Search Results

Search found 22139 results on 886 pages for 'security testing'.

Page 178/886 | < Previous Page | 174 175 176 177 178 179 180 181 182 183 184 185  | Next Page >

• iPHone: Unit/Logic Tests initWithNibName

  - by pion

  I have setup my Logic Tests following the instructions on http://developer.apple.com/iphone/library/documentation/Xcode/Conceptual/iphone_development/135-Unit_Testing_Applications/unit_testing_applications.html. I could test a couple classes successfully. But I got error when testing the following: - (id)init { if (self = [super initWithNibName:@"Foo" bundle:nil]) { ... } return self; } The error message is -[UIViewController _loadViewFromNibNamed:bundle:] was unable to load a nib named "Foo" My question: Did I do something wrong? Missed something? or I cannot test -initWithNibName using Logic Tests technique. Thanks in advance for your help.

  Read the article

• FileNotFound Exception when using TestDriven.NET and NUnit

  - by Quang Anh

  I'm Writing a simple pong game in C# and XNA 4.0 to learn unit testing. The tools used are TestDriven.NET and NUnit, all newest versions. The problem is, if I test the code with VS2010 internal debugger, everything runs fine, but when I use "Run Test(s)" from menu, the application chokes with error: Test 'WindowsGame1.Game1.TestGameMenu' failed: Microsoft.Xna.Framework.Content.ContentLoadException : Error loading "SpaceBackground". File not found. ----> System.IO.FileNotFoundException : Error loading "Content\SpaceBackground.xnb". File not found. (some more below...) So it stops when the first textre is going to be loaded. What's going on? If you want to check the code out, download it here http://www.mediafire.com/?qwnkmyqheum

  Read the article

• How to simulate a file read error in the CRT

  - by Mark0978

  Using VS2008, we would like to simulate a file that has a size of X, but that has a read failure at X-Y bytes, so that we get an error indication. Anyone have an idea of how to do this on windows? Looks like there is a solution for linux, but I can't really come up with a way to do this on windows. We have multiple developers, multiple machines, and cppunit testing framework, so I want a software only design. I'm trying to simulate the actual CRT failing, so I can test the code that is dealing with the failure.

  Read the article

• I do not write tests. Am I stupid?

  - by Josh Stodola

  I've done a little bit of reading on unit testing and TDD, and I've never seriously considered writing tests to such a precise extent. Granted, I am not working on any projects that are ridiculously huge. If all I build are small apps, am I stupid for not writing tests? Edit: To clarify, when I say "small apps", I mean apps that are not going to control a persons life and/or their belongings. I generally build things that are supposed to make peoples lives easier and to make them more efficient.

  Read the article

• How should I rewrite my code to make it amenable to unittesting?

  - by justin

  I've been trying to get started with unit-testing while working on a little cli program. My program basically parses the command line arguments and options, and decides which function to call. Each of the functions performs some operation on a database. So, for instance, I might have a create function: def create(self, opts, args): #I've left out the error handling. strtime = datetime.datetime.now().strftime("%D %H:%M") vals = (strtime, opts.message, opts.keywords, False) self.execute("insert into mytable values (?, ?, ?, ?)", vals) self.commit() Should my test case call this function, then execute the select sql to check that the row was entered? That sounds reasonable, but also makes the tests more difficult to maintain. Would you rewrite the function to return something and check for the return value? Thanks

  Read the article

• .htaccess with public folder

  - by ninumedia

  I have a directory structure with the following on localhost: http://localhost/testing/ A directory structure exists inside of testing as follows: /testing/public /testing/public/index.php /testing/public/img /testing/public/css ..etc for the js and swf directories A .htaccess file is inside the testing folder and the contents are as follows: Options +FollowSymLinks RewriteEngine on RewriteBase /testing/ RewriteRule ^public$ public/ [R,QSA] RewriteRule ^public/$ public/index.php?state=public [L,QSA] RewriteRule ^stackoverflow$ stackoverflow/ [R,QSA] RewriteRule ^stackoverflow/$ public/index.php?state=stackoverflow[L,QSA] I am using PHP and inside of the /testing/public/index.php file I wanted to test that the $_GET['state'] is indeed saving the variable. When I try to test out: http://localhost/testing/public $_GET['state'] is not found at all BUT http://localhost/testing/stackoverflow does indeed echo out that $_GET['state'] equals 'stackoverflow'. What am I missing here??? Why is it that I cannot get the state=public in the first link? Thanks for the help!

  Read the article

• Is testability alone justification for dependency injection?

  - by fearofawhackplanet

  The advantages of DI, as far as I am aware, are: Reduced Dependencies More Reusable Code More Testable Code More Readable Code Say I have a repository, OrderRepository, which acts as a repository for an Order object generated through a Linq to Sql dbml. I can't make my orders repository generic as it performs mapping between the Linq Order entity and my own Order POCO domain class. Since the OrderRepository by necessity is dependent on a specific Linq to Sql DataContext, parameter passing of the DataContext can't really be said to make the code reuseable or reduce dependencies in any meaningful way. It also makes the code harder to read, as to instantiate the repository I now need to write new OrdersRepository(new MyLinqDataContext()) which additionally is contrary to the main purpose of the repository, that being to abstract/hide the existence of the DataContext from consuming code. So in general I think this would be a pretty horrible design, but it would give the benefit of facilitating unit testing. Is this enough justification? Or is there a third way? I'd be very interested in hearing opinions.

  Read the article

• py.test import context problems (causes Django unit test failure)

  - by dhill

  I made a following test: # main.py import imported print imported.f.__module__ # imported.py def f(): pass # test_imported.py (py.test test case) import imported def test_imported(): result = imported.f.__module__ assert result == 'imported' Running python main.py, gives me imported, but running py.test gives me error and result value is moduletest.imported (moduletest is the name of the directory I keep the test in. It doesn't contain __init__.py, moduletest is the only directory containing *.py files in ~/tmp). How can I fix result value? The long story: I'm getting strange errors, while testing Django application. A call to reverse() from (django.urlresolvers). with function object foo as argument in tests crashes with NoReverseMatch: Reverse for 'site.app.views.foo'. The same call inside application works. I checked and it is converted to 'app.views.foo' (without site prefix). I first suspected my customised test setup for Django, but then I made above test.

  Read the article

• Online product demo environment for Windows applications

  - by Stefanos Tses

  I'm looking for a way to allow potential customers to try my application before they buy it. The product is a windows forms application that requires an SQL Server database to operate. Although I have a functional demo that the customer can install on their network, I want to make it easier for them by have them "play" with it at my environment. I remember Microsoft had (has?) something similar. I was testing Visual Studio a few years ago in a virtual environment where I was connecting to a server at Microsoft. Any suggestions? Thanks.

  Read the article

• How to secure authorization of methods

  - by Kurresmack

  I am building a web site in C# using MVC.Net How can I secure that no unauthorized persons can access my methods? What I mean is that I want to make sure that only admins can create articles on my page. If I put this logic in the method actually adding this to the database, wouldn't I have business logic in my data layer? Is it a good practise to have a seperate security layer that is always in between of the data layer and the business layer to make? The problem is that if I protect at a higher level I will have to have checks on many places and it is more likely that I miss one place and users can bypass security. Thanks!

  Read the article

• Server Benchmarking: What tools to use with my real-world test data

  - by mdemmitt

  I want to benchmark a new server using historical HTTP-request data. I have a textfile that contains one day's worth of real historical requests to a production server. What is the best tool for sending that list of requests on the server I'm testing? The tool I use should be able to configure the following: Number of threads making the requests Number of requests/second sent A list of request URLs to use when making the requests. Apache Bench seems like a close fit. However, Bench does not seem to be able to take in a list of request URLs as a parameter. What would you recommend?

  Read the article

• Custom certificate as proof of transaction

  - by Andy

  I'm developing a site where a user conducts a given transaction and once completed, the user is issued with a 'secure certificate'. The certificate serves as proof of the transaction and the user is able to upload the certificate at a later stage, to view the details of the transaction. At the moment I'm using a custom XML document with encrypted fields. It works perfect, but I would like a standardized approach, such as an X.509 certificate. I'm no encryption expert, but from what I gather, X.509 is more geared towards SSL issued by a CA. Is it possible to create your own valid valid CRT file? As a test, I created a CRT file with the example provided on WikiPedia. However, when I open the file in Windows I get this warning: Invalid Public Key Security Object File - This file is invalid as the following: Security Certificate. Not having much luck here, so time to ask the experts. What direction should I be heading in? Any guidance would be greatly appreciated.

  Read the article

• Setting up functional Tests in Flex

  - by Dan Monego

  I'm setting up a functional test suite for an application that loads an external configuration file. Right now, I'm using flexunit's addAsync function to load it and then again to test if the contents point to services that exist and can be accessed. The trouble with this is that having this kind of two (or more) stage method means that I'm running all of my tests in the context of one test with dozens of asserts, which seems like a kind of degenerate way to use the framework, and makes bugs harder to find. Is there a way to have something like an asynchronous setup? Is there another testing framework that handles this better?

  Read the article

• Can an Aspect conditionally render parts of a JSP page ?

  - by Scott The Scot

  At present the jsp pages have normal authorize tags to conditionally render links and information etc. The website is on the intranet, and we're using Spring Security 2.0.4. Ive now got a business user who wants to allow all roles to access everything for the first few weeks, then gradually add the security back in as feedback is gathered from the business. Rather than go through every page, removing the authorize tags, only to have to put them back in, is is possible to configure these through an aspect, or is there any other way to externalize this into a config file ? I've found Spring's MethodSecurityInterceptor and the meta data tags, but these wouldn't give me the externalization. I've been on google for the last hour, and am now pretty sure this can't be done, but would love to find out I haven't been asking the right questions. Advice appreciated

  Read the article

• Generic test suite for ASP.NET Membership/Role/Profile/Session Providers

  - by SztupY

  Hi! I've just created custom ASP.NET Membership, Role, Profile and Session State providers, and I was wondering whether there exists a test suite or something similar to test the implementation of the providers. I've checked some of the open source providers I could find (like the NauckIt.PostgreSQL provider), but neither of them contained unit tests, and all of the forum topics I've found mentioned only a few test cases (like checking whether creating a user works), but this is clearly not a complete test suite for a Membership provider. (And I couldn't find anything for the other three providers) Are there more or less complete test suites for the above mentioned providers, or are there custom providers out there that have at least some testing avaialable?

  Read the article

• How can I detect a debugger or other tool that might be analysing my software?

  - by Workshop Alex

  A very simple situation. I'm working on an application in Delphi 2007 which is often compiled as 'Release' but still runs under a debugger. And occasionally it will run under SilkTest too, for regression testing. While this is quite fun I want to do something special... I want to detect if my application is running within a debugger/regression-tester and if that's the case, I want the application to know which tool is used! (Thus, when the application crashes, I could report this information in it's error report.) Any suggestions, solutions?

  Read the article

• Clojure / HBase: How to Import HBaseTestingUtility in v0.94.6.1

  - by David Williams

  In Clojure, if I want to start a test cluster using the hbase testing utility, I have to annotate my dependencies with: [org.apache.hbase/hbase "0.92.2" :classifier "tests" :scope "test"] First of all, I have no idea what this means. According to leiningens sample project.clj ;; Dependencies are listed as [group-id/name version]; in addition ;; to keywords supported by Pomegranate, you can use :native-prefix ;; to specify a prefix. This prefix is used to extract natives in ;; jars that don't adhere to the default "<os>/<arch>/" layout that ;; Leiningen expects. Question 1: What does that mean? Question 2: If I upgrade the version: [org.apache.hbase/hbase "0.94.6.1" :classifier "tests" :scope "test"] Then I receive a ClassNotFoundException Exception in thread "main" java.lang.ClassNotFoundException: org.apache.hadoop.hbase.HBaseConfiguration Whats going on here and how do I fix it?

  Read the article

• How to simulate a mouse click in Cocoa for the iPhone?

  - by eagle

  I'm trying to setup automated unit tests for an iPhone application. I'm using a UIWebBrowser and need to simulate clicks on different links. I've tried doing this with JavaScript, but it doesn't produce the same results as when the I manually click on the links. The main problem is with links that have their target property set. I believe the only way for this automated unit test to work correctly is to simulate a mouse click at a specific x/y coordinate (i.e. where the link is located). Since the unit testing will only be used internally, private API calls are fine. It seems like this should be possible since the iPhone app isimulate seems to do something similar. Is there any way to do this in the framework?

  Read the article

• How doe we name test methods where we are checking for more than one condition?

  - by Sandbox

  I follow the technique specified in Roy Osherove's The Art Of Unit Testing book while naming test methods - MethodName_Scenario_Expectation. It suits perfectly well for my 'unit' tests. But,for tests that I write in 'controller' or 'coordinator' class, there isn't necessarily a method which I want to test. For these tests, I generate multiple conditions which make up one scenario and then I verify the expectation. For example, I may set some properties on different instances, generate an event and then verify that my expectations from controller/coordinator is being met. Now, my controller handles events using a private event handler. Here my scenario is that, I set some properties, say 3 condition1,condition2 and condition3 Also, my scenario includes an event is raised I don't have a method name as my event handler is private. How do I name such a test method?

  Read the article

• C# / Visual Studio: production and test code placement

  - by Patrick Linskey

  Hi, In JavaLand, I'm used to creating projects that contain both production and test code. I like this practice because it simplifies testing of internal code without artificially exposing the internals in a project's published API. So far, in my experiences with C# / Visual Studio / ReSharper / NUnit, I've created separate projects (i.e., separate DLLs) for production and test code. Is this the idiom, or am I off base? If this idiomatically correct, what's the right way to deal with exposing classes and methods for test purposes? Thanks, -Patrick

  Read the article

• Hudson, C++ and UnitTest++

  - by Gilad Naor

  Has anyone used Hudson as a Continuous-Integration server for a C++ project using UnitTest++ as a testing library? How exactly did you set it up? I know there have been several questions on Continuous Integration before, but I hope this one has a narrower scope. EDIT: I'll clarify a bit on what I'm looking for. I already have the build set to fail when the Unit-Tests fail. I'm looking for something like Hudson's JUnit support. UnitTest++ can create XML reports (See here). So, perhaps if someone knows how to translate these reports to be JUnit compatible, Hudson will know how to eat it up?

  Read the article

• Is it possible to put binary image data into html markup and then get the image displayed as usual i

  - by Joern Akkermann

  It's an important security issue and I'm sure this should be possible. A simple example: You run a community portal. Users are registered and upload their pictures. Your application gives security rules whenever a picture is allowed to be displayed. For example users must be friends on each sides by the system, in order that you can view someone else's uploaded pictures. Here comes the problem: it is possible that someone crawls the image directories of your server. But you want to protect your users from such attacks. If it's possible to put the binary data of an image directly into the HTML markup, you can restrict the user access of your image dirs the user and group your web application runs of and pass the image data to your Apache user and group directly in the HTML. The only possible weakness then is the password of the user that your web app runs as. Is there already a possibility?

  Read the article

• Best Pratice to Implement Secure Remember Me

  - by Yan Cheng CHEOK

  Sometimes, I came across certain web development framework which doesn't provide authentication feature as in Authenication ASP.NET I was wondering what is the security measure needs to be considered, when implementing "Remember Me" login feature, by hand coding? Here are the things I usually did. 1) Store the user name in cookie. The user name are not encrypted. 2) Store a secret key in cookie. The secret key is generated using one way function based on user name. The server will verify secret key against user name, to ensure this user name is not being changed. 3) Use HttpOnly in cookie. http://www.codinghorror.com/blog/2008/08/protecting-your-cookies-httponly.html Any things else I could miss out, which could possible lead a security hole.

  Read the article

• How to implement a good system for login/out into a webapp

  - by Brandon Wang

  I am one of the developers at PassPad, a secure password generator and username storage system. We're still working on it, but I have a few questions on the best way to implement a secure login/out system. Right now, what we plan on doing is to have the login system save a cookie with the username and a session key, and that's all that serves as authentication. The server verifies the two to match. Upon login/out a new key is created. This is a security-related webapp and while we don't actually store any information that might make the user queasy, because it is security-oriented it makes it a necessity for us to at least appear secure in a way that the user would be happy with. Is there a better way to implement a login/out system in PHP? Preferably it won't take too much coding time or server resources. Is there anything else I need to implement, like brute-force protection, etc? How would I go about that?

  Read the article

• Are there cross-platform tools to write XSS attacks directly to the database?

  - by Joachim Sauer

  I've recently found this blog entry on a tool that writes XSS attacks directly to the database. It looks like a terribly good way to scan an application for weaknesses in my applications. I've tried to run it on Mono, since my development platform is Linux. Unfortunately it crashes with a System.ArgumentNullException deep inside Microsoft.Practices.EnterpriseLibrary and I seem to be unable to find sufficient information about the software (it seems to be a single-shot project, with no homepage and no further development). Is anyone aware of a similar tool? Preferably it should be: cross-platform (Java, Python, .NET/Mono, even cross-platform C is ok) open source (I really like being able to audit my security tools) able to talk to a wide range of DB products (the big ones are most important: MySQL, Oracle, SQL Server, ...)

  Read the article

< Previous Page | 174 175 176 177 178 179 180 181 182 183 184 185  | Next Page >