Search Results

Search found 55652 results on 2227 pages for 'http response'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 159/2227 | < Previous Page | 155 156 157 158 159 160 161 162 163 164 165 166  | Next Page >

  • IE and Content-disposition inline vs. extension-token

    - by pinkgothic
    Preamble So IE does Mime-Type sniffing. That part's old news. Suggestions of how to combat it tend to be along the lines of 'supply a content-type IE trusts' (i.e. anything that isn't text/plain or application/octet-stream) or 'add extraneous data at the start of the file that is definitely of the type you're serving'. Now, I'm working on an application that has to allow message attachments (like in e-mails), and we want to close up XSS vectors. IE's mime sniffing is one of those vectors - a text/plain file with html content will trigger as html. Recoding isn't an option at this point, changing the attachments the user has provided can only happen if there is absolutely no doubt about the maliciousness of the file - and someone might want to send HTML as text. Now, Microsoft's MSDN article implies the situation might be easier to fix than advertised: If Internet Explorer knows the Content-Type specified and there is no Content-Disposition data, Internet Explorer performs a "MIME sniff," [...] Great! Except I don't have IE nor current means to reliably install it (I realise this is a fairly sad state for a webdeveloper to be in, I hope to fix this soon) and this is grey theory that I can't quite seem to get confirmed one way or the other. Local sources say that line is hogwash - IE will mime sniff anything that is Content-Disposition: inline / <default> and not specific enough for its tastes in -Type. But what about x-* ('extension-token' in the RFC)? Trying to google for how browsers handle Content-Disposition: <extension-token> hasn't yielded anything (though I may just be doing it wrong, my understanding of Google is seriously slipping lately). I found one question that looked promising, but turned out to be a misunderstanding on side of the thread author, meaning that the train of thought was never actually addressed there. Question(s) Does IE really Mime sniff if you expressly pass Content-Disposition: inline? If so: Does anyone here know how browsers handle Content-Disposition: <extension-token>? If they do this in a way that is for my purposes benign, by presuming it to be synonymous with the default (effectively 'inline', though I hear it's not defined anywhere?), is it specific enough for IE not to Mime sniff? Or am I actually shooting myself in the foot by thinking of pursuing this avenue?

    Read the article

  • Best format to submit an autocomplete?

    - by Keyo
    I'm seeking advice on best practice when submitting a varying amount of POST variables. Do I use JSON or some character separated list to merge all the values into one field or use a sequence of fields like 'autocomplete1', 'autocomplete2' and so on. Thanks in advance, Ben

    Read the article

  • Need to check uptime on a large file being hosted

    - by trustfundbaby
    I have a dynamically generated rss feed that is about 150M in size (don't ask) The problem is that it keeps crapping out sporadically and there is no way to monitor it without downloading the entire feed to get a 200 status. Pingdom times out on it and returns a 'down' error. So my question is, how do I check that this thing is up and running

    Read the article

  • Sending form in libcurl

    - by sfactor
    i need to send a file to a webserver using libcurl. i saw one of the examples in the curl website and am trying to implement it. it is the postit2.c example. can someone tell me how i might extend this to be able to send username and password as well

    Read the article

  • Location detecting tecniques for IP addresses

    - by ilhan
    What are the location detecting tecniques for IP adresses? I know to look at the $_SERVER['HTTP_ACCEPT_LANGUAGE'] (not accurate but mostly useful to detect location, for example if an IP range's users set French to their browser then it means that this range) belongs to France and gethostbyaddr($_SERVER['REMOTE_ADDR']) (to look country code top-level domain) then may be to whois gethostbyaddr($_SERVER['REMOTE_ADDR']) sometimes: $HTTP_USER_AGENT (Firefox's user agent string has language code, not accurate but mostly can be used to detect the location) But what about cities?

    Read the article

  • Html validation error for property attribute

    - by Castor
    I am using few facebook social plugins and I am using the meta header. When validating the page, the W3C validator is throwing the error - "Error: there is no attribute "property". I am using the XHTML Transitional doctype - Pls Suggest if I have to change the doctype to something else.

    Read the article

  • Opening two connections to my Apache server?

    - by Ron Meretns
    Hi guys. I have an Apache server running PHP. Everything works fine. But If I have a script that runs for a long time, and I try to open another page to the same server, the second page waits till my first page finishes. This behavior happens to me on Linux and PC. I'm running Apache V2.2.9, and PHP 5.2.6. I'm not sure why this happens... is this normal behavior? Ron

    Read the article

  • Fetching custom Authorization header from incoming PHP request

    - by jpatokal
    So I'm trying to parse an incoming request in PHP which has the following header set: Authorization: Custom Username Simple question: how on earth do I get my hands on it? If it was Authorization: Basic, I could get the username from $_SERVER["PHP_AUTH_USER"]. If it was X-Custom-Authorization: Username, I could get the username from $_SERVER["HTTP_X_CUSTOM_AUTHORIZATION"]. But neither of these are set by a custom Authorization, var_dump($_SERVER) reveals no mention of the header (in particular, AUTH_TYPE is missing), and PHP5 functions like get_headers() only work on responses to outgoing requests. I'm running PHP 5 on Apache with an out-of-the box Ubuntu install.

    Read the article

  • Download a file from one ASP.NET web application to other (given the credentials)

    - by Tom S.
    Hi everybody! Im working on a asp.net 3.5 web application (C#), where i have a file with some information that is updated frequently, and only few accounts can access to it (the application is using the asp.net authentication system, stored in a SQL database). My task is to parse that file, so i made a small parser (another web app) a to show the information in a more friendly way. However, everytime i want to parse it, i need to enter in the application with one of those accounts, download the file, put in the parser's folder. Is there any way to, given the username and password, download the file directly from the parser application and use that one? Thanks in advance

    Read the article

  • Why will IIS 6 not serve my custom 404 page when I set the URL in 'Custom Errors'?

    - by Glenn Slaven
    I've got an ASP.NET MVC site & I've got an Errors controller with a NotFound action which works great for 404 errors that pass though .NET, but for stuff that doesn't (like static files) I've set the Custom Errors value for 404 to URL with a value of /Errors/NotFound. But when I do this & hit a non-existant page the site just gives me this: The system cannot find the path specified. Is this because it's a dynamic url, can IIS not redirect 404 requests to dynamic urls or have I screwed up the config somewhere?

    Read the article

  • Serializing an object into the body of a WCF request using webHttpBinding

    - by Bert
    I have a WCF service exposed with a webHttpBinding endpoint. [OperationContract(IsOneWay = true)] [WebInvoke(Method = "POST", RequestFormat = WebMessageFormat.Json, BodyStyle = WebMessageBodyStyle.Bare, UriTemplate = "/?action=DoSomething&v1={value1}&v2={value2}")] void DoSomething(string value1, string value2, MySimpleObject value3); In theory, if I call this, the first two parameters (value1 & value 2) are taken from the Uri and the final one (value3) should be deserialized from the body of the request. Assuming I am using Json as the RequestFormat, what is the best way of serialising an instance of MySimpleObject into the body of the request before I send it ? This, for instance, does not seem to work : HttpWebRequest sendRequest = (HttpWebRequest)WebRequest.Create(url); sendRequest.ContentType = "application/json"; sendRequest.Method = "POST"; using (var sendRequestStream = sendRequest.GetRequestStream()) { DataContractJsonSerializer jsonSerializer = new DataContractJsonSerializer(typeof(MySimpleObject)); jsonSerializer.WriteObject(sendRequestStream, obj); sendRequestStream.Close(); } sendRequest.GetResponse().Close();

    Read the article

  • How do I use NTLM authentication with Active Directory

    - by Jon Works
    I am trying to implement NTLM authentication on one of our internal sites and everything is working. The one piece of the puzzle I do not have is how to take the information from NTLM and authenticate with Active Directory. There is a good description of NTLM and the encryption used for the passwords, which I used to implement this, but I am not sure of how to verify if the user's password is valid. I am using Coldfusion but a solution to this problem can be in any language (Java, Python, PHP, etc). Edit: I am using Coldfusion on Redhat Enterprise Linux. Unfortunately we cannot use IIS to manage this and instead have to write or use a 3rd party tool for this.

    Read the article

  • Requires a valid Date or x-amz-date header?

    - by Jordan Messina
    I'm getting the following error when attempting to upload a file to S3: S3StorageError: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>AccessDenied</Code><Message>AWS authentication requires a valid Date or x-amz-date header</Message><RequestId>7910FF83F3FE17E2</RequestId><HostId>EjycXTgSwUkx19YNkpAoY2UDDur/0d5SMvGJUicpN6qCZFa2OuqcpibIR3NJ2WKB</HostId></Error> I'm using Django with Django-Storages and Imagekit My S3 settings in my settings.py looks as follows: locale.setlocale(locale.LC_TIME, 'en_US') DEFAULT_FILE_STORAGE = 'backends.s3.S3Storage' AWS_ACCESS_KEY_ID = '************************' AWS_SECRET_ACCESS_KEY = '*****************************' AWS_STORAGE_BUCKET_NAME = 'static.blabla.com' AWS_HEADERS = { 'x-amz-date': datetime.datetime.utcnow().strftime('%a, %d %b %Y %H:%M:%S GMT'), 'Expires': 'Thu, 15 Apr 2200 20:00:00 GMT', } from S3 import CallingFormat AWS_CALLING_FORMAT = CallingFormat.SUBDOMAIN Thanks for any help you can give!

    Read the article

  • Facebook links to my site resolve as 403 forbidden

    - by filip
    Hi I'm experiencing a super weird problem. Whenever I post links to my website on Facebook, they come up as Forbidden. The site itself works great and I have no seen this when linking on other sites. Could this be a server misconfiguration? Any thoughts on where to look? here's some Info: I have a dedicated server running WHM 11.25.0 i have 2 sites hosted here using cPanel 11.25.0 the error msg: Forbidden You don't have permission to access / on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at ---- Port 80

    Read the article

  • The remote server returned an error: (404) Not Found.

    - by John
    I am running this piece of code to get the source of my webpage. The problem is why this function returns 404 error? Private Function getPageSource(ByVal URL As String) As String Dim webClient As New System.Net.WebClient() Dim strSource As String = webClient.DownloadString(URL) webClient.Dispose() Return strSource End Function

    Read the article

  • Why is curl in Ruby slower than command-line curl?

    - by Stiivi
    I am trying to download more than 1m pages (URLs ending by a sequence ID). I have implemented kind of multi-purpose download manager with configurable number of download threads and one processing thread. The downloader downloads files in batches: curl = Curl::Easy.new batch_urls.each { |url_info| curl.url = url_info[:url] curl.perform file = File.new(url_info[:file], "wb") file << curl.body_str file.close # ... some other stuff } I have tried to download 8000 pages sample. When using the code above, I get 1000 in 2 minutes. When I write all URLs into a file and do in shell: cat list | xargs curl I gen all 8000 pages in two minutes. Thing is, I need it to have it in ruby code, because there is other monitoring and processing code. I have tried: Curl::Multi - it is somehow faster, but misses 50-90% of files (does not download them and gives no reason/code) multiple threads with Curl::Easy - around the same speed as single threaded Why is reused Curl::Easy slower than subsequent command line curl calls and how can I make it faster? Or what I am doing wrong? I would prefer to fix my download manager code than to make downloading for this case in a different way. Before this, I was calling command-line wget which I provided with a file with list of URLs. Howerver, not all errors were handled, also it was not possible to specify output file for each URL separately when using URL list. Now it seems to me that the best way would be to use multiple threads with system call to 'curl' command. But why when I can use directly Curl in Ruby? Code for the download manager is here, if it might help: Download Manager (I have played with timeouts, from not-setting it to various values, it did not seem help) Any hints appreciated.

    Read the article

  • Rails 3 get raw post data and write it to tmp file

    - by Andrew
    I'm working on implementing Ajax-Upload for uploading photos in my Rails 3 app. The documentation says: For IE6-8, Opera, older versions of other browsers you get the file as you normally do with regular form-base uploads. For browsers which upload file with progress bar, you will need to get the raw post data and write it to the file. So, how can I receive the raw post data in my controller and write it to a tmp file so my controller can then process it? (In my case the controller is doing some image manipulation and saving to S3.) Some additional info: As I'm configured right now the post is passing these parameters: Parameters: {"authenticity_token"=>"...", "qqfile"=>"IMG_0064.jpg"} ... and the CREATE action looks like this: def create @attachment = Attachment.new @attachment.user = current_user @attachment.file = params[:qqfile] if @attachment.save! respond_to do |format| format.js { render :text => '{"success":true}' } end end end ... but I get this error: ActiveRecord::RecordInvalid (Validation failed: File file name must be set.): app/controllers/attachments_controller.rb:7:in `create'

    Read the article

  • Best Approach to process images in Django

    - by primalpop
    I've have an application with Android front end and Django as the back end. As part of the answers here, I'm confused over the approach which I should take to send images to Django Server. I've 2 options at my disposal as Piro pointed out there. 1) Sending images as Multi Part entity 2) Send image as a String after encoding it using Base 64. So I am considering the approach that would make it easy to be processed by Django. The images are small in size (<200kb) and number (<10). Any suggestions or pointers are most welcome.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 155 156 157 158 159 160 161 162 163 164 165 166  | Next Page >