Search Results

Search found 22139 results on 886 pages for 'security testing'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 185/886 | < Previous Page | 181 182 183 184 185 186 187 188 189 190 191 192  | Next Page >

  • PHP URL Security Question

    - by TaG
    I want to have users store the url in my database I'm using php mysql and htmlpurifier I was wondering if the following code was good way to filter out bad data? Here is the Partial PHP code. $url = mysqli_real_escape_string($mysqli, $purifier->purify(htmlspecialchars(strip_tags($_POST['url'])));

    Read the article

  • Facebook Flash app security?

    - by mhdouglas
    I'm developing a Facebook app implemented in Flash, and I'd like to authenticate communication between my app and my server. In other words, I'd like to guarantee that all communication with my server is coming from my app, which has been launched from within facebook by a valid facebook user. Does the Facebook actionscript API support this type of operation? Or am I on my own?

    Read the article

  • Paypal IPN security

    - by keithics
    Hello! I am developing a website which will allow users to pay via Paypal. Paypal IPN seems to be easy to integrate and it works on my localhost. Now the problem is that, the amount and the business name are passed to paypal using POST Data. I know it's very dangerous to put it that way, but I am not sure what are the alternatives. How can I make Paypal IPN secure?

    Read the article

  • False sense of security with `snprintf_s`

    - by xtofl
    MSVC's "secure" sprintf funcions have a template version that 'knows' the size of the target buffer. However, this code happily paints 567890 over the stack after the end of bytes... char bytes[5]; _snprintf_s( bytes, _TRUNCATE, "%s", "1234567890" ); Any idea what I do wrong, or is this a known bug? (I'm working in VS2005 - didn't test in 2008 or 2010)

    Read the article

  • Coldbox Security Interceptor

    - by faheem
    Hi I am new to coldbox and working on a guestbook messaging forum. does anyone know how I can apply some rule in coldbox to show edit and delete for specified users of admin or user in the edit page. I am not sure how to specify this as I already have my rules here as shown in securityRules.xml: SecurityRules.XML <?xml version="1.0" encoding="UTF-8"?> <!-- Declare as many rule elements as you want, order is important Remember that the securelist can contain a list of regular expression if you want ex: All events in the user handler user\..* ex: All events .* ex: All events that start with admin ^admin If you are not using regular expression, just write the text that can be found in an event. <whitelist>ehSecurity\.dspLogin,ehSecurity\.doLogin,ehSecurity\.dspLogoff</whitelist> --> <rules> <rule> <whitelist>^entries,ehSecurity\..*,registry\..*</whitelist> <securelist></securelist> <roles>admin</roles> <permissions>read,write</permissions> <redirect>ehSecurity.dspLogin</redirect> </rule> <rule> <whitelist>^entries,ehSecurity\..*,main\..*,^registry</whitelist> <securelist></securelist> <roles>author,admin</roles> <permissions>read</permissions> <redirect>ehSecurity.dspLogin</redirect> </rule> </rules>

    Read the article

  • Google Chrome showing javascript security error

    - by Clint
    I need help resolving this Google Chrome Error..."Uncaught Error: SECURITY_ERR: DOM Exception 18" Here is the code. //Get Cookie function get_cookie (cookie_name) { var results = document.cookie.match ( '(^|;) ?' + cookie_name + '=([^;]*)(;|$)' ); if (results) return ( unescape ( results[2] ) ); else return null; }; Many thanks, C

    Read the article

  • What fields have job security?

    - by computergeek6
    I can program pretty well, and I'm trying to think of a programming area that I can practice so I have a better chance of getting a job when I finish my education. I'm currently learning game development, but there are a ton of other people trying to get into game dev, so I want to find something a little more secure and sustainable to develop skills in. I've thought of things like financial systems and engineering stuff, but nothing I can think of is accessible to someone in high school. I'm trying to find something that involves physics or networking and isn't as popular a field as game dev. Does anyone have any ideas?

    Read the article

  • Security issue using Nant

    - by Diego C.
    I need to store authentication information and I rather not have the password in plain text: <property name="user" value="theUser"/> <property name="password" value="secret"/> Has anyone figured out a way to encrypt property values in Nant? I've looked in Nant and Nantcontrib docs but no mention of encryption. I am considering going the route of creating my own Nant Task. Any suggestions?

    Read the article

  • Help needed wit the XPath statement for Selenium test

    - by mgeorge
    I am testing a calendar component using selenium.In my test i want to click on the current date.Please help me with the XPath statement for doing that.I am adding the HTML for the calender component <input id="event_date" type="text" on="click then l:show.event.calendar" style="border: 1px solid rgb(187, 187, 187); width: 100px;" fieldset="new_event" decorator="redbox" validator="date"/> <img id="app_136" style="position: relative; top: 2px;" on="click then l:show.event.calendar" src="images/calendar.png"/> <div id="app_137" style="margin: 0pt; padding: 0pt;"> <div id="app_calendar_2" class="yui-calcontainer single withtitle" style="position: absolute; z-index: 1000;"> <div class="title">Select Event Date</div> <table id="app_calendar_2_cal" class="yui-calendar y2010" cellspacing="0"> <thead> <tr> </tr> <tr class="calweekdayrow"> <th class="calweekdaycell">Su</th> <th class="calweekdaycell">Mo</th> <th class="calweekdaycell">Tu</th> <th class="calweekdaycell">We</th> <th class="calweekdaycell">Th</th> <th class="calweekdaycell">Fr</th> <th class="calweekdaycell">Sa</th> </tr> </thead> <tbody class="m6 calbody"> <tr class="w22"> <td id="app_calendar_2_cal_cell0" class="calcell oom calcelltop calcellleft">30</td> <td id="app_calendar_2_cal_cell1" class="calcell oom calcelltop">31</td> <td id="app_calendar_2_cal_cell2" class="calcell wd2 d1 selectable calcelltop"> </td> <td id="app_calendar_2_cal_cell3" class="calcell wd3 d2 today selectable calcelltop selected"> <a class="selector" href="#">2</a> </td> I want to click the date component described in <td id="app_calendar_2_cal_cell3" class="calcell wd3 d2 today selectable calcelltop selected"> <a class="selector" href="#">2</a> </td> Thanks in advance mgeorge

    Read the article

  • XML security in world wide web

    - by nikky
    Hi, Im a newbie in XML and i have some questions Can XML be used in stead of normal database (store data in a tuple and column) in website? XML is built to share information easier (from my understanding) such as can share cross platform and in different language used so Is it secure to store secure data in XML? thank you so much

    Read the article

  • IE6 https security message appearing after closing jQuery colorbox overlay

    - by RyanP13
    I am working on a secure site, https. I am using the colorbox jquery plugin to iframe another page from the same site over the current content. In IE6 when i close the colorbox overlay i get the following message: "This page contains both secure and nonsecure items. Do you want to display the nonsecure items?" Any ideas why this is happening? Can it be prevented? Assume i would have to make the whole site http rather than https but this is not possible as we have online payments.

    Read the article

  • .NET ORM and Security

    - by Sphynx
    We're going to use an ORM tool with a .NET desktop application. The tool allows creation of persistent classes. It generates all database tables automatically. In addition to other data, our system needs to store user credentials, and deliver access control. The question is, is there any possibility of access control by means of ORM, without creating the database authentication mechanisms manually? Is there any product on the market which allows this? We thought of limiting the access in the program itself, but users can easily access the database directly, and bypass the program limitations. Thanks.

    Read the article

  • Stream post URL security and wall post links

    - by Jeff Lee
    Our app's mobile client can create wall post links to our app's web-facing pages. Since this happens in the context of a mobile app, we do this on behalf of our user using the Graph API's feed/message endpoint. I noticed that the links showing up in the wall posts are being routed through our app's auth dialog, which is NOT what we want. We just want transparent links, without forcing the client to auth our app, similar to what happens when you share to FB in Path. I went ahead and disabled the "Stream post URL option" several hours ago, but we still seem to be getting the re-routed links for wall posts. The target URLs for these links are within the domain we've registered for our Facebook app. Is there anything else I need to do fix this?

    Read the article

  • code access security

    - by rkrauter
    Why do I need to Demand permission? Why can't it simply fail (commenting out the .Demand() call)? ref: http://support.microsoft.com/kb/315529 Thanks! try { // Demand the permission to access the C:\Temp folder. permFileIO.Demand(); resultText.Append("The demand for permission to access the C:\\Temp folder succeeded.\n\n"); }

    Read the article

  • Hide public method used to help test a .NET assembly

    - by ChrisW
    I have a .NET assembly, to be released. Its release build includes: A public, documented API of methods which people are supposed to use A public but undocumented API of other methods, which exist only in order to help test the assembly, and which people are not supposed to use The assembly to be released is a custom control, not an application. To regression-test it, I run it in a testing framework/application, which uses (in addition to the public/documented API) some advanced/undocumented methods which are exported from the control. For the public methods which I don't want people to use, I excluded them from the documentation using the <exclude> tag (supported by the Sandcastle Help File Builder), and the [EditorBrowsable] attribute, for example like this: /// <summary> /// Gets a <see cref="IEditorTransaction"/> instance, which helps /// to combine several DOM edits into a single transaction, which /// can be undone and redone as if they were a single, atomic operation. /// </summary> /// <returns>A <see cref="IEditorTransaction"/> instance.</returns> IEditorTransaction createEditorTransaction(); /// <exclude/> [EditorBrowsable(EditorBrowsableState.Never)] void debugDumpBlocks(TextWriter output); This successfully removes the method from the API documentation, and from Intellisense. However, if in a sample application program I right-click on an instance of the interface to see its definition in the metadata, I can still see the method, and the [EditorBrowsable] attribute as well, for example: // Summary: // Gets a ModelText.ModelDom.Nodes.IEditorTransaction instance, which helps // to combine several DOM edits into a single transaction, which can be undone // and redone as if they were a single, atomic operation. // // Returns: // A ModelText.ModelDom.Nodes.IEditorTransaction instance. IEditorTransaction createEditorTransaction(); // [EditorBrowsable(EditorBrowsableState.Never)] void debugDumpBlocks(TextWriter output); Questions: Is there a way to hide a public method, even from the meta data? If not then instead, for this scenario, would you recommend making the methods internal and using the InternalsVisibleTo attribute? Or would you recommend some other way, and if so what and why? Thank you.

    Read the article

  • Security & Authentication: SSL vs SASL

    - by 4herpsand7derpsago
    My understanding is that SSL combines an encryption algorithm (like AES, DES, etc.) with akey exchange method (like Diffier-Hellman) to provide secure encryption and identification services between two endpoints on an un-secure network (like the Internet). My understanding is that SASL is an MD5/Kerberos protocol that pretty much does the same thing. So my question: what are the pros/cons to choosing both and what scenarios make both more preferable? Basically, I'm looking for a guidelines to follow when choosing SSL or to go with SASL instead. Thanks in advance!

    Read the article

  • No Microsoft Security Essentials for Windows 8. So, how to access similar Defender features/settings?

    - by Chris W. Rea
    I just installed Windows 8 Pro. One of the first things I went to do is install Microsoft Security Essentials, thinking I still needed add-on security software, but I've learned here that it isn't required for Windows 8. Witness: Got Windows 8 or Windows RT? Windows Defender for Windows 8 and Windows RT provides the same level of protection against malware as Microsoft Security Essentials. You can't use Microsoft Security Essentials with Windows 8, but you don't need to — Windows Defender is already included and ready to go. [...] All well and good. However, on Windows 7, once you installed Microsoft Security Essentials, you got a tray icon, and from there you could access the features of MSE, such as perform custom scans, turn off real-time protection (temporarily, of course), check for updates, etc. However, Defender on Windows 8 doesn't display a tray icon – and yes, I've already made sure I'm displaying all icons in the notification area. So, how to access the similar specific features of Windows Defender on Windows 8?

    Read the article

  • read java.security.key stored as object inside a file which is in jar

    - by Tal
    I saved a PublicKey instance in a file using ObjectOutputStream. This file is then stored inside a jar file which is then loaded by JBoss. I'm trying to read this file but it throws me an exception telling that it's not serializable. Here is the code : InputStream input = KeyLoader.class.getClassLoader().getResourceAsStream(resource); ObjectInputStream objectInputStream = new ObjectInputStream(input); Object obj = objectInputStream.readObject(); Key output = (Key) obj; objectInputStream.close(); return output; which throws me this exception An exception occurred: java.io.NotSerializableException

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 181 182 183 184 185 186 187 188 189 190 191 192  | Next Page >