey subKey = registryKey.OpenSubKey(guid) ?? registryKey.CreateSubKey(guid); if (subKey == null) throw new ApplicationException("Unable to register Bho"); subKey.SetValue("NoExplorer", 1); registryKey.Close(); subKey.Close(); }

    Read the article

  • Strange behavior while returning csv file from spring controller

    - by Fanooos
    I working in a spring application which have an action method that returns a CSV file. This action works fine but in some cases it throws a predefined exception (MyAppException). I have another method that is annotated @ExceptionHandler(MyAppException.class) In the exception handler method I return another csv file but with different contents. The code that returns the csv file is almost the same in the two methods. List<String[]> list= new ArrayList<String[]>(); list.add(new String[]{ integrationRequestErrorLog.getErrorMessage(), Long.toString(integrationRequestErrorLog.getId()), Integer.toString(integrationRequestErrorLog.getErrorCode()) }); CSVWriter writer = new CSVWriter(response.getWriter(), ','); writer.writeAll(list); writer.close(); the difference between the two method is the list of contents. In the first method the file is returned normally while in the exception handler method I have a strange behavior. The exception handler method works fine with Opera browser while it gives me a 404 with FireFox. Opera browser give me 404 also but it download the file while firefox does not? Really I do not understand what is the difference here.

    Read the article

  • Do email forms need to be santized before sending?

    - by levi
    I have a client that keeps getting reports from godaddy's "websiteprotection.com" stating how the website is insecure. Your website contains pages that do not properly sanitize visitor-provided input to make sure it contains no malicious content or scripts. Cross-site scripting vulnerabilities let malicious users execute arbitrary HTML or script code in another visitor's browser. Output: The request string used to detect this flaw was : /cross_site_scripting.?nasl.asp The output was : HTTP/1.1 404 Not Found\r Date: Wed, 21 Mar 2012 08:12:02 GMT\r Server: Apache\r X-Pingback:http://?CLIENTSWEBSITE.com/?xmlrpc.php\r Expires: Wed, 11 Jan 1984 05:00:00 GMT\r Cache-Control: no-cache, must-revalidate, max-age=0\r Pragma: no-cache\r Set-Cookie: PHPSESSID=?1jsnhuflvd59nb4trtquston50; path=/\r Last-Modified: Wed, 21 Mar 2012 08:12:02 GMT\r Keep-Alive: timeout=15, max=100\r Connection: Keep-Alive\r Transfer-Encoding: chunked\r Content-Type: text/html; charset=UTF-8\r \r <div id="contact-form" class="widget"><form action="http://?CLIENTSWEBSITE.c om/<script>cross_site_?scripting.nasl</script>.asp" id="contactForm" meth od="post"> It looks like it has an issue with the contact form. All the contact form does is posts an ajax request to the same page, and than a PHP script mails the data (no database stuff). Is there any a security issues here? Any ideas on how I can satisfy the security scanner? Here is the form and script: <form action="<?php echo $this->getCurrentUrl(); ?>" id="contactForm" method="post"> <input type="text" name="Name" id="Name" value="" class="txt requiredField name" /> //Some more text inputs <input type="hidden" name="sendadd" id="sendadd" value="<?php echo $emailadd ; ?>" /> <input type="hidden" name="submitted" id="submitted" value="true" /><input class="submit" type="submit" value="Send" /> </form> // Some initial JS validation, if that passes an ajax post is made to the script below //If the form is submitted if(isset($_POST['submitted'])) { //Check captcha if (isset($_POST["captchaPrefix"])) { $capt = new ReallySimpleCaptcha(); $correct = $capt->check( $_POST["captchaPrefix"], $_POST["Captcha"] ); if( ! $correct ) { echo false; die(); } else { $capt->remove( $_POST["captchaPrefix"] ); } } $dateon = $_POST["dateon"]; $ToEmail = $_POST["sendadd"]; $EmailSubject = 'Contact Form Submission from ' . get_bloginfo('title'); $mailheader = "From: ".$_POST["Email"]."\r\n"; $mailheader .= "Reply-To: ".$_POST["Email"]."\r\n"; $mailheader .= "Content-type: text/html; charset=iso-8859-1\r\n"; $MESSAGE_BODY = "Name: ".$_POST["Name"]."<br>"; $MESSAGE_BODY .= "Email Address: ".$_POST["Email"]."<br>"; $MESSAGE_BODY .= "Phone: ".$_POST["Phone"]."<br>"; if ($dateon == "on") {$MESSAGE_BODY .= "Date: ".$_POST["Date"]."<br>";} $MESSAGE_BODY .= "Message: ".$_POST["Comments"]."<br>"; mail($ToEmail, $EmailSubject, $MESSAGE_BODY, $mailheader) or die ("Failure"); echo true; die(); }

    Read the article

  • WCF Authentication on the Internet - HELP

    - by Eddie
    I have a WCF service using the basicHTTP binding. The service will be targeted to be deployed in production in a DMZ environment on a Windows Server 2008 64 bit running IIS 7.0 and is not in an Active Directory domain. The service will be accessed by a business partner over the Internet with SSL protection. Originally, I had built the service to use x.509 Message authentication with wsHTTPBinding and after a lot of problems I punted and decided to back up and use basicHTTP with UserName authentication. Result: same exact, obscure error message as I received with certificate mode. The service works perfectly inside our domain with the exact same authentication but as soon as I move it to the DMZ I get an error reading: "An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail". The inner exception message is: "An error occurred when verifying security for the message." The services' web config with binding configuration is as follows: <services> <service behaviorConfiguration="HSSanoviaFacade.Service1Behavior" name="HSSanoviaFacade.HSSanoviaFacade"> <endpoint address="" binding="basicHttpBinding" contract="HSSanoviaFacade.IHSSanoviaFacade" bindingConfiguration="basicHttp"> <identity> <dns value="localhost" /> </identity> </endpoint> <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" /> <host> <baseAddresses> <add baseAddress="https://FULLY QUALIFIED HOST NAME CHANGED TO PROTECT/> </baseAddresses> </host> </service> </services> <bindings> <basicHttpBinding> <binding name="basicHttp"> <security mode="TransportWithMessageCredential"> <message clientCredentialType="UserName" /> </security> </binding> </basicHttpBinding> </bindings> <behaviors> <serviceBehaviors> <behavior name="HSSanoviaFacade.Service1Behavior"> <serviceMetadata httpsGetEnabled="True" /> <serviceDebug includeExceptionDetailInFaults="True" /> </behavior> </serviceBehaviors> </behaviors> The test client's configuration that gets the error: <bindings> <basicHttpBinding> <binding name="BasicHttpBinding_IHSSanoviaFacade" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <security mode="TransportWithMessageCredential"> <transport clientCredentialType="None" proxyCredentialType="None" realm="" /> <message clientCredentialType="UserName" algorithmSuite="Default" /> </security> </binding> </basicHttpBinding> </bindings> <client> <endpoint address="https://HOST NAME CHANGED TO PROTECT" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IHSSanoviaFacade" contract="MembersService.IHSSanoviaFacade" name="BasicHttpBinding_IHSSanoviaFacade" /> </client> As mentioned earlier, the service works perfectly on the domain and the production IIS box is not on a domain. I have been tweaking and pulling my hair out for 2 weeks now and nothing seems to work. If anyone can help I would appreciate it. Even a recommendation for a work around for authentication. I'd rather not use a custom authentication scheme but use built-in SOAP capabilities. The credentials pass in thru the proxy i.e. proxy.ClientCredentials.UserName.UserName and proxy.ClientCredentials.UserName.Password are valid accounts on both the internal domain in the test environment and as a machine account on the DMZ IIS box.

    Read the article

  • Focussing on Style Sheets and Cross Browser Compatibility.

    - by Sam
    Hello everyone, Let me begin this topic by explaining my background experience with web design. I have always been more of a back end programmer, with PHP and SQL and things. However I do have a shallow background with HTML and CSS. The problem is, I don't know it all. What I do know is, when it comes to designing (not back end dirty work) I understand basic CSS properties and I also understand HTML and I can usually throw together a sloppy web page with the two and a couple bazillion DIV tags. Anyways.. The problem I always have encountered is that when I design a website in a browser such as IE7 (and then it looks perfect on IE7), and then look at it on IE8 or IE6 or Mozilla (etc.) it gets all spacey and ugly and looks totally different than the way it should look on IE7. Question one: Basically, what I am asking everyone is what route should I take to learn how to properly build the website? Build as in put it togehter with CSS standards and HTML standards that will make my site look the same on every brwoser. (Not only learning standards but where can I learn to properly write my code?) Where is a strong free resource I can use to learn how to these things? Question two: How do I properly code my website? Do I use all external style sheets to make dynamic page design simplistic or do I hard code some things into the DIV tags on each page? What is proper? Oh, and if anyone has any tutorials on how to properly design a complete layout feel free to throw it in a response somewhere. Thank you for taking the time to read my questions, and hopefully you will understand what I am trying to get out to everyone. I need to get on the right route of the designing side of web programming so that I will know how to create successful websites in the future. Thank you, Sam Pardee

    Read the article

  • WCF net.tcp bindings, message formats and security questions

    - by RemotecUk
    Hi, sorry for the stupid questions but there are just some things about WCF I cant get my head around. Would be greatful for some advice on the following.... At a very basic level is it correct that WCF uses either Binary (Net.Tcp), HTTP or MSMQ to transfer my message on the wire? However is it true that in all cases, regardless of how the data is transferred the message itself in in the SOAP format with headers and a body? So its a sort of XML message that is transmitted in either HTTP/S or in a binary format. Is Net.Tcp a good choice for my client server app - its similar to a messenger app in that the clients are all remote users on the other side of the firewall to my server. Most things I am reading are telling to use WS* and HTTP. Is Net.Tcp secured by standard and without certificates? - that is - people cannot listen on the wire and decode the data thats going to and from. Is it possible to send a username and password using net.tcp and without an installed certificate? If so I presume I can hook this up to my membership provider and authenticate access to each method on my service contract implementation. I presume that with username and password security, the proxy is initialised with the username and password and that this information is is sent with every request. Then my membership provider will be invoked for each method call and do whatever it needs to do to get the authorisation for the method. Sorry for the dump of questions but would be great to know if Im thinking the right way about how WCF works. Thanks.

    Read the article

  • SQL Exception: "Impersonate Session Security Context" cannot be called in this batch because a simul

    - by kasey
    When opening a connection to SQL Server 2005 from our web app, we occasionally see this error: "Impersonate Session Security Context" cannot be called in this batch because a simultaneous batch has called it. We use MARS and connection pooling. The exception originates from the following piece of code: protected SqlConnection Open() { SqlConnection connection = new SqlConnection(); connection.ConnectionString = m_ConnectionString; if (connection != null) { try { connection.Open(); if (m_ExecuteAsUserName != null) { string sql = Format("EXECUTE AS LOGIN = {0};", m_ExecuteAsUserName); ExecuteCommand(connection, sql); } } catch (Exception exception) { connection.Close(); connection = null; } } return connection; } I found an MS Connect article which suggests that the error is caused when a previous command has not yet terminated before the EXECUTE AS LOGIN command is sent. Yet how can this be if the connection has only just been opened? Could this be something to do with connection pooling interacting strangely with MARS? UPDATE: For the short-term we have implemented a workaround by clearing out the connection pool whenever this happens, to get rid of the bad connection, as it otherwise keeps getting handed back to various users. (Not too bad as this only happens a couple of times a day.) But if anyone has any further ideas, we are still looking out for a real solution...

    Read the article

  • Stretch Background Image Resizes With Browser Windows

    - by user241673
    I am trying to replicate the image resizing found at http://devkick.com/lab/fsgallery/ but with the code I have below, it is not working properly. When resizing the browser window to have small width and big height, white space shows up at the bottom of the page. feel free to see it & edit at http://jsbin.com/ifolu3 The CSS: html, body {width:100%; height:100%; overflow:hidden;} div.bg {position:absolute; width:200%; height:200%; top:-50%; left:-50%;} img.bg {min-height:50%; min-width:50%; margin:0 auto; display:block;} The JS/jQuery: $(window).resize(function(){ var ratio = Math.max($(window).width()/$('img.bg').width(),$(window).height()/$('img.bg').height()); if ($(window).width() $(window).height()) { $('img.bg').css({width:image.width()*ratio,height:'auto'}); } else { $('img.bg').css({width:'auto',height:image.height()*ratio}); } }); The HTML - (sorry for the formatting, had trouble getting "<" to show) [body] [div class="bg"] [img class="bg" src="bg.jpg" /] [/div] [/body]

    Read the article

  • Browser Based Streaming Video/Audio (not progressive download)

    - by Josh
    Hello, I am trying to understand conceptually the best way to deliver real streaming audio and video content. I would want it to be consumed with a web browser, utilizing the least amount of proprietary technology. I wouldn't be serving static files and using progressive download, this would be real audio streams being captured live. How does one broadcast a stream that will be reasonably in sync with the source? What kind of protocol is suitable? Edit: In research I've found that there are a few protocols: RTSP, HTTP Streaming, RTMP, and RTP. HTTP streaming is somewhat unsuitable if you are streaming a live performance/communication of some kind because it relies on TCP (as its HTTP based) and you don't lose packets. In a low bandwidth situation, the client can get significantly behind in playback. ref RTMP is a proprietary technology, requiring flash media server. Crap on that. The reason I looked at flash is because they are extremely flexible as far as user experience goes. SoundManager2 provides an excellent javascript interface for playing media with flash. This is what I would look for in a client application. RTSP/RTP is what Microsoft switched to using, deprecating their MMS protocol. RTSP is the control protocol. Its similar to HTTP with a few distinct difference -- server can also talk to the client, and there are additional commands, like PAUSE. Its also a stateful protocol, which is maintained with a session id. RTP is the protocol for delivering the payload (encoded audio or video). There are a few open sourced projects, one of them being supported by apple here. It seems like this might do what I want it to, and it looks like quite a few players support it. It sounds like it would be suitable for a "live" broadcast from this page here. Thanks, Josh

    Read the article

  • Flash movies in inactive browser tabs pause or don't execute in real time

    - by ZenBlender
    I'm noticing some unexpected behavior. Some time in the last few months, a change in either Firefox, the Flash player, or both, has made it so that Flash movies that are in inactive browser tabs no longer execute in real time. They appear to still execute, but only in bursts, and not in a predictable way. This is a problem because I develop a Flash-based (Actionscript 2.0, Flash CS3) multiplayer game that maintains a network connection and allows players to chat, etc. Many of our players complain about Firefox crashing while playing the game. I have noticed it too, not too frequently, but it crashes several times a week. (Firefox crashes, I do not get a message from Flash player that indicates an infinite loop or problem in my code) My theory is that this new behavior is causing crashes when there is a lot of activity in my game, leading to lots of unhandled network traffic for my game getting buffered before Firefox/Flash will give it a chance to execute. Maybe this leads to a buffer overflow or missing packets, and as a result, something crashes. At times I will switch back to the tab that is running my game and discover a display bug, which looks as though Flash has simply failed to execute something that it was supposed to. I would assume this new behavior is on purpose, for example to prevent all the Flash-based advertisements in inactive tabs from executing and therefore killing performance. In a quick test on Chrome (5.0.342.9 beta), this "pausing" of Flash seems to be there as well, but somehow it seems much less of a problem. My users have only complained about Firefox crashing, not other browsers. My machine: Windows 7 x64 Firefox 3.6.3 Flash Player 10.1.50.426 My game: triplejack.com Any ideas? Ideally I'd like to disable this behavior for my Flash game so it can execute in real time even when in an inactive tab. Thanks for any help!

    Read the article

  • Comet Jetty/Tomcat, having some browser issues with Firefox and Chrome

    - by ages04
    I am exploring the use of Comet for a project I am working on. I tried creating a test application first using Tomcat6 and CometProcessor API and then with Jetty7 Continuations. The application is kind of working on both but I am having some issues with the actual display of messages. I used the technique of creating an XMLHttpRequest Connection and keeping it open all the time so the server can continuously push data to all the clients connected whenever it is available. My client side code is something similar to this: function fn(){ var xhr = new XMLHttpRequest(); xhr.onreadystatechange = function(){ if (xhr.readyState==3){ document.getElementById('dv').innerHTML =(xhr.responseText); } if (xhr.readyState==4){ alert ('done'); } } xhr.open("GET", "First", true); xhr.send(null); } I found this thing of using readyState 3 somewhere online. I am facing 2 problems currently: In Firefox this code works perfectly. But if I open a new tab or even a new browser window, it does not make a new connection to the server and nothing shows up on the new tab or window, only the first tab/window gets the display. I used wireshark to check this and its shows only 1 connection even after the 2nd tab is opened. I am unable to understand why this would happen. I have read about the 2 connection limit, but here there is only one connection. Secondly in Chrome, the above code does not work, and the callback is not invoked for readystate of 3, only when the connection is closed by the server i get the output. I would also like to ask which is the best way/framework for doing Comet with Java. I am currently using jQuery on the client side. Any suggestions would be greatly appreciated!! Thanks

    Read the article

  • SECURITY Flaws in this design for User authentication.

    - by Shao
    SECURITY Flaws in this design for User authentication. From: http://wiki.pylonshq.com/display/pylonscookbook/Simple+Homegrown+Authentication Note: a. Project follows the MVC pattern. b. Only a user with a valid username and password is allowed submit something. Design: a. Have a base controller from which all controllers are derived from. b. Before any of the actions in the derived controllers are called the system calls a before action in the base controller. c. In each controller user hardcodes the actions that need to be verified in an array. d. The before action first looks in the array that has the actions that are protected and sees if a user is logged in or not by peaking into the session. If a user is present then user is allowed to submit otherwise user is redirected to login page. What do you think?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 153 154 155 156 157 158 159 160 161 162 163 164  | Next Page >