Search Results

Search found 5048 results on 202 pages for 'safe browsing'.

Page 20/202 | < Previous Page | 16 17 18 19 20 21 22 23 24 25 26 27  | Next Page >

  • How to make Databinding type safe and support refactoring

    - by Ian Ringrose
    When I wish to bind a control to a property of my object, I have to provide the name of the property as a string. This is not very good because: If the property is removed or renamed, I don’t get a compiler warning. If a rename the property with a refactoring tool, it is likely the data binding will not be updated. I don’t get an error until runtime if the type of the property is wrong, e.g. binding an integer to a date chooser. Is there a design-paten that gets round this, but still has the ease of use of data-binding? (This is a problem in WinForm, Asp.net and WPF and most likely lots of other systems) I have now found "workarounds for nameof() operator in C#: typesafe databinding" that also has a good starting point for a solution.

    Read the article

  • using paypals html api is safe?

    - by ajsie
    im trying out paypals html api where you specify price, item_name, customer information and so on in the html: <form action="https://www.paypal.com/cgi-bin/webscr" method="post" id="payPalForm"> <input type="hidden" name="cmd" value="_cart" /> <input type="hidden" name="upload" value="1" /> <input type="hidden" name="no_note" value="1" /> <input type="hidden" name="business" value="[email protected]" /> <input type="hidden" name="currency_code" value="SEK" /> <input type="hidden" name="return" value="http://freelanceswitch.com/payment-complete/" /> <input type="hidden" name="tax_rate" value="25" /> <input type="hidden" name="item_name_1" value="Apple Macpro" /> <input type="hidden" name="item_number_1" value="01 - Product 1" /> <input type="hidden" name="amount_1" value="25000" /> <input type="hidden" name="item_name_2" value="Apple Macbook" /> <input type="hidden" name="item_number_2" value="02 - Product 2" /> <input type="hidden" name="amount_2" value="12500" /> <input type="hidden" name="item_name_3" value="Apple Macbook Air" /> <input type="hidden" name="item_number_3" value="03 - Product 3" /> <input type="hidden" name="amount_3" value="12500" /> <input type="submit" name="Submit" value="Submit" /> </form> when the user clicks submit it takes him/her to paypals payment page. but doesn't this mean that a hacker could change the order by manipulating the html code? i can´t figure out how paypal prevents this security problem.

    Read the article

  • Safe deployment of ASP.Net applications

    - by gatapia
    Hi All, I have an asp.net app that I want to deploy safely (with as little down time possible). I would love to do something like blue green deployment but without the need for a second web server. So, I know I can use load balancing, etc but I need a quick and cheap approach. I was thinking of doing something like: Setting up another website (copy of original) in IIS, currently I use host headers to direct traffic across sites). I could then view the new site locally until the site is totally online (due to NHibernate start up and various other high intensity tasks this takes a while). Once site 2 is totally started I would then change host headers around giving me a much much smaller down time. So my question is. Has anyone done anything like this? Will IIS restart my app pool or application when changing host headers (making this useless)? Any other options? Thanks for your help all. Guido

    Read the article

  • Safe way to set computed environment variables

    - by sfink
    I have a bash script that I am modifying to accept key=value pairs from stdin. (It is spawned by xinetd.) How can I safely convert those key=value pairs into environment variables for subprocesses? I plan to only allow keys that begin with a predefined prefix "CMK_", to avoid IFS or any other "dangerous" variable getting set. But the simplistic approach function import () { local IFS="=" while read key val; do case "$key" in CMK_*) eval "$key=$val";; esac done } is horribly insecure because $val could contain all sorts of nasty stuff. This seems like it would work: shopt -s extglob function import () { NORMAL_IFS="$IFS" local IFS="=" while read key val; do case "$key" in CMK_*([a-zA-Z_]) ) IFS="$NORMAL_IFS" eval $key='$val' IFS="=" ;; esac done } but (1) it uses the funky extglob thing that I've never used before, and (2) it's complicated enough that I can't be comfortable that it's secure. My goal, to be specific, is to allow key=value settings to pass through the bash script into the environment of called processes. It is up to the subprocesses to deal with potentially hostile values getting set. I am modifying someone else's script, so I don't want to just convert it to Perl and be done with it. I would also rather not change it around to invoke the subprocesses differently, something like #!/bin/sh ...start of script... perl -nle '($k,$v)=split(/=/,$_,2); $ENV{$k}=$v if $k =~ /^CMK_/; END { exec("subprocess") }' ...end of script...

    Read the article

  • Making swap faster, easier to use and exception-safe

    - by FredOverflow
    I could not sleep last night and started thinking about std::swap. Here is the familiar C++98 version: template <typename T> void swap(T& a, T& b) { T c(a); a = b; b = c; } If a user-defined class Foo uses external ressources, this is inefficient. The common idiom is to provide a method void Foo::swap(Foo& other) and a specialization of std::swap<Foo>. Note that this does not work with class templates since you cannot partially specialize a function template, and overloading names in the std namespace is illegal. The solution is to write a template function in one's own namespace and rely on argument dependent lookup to find it. This depends critically on the client to follow the "using std::swap idiom" instead of calling std::swap directly. Very brittle. In C++0x, if Foo has a user-defined move constructor and a move assignment operator, providing a custom swap method and a std::swap<Foo> specialization has little to no performance benefit, because the C++0x version of std::swap uses efficient moves instead of copies: #include <utility> template <typename T> void swap(T& a, T& b) { T c(std::move(a)); a = std::move(b); b = std::move(c); } Not having to fiddle with swap anymore already takes a lot of burden away from the programmer. Current compilers do not generate move constructors and move assignment operators automatically yet, but as far as I know, this will change. The only problem left then is exception-safety, because in general, move operations are allowed to throw, and this opens up a whole can of worms. The question "What exactly is the state of a moved-from object?" complicates things further. Then I was thinking, what exactly are the semantics of std::swap in C++0x if everything goes fine? What is the state of the objects before and after the swap? Typically, swapping via move operations does not touch external resources, only the "flat" object representations themselves. So why not simply write a swap template that does exactly that: swap the object representations? #include <cstring> template <typename T> void swap(T& a, T& b) { unsigned char c[sizeof(T)]; memcpy( c, &a, sizeof(T)); memcpy(&a, &b, sizeof(T)); memcpy(&b, c, sizeof(T)); } This is as efficient as it gets: it simply blasts through raw memory. It does not require any intervention from the user: no special swap methods or move operations have to be defined. This means that it even works in C++98 (which does not have rvalue references, mind you). But even more importantly, we can now forget about the exception-safety issues, because memcpy never throws. I can see two potential problems with this approach: First, not all objects are meant to be swapped. If a class designer hides the copy constructor or the copy assignment operator, trying to swap objects of the class should fail at compile-time. We can simply introduce some dead code that checks whether copying and assignment are legal on the type: template <typename T> void swap(T& a, T& b) { if (false) // dead code, never executed { T c(a); // copy-constructible? a = b; // assignable? } unsigned char c[sizeof(T)]; std::memcpy( c, &a, sizeof(T)); std::memcpy(&a, &b, sizeof(T)); std::memcpy(&b, c, sizeof(T)); } Any decent compiler can trivially get rid of the dead code. (There are probably better ways to check the "swap conformance", but that is not the point. What matters is that it's possible). Second, some types might perform "unusual" actions in the copy constructor and copy assignment operator. For example, they might notify observers of their change. I deem this a minor issue, because such kinds of objects probably should not have provided copy operations in the first place. Please let me know what you think of this approach to swapping. Would it work in practice? Would you use it? Can you identify library types where this would break? Do you see additional problems? Discuss!

    Read the article

  • SharePoint 2010 is forcing me to safe PDF when opening from doc library

    - by Tobias Funke
    I have a document library with a PDF file. Whenever I click on the PDF file, I am prompted to save the file. I do not get the option of opening the file, I am forced to save it. What I want is for the PDF file to open, either in the browser or in a separate Adobe Reader window, depending on the Adobe Reader settings. I'm pretty sure SharePoint is responsible for this behavior, because if I put the PDF on my hard drive, then create a HTML file with a link to the file, it opens in the browser when I click on it. Please note: I looked at this question and did not help. I don't care if the PDF opens in the browser or in a separate Adobe Reader window, I just want it to open.

    Read the article

  • tchar safe functions -- count parameter for UTF-8 constants

    - by Dustin Getz
    I'm porting a library from char to TCHAR. the count parameter of this fragment, according to MSDN, is the number of multibyte characters, not the number of bytes. so, did I get this right? _tcsncmp(access, TEXT("ftp"), 3); //or do i want _tcsnccmp? "Supported on Windows platforms only, _mbsncmp and _mbsnbcmp are multibyte versions of strncmp. _mbsncmp will compare at most count multibyte characters and _mbsnbcmp will compare at most count bytes. They both use the current multibyte code page. _tcsnccmp and _tcsncmp are the corresponding Generic functions for _mbsncmp and _mbsnbcmp, respectively. _tccmp is equivalent to _tcsnccmp."

    Read the article

  • Thread-safe queue in Javascript or jQuery

    - by at
    I have many asynchronous AJAX calls whose results will get processed. It doesn't matter what order the processing occurs, but the results need to get processed one at a time. So I'd like to simple do my AJAX calls and they all just put their results in a single queue. That queue should then get processed on a single thread. This way the results get processed one at a time as soon as possible. What's the best way to do this? I'm using jQuery, so happy to take advantage of any facilities it provides for this.

    Read the article

  • Comparing against NSLocalizedString safe?

    - by George
    Hi, Sometimes I need to compare interface elements to other objects. At the moment I'm doing it by comparing their titles against a localized string. Am I right that I better compare my objects against IBOutlets? Tags are out of the question because I'm using NSMenu.

    Read the article

  • Recommendations for an in memory database vs thread safe data structures

    - by yx
    TLDR: What are the pros/cons of using an in-memory database vs locks and concurrent data structures? I am currently working on an application that has many (possibly remote) displays that collect live data from multiple data sources and renders them on screen in real time. One of the other developers have suggested the use of an in memory database instead of doing it the standard way our other systems behaves, which is to use concurrent hashmaps, queues, arrays, and other objects to store the graphical objects and handling them safely with locks if necessary. His argument is that the DB will lessen the need to worry about concurrency since it will handle read/write locks automatically, and also the DB will offer an easier way to structure the data into as many tables as we need instead of having create hashmaps of hashmaps of lists, etc and keeping track of it all. I do not have much DB experience myself so I am asking fellow SO users what experiences they have had and what are the pros & cons of inserting the DB into the system?

    Read the article

  • Is the following C code safe?

    - by lali
    #include<cstdio> #include<stdlib.h> int main() { char* ptr=NULL; printf("%s",ptr); return 0; } It prints (null) as output. The above is a sample code. In real code i get char* as a return of a function and i wish to print the character string for logging. However, NULL is also a valid return value of that function and so i am wondering if a null check is required before printing the character string? char* ptr=someFuncion(); // do i need the following if statement? if(ptr!=NULL) { printf("%s",ptr); } I just want to be sure that the output would be same i.e if ptr=NULL then output should be (null) on all platforms and compilers and the above code(without if statement) would not crash on any C standard compatible platform. In short, is the above code(without the if statement) standard compatible? Thanks for your help and patience :) Regards lali

    Read the article

  • Is autoload thread-safe in Ruby 1.9?

    - by SFEley
    It seems to me that the Ruby community has been freaking out a little about autoload since this famous thread, discouraging its use for thread safety reasons. Does anyone know if this is no longer an issue in Ruby 1.9.1 or 1.9.2? I've seen a bit of talk about wrapping requires in mutexes and such, but the 1.9 changelogs (or at least as much as I've been able to find) don't seem to address this particular question. I'd like to know if I can reasonably start autoloading in 1.9-only libraries without any reasonable grief. Thanks in advance for any insights.

    Read the article

  • Is this ruby code thread safe?

    - by Ben K.
    Is this code threadsafe? It seems like it should be, because @myvar will never be assigned from multiple threads (assuming block completes in < 1s). But do I need to be worried about a situation where the second block is trying to read @myvar as it's being written? require 'rubygems' require 'eventmachine' @myvar = Time.now.to_i EventMachine.run do EventMachine.add_periodic_timer(1) do EventMachine.defer do @myvar = Time.now.to_i # some calculation and reassign end end EventMachine.add_periodic_timer(0.5) do puts @myvar end end

    Read the article

  • Is Stream.Write thread-safe?

    - by Mike Spross
    I'm working on a client/server library for a legacy RPC implementation and was running into issues where the client would sometimes hang when waiting to a receive a response message to an RPC request message. It turns out the real problem was in my message framing code (I wasn't handling message boundaries correctly when reading data off the underlying NetworkStream), but it also made me suspicious of the code I was using to send data across the network, specifically in the case where the RPC server sends a large amount of data to a client as the result of a client RPC request. My send code uses a BinaryWriter to write a complete "message" to the underlying NetworkStream. The RPC protocol also implements a heartbeat algorithm, where the RPC server sends out PING messages every 15 seconds. The pings are sent out by a separate thread, so, at least in theory, a ping can be sent while the server is in the middle of streaming a large response back to a client. Suppose I have a Send method as follows, where stream is a NetworkStream: public void Send(Message message) { //Write the message to a temporary stream so we can send it all-at-once MemoryStream tempStream = new MemoryStream(); message.WriteToStream(tempStream); //Write the serialized message to the stream. //The BinaryWriter is a little redundant in this //simplified example, but here because //the production code uses it. byte[] data = tempStream.ToArray(); BinaryWriter bw = new BinaryWriter(stream); bw.Write(data, 0, data.Length); bw.Flush(); } So the question I have is, is the call to bw.Write (and by implication the call to the underlying Stream's Write method) atomic? That is, if a lengthy Write is still in progress on the sending thread, and the heartbeat thread kicks in and sends a PING message, will that thread block until the original Write call finishes, or do I have to add explicit synchronization to the Send method to prevent the two Send calls from clobbering the stream?

    Read the article

  • Where does one get Visual Source Safe 2005?

    - by strongopinions
    I would like to install VSS 2005 so I can work on a project that is stored under it. Does anyone have any idea where the VSS 2005 client can be obtained? It does not appear to be on my VS2005 install disc (although that is for Team Suite). I cannot get any help from Google. I have an MSDN license (AA edition) but it doesn't seem to be there. This is a real product right? Just to clarify preemptively based on some of the discussions I see on Google when I search for things like "VSS 2005," I am aware of the flaws in VSS and I still need to get it working; I am not interested in converting the project to Subversion; I am not able to transfer it to TFS; I am not able to upgrade the project to VS2008. Thanks.

    Read the article

  • Type-safe mapping from Class<T> to Thing<T>

    - by Joonas Pulakka
    I want to make a map-kind of container that has the following interface: public <T> Thing<T> get(Class<T> clazz); public <T> void put(Class<T> clazz, Thing<T> thing); The interesting point is that the Ts in each Class<T><- Thing<T> pair is the same T, but the container should be able to hold many different types of pairs. Initially I tried a (Hash)Map. But, for instance, Map<Class<T>, Thing<T>> is not right, because then T would be same T for all pairs in that map. Of course, Map<Class<?>, Thing<?>> works, but then I don't have type-safety guarantees so that when I get(String.class), I can't be sure that I get a Thing<String> instance back. Is there a way to accomplish the kind of type safety that I'm looking for?

    Read the article

  • is back_insert_iterator<> safe to be passed by value?

    - by afriza
    I have a code that looks something like: struct Data { int value; }; class A { public: typedef std::deque<boost::shared_ptr<Data> > TList; std::back_insert_iterator<TList> GetInserter() { return std::back_inserter(m_List); } private: TList m_List; }; class AA { boost::scoped_ptr<A> m_a; public: AA() : m_a(new A()) {} std::back_insert_iterator<A::TList> GetDataInserter() { return m_a->GetInserter(); } }; class B { template<class OutIt> CopyInterestingDataTo(OutIt outIt) { // loop and check conditions for interesting data // for every `it` in a Container<Data*> // create a copy and store it for( ... it = ..; .. ; ..) if (...) { *outIt = OutIt::container_type::value_type(new Data(**it)); outIt++; // dummy } } void func() { AA aa; CopyInterestingDataTo(aa.GetInserter()); // aa.m_a->m_List is empty! } }; The problem is that A::m_List is always empty even after CopyInterestingDataTo() is called. However, if I debug and step into CopyInterestingDataTo(), the iterator does store the supposedly inserted data!

    Read the article

  • Looking for a safe, portable password-storage method

    - by Maciek
    Hello, I'm working on C++ project that is supposed to run on both Win32 and Linux, the software is to be deployed to small computers, usually working in remote locations. Recently, our client has requested that we introduce access control via password protection. We are to meet the following criteria : Support remote login Support remote password change Support remote password retrieval Support data retrieval on accidental/purposeful deletion Support secure storage I'm capable of meeting the "remote" requirements using an existing library, however what I do need to consider is a method of storing this data, preferably in a way that will work on both platforms and will not let the user see it/read it, encryption is not the issue here - it's the storage method itself. Can anyone recommend a sage storage method that could help me meet those criteria?

    Read the article

  • JTextArea thread safe?

    - by Dhaivat Pandya
    Hello everyone, I have some code that does some initialization (including making a JTextArea object), starts three seperate threads, and then these threads try to update the JTextArea (i.e. append() to it), but its not working at all. Nothing shows up on the JTextArea (however, during the initialzation, I print some test lines onto it, and that works fine). What's going on? How can I fix this? Also, each of those threads sleeps a random amount of time every time it has to update the JTextArea. Sorry I haven't provided any code, its all spread out over several files.

    Read the article

< Previous Page | 16 17 18 19 20 21 22 23 24 25 26 27  | Next Page >