Search Results

Search found 2674 results on 107 pages for 'validate'.

Page 24/107 | < Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >

  • How can I validate/secure/authenticate a JavaScript-based POST request?

    - by Bungle
    A product I'm helping to develop will basically work like this: A Web publisher creates a new page on their site that includes a <script> from our server. When a visitor reaches that new page, that <script> gathers the text content of the page and sends it to our server via a POST request (cross-domain, using a <form> inside of an <iframe>). Our server processes the text content and returns a response (via JSONP) that includes an HTML fragment listing links to related content around the Web. This response is cached and served to subsequent visitors until we receive another POST request with text content from the same URL, at which point we regenerate a "fresh" response. These POSTs only happen when our cached TTL expires, at which point the server signifies that and prompts the <script> on the page to gather and POST the text content again. The problem is that this system seems inherently insecure. In theory, anyone could spoof the HTTP POST request (including the referer header, so we couldn't just check for that) that sends a page's content to our server. This could include any text content, which we would then use to generate the related content links for that page. The primary difficulty in making this secure is that our JavaScript is publicly visible. We can't use any kind of private key or other cryptic identifier or pattern because that won't be secret. Ideally, we need a method that somehow verifies that a POST request corresponding to a particular Web page is authentic. We can't just scrape the Web page and compare the content with what's been POSTed, since the purpose of having JavaScript submit the content is that it may be behind a login system. Any ideas? I hope I've explained the problem well enough. Thanks in advance for any suggestions.

    Read the article

  • What is the most elegant way to validate the presence of ONLY one out of two attributes using Rails?

    - by marcgg
    class Followup < ActiveRecord::Base belongs_to :post belongs_to :comment end This model needs to only have either a post or a comment, but only one of the two. Here's the rspec for what I'm trying to do: it "should be impossible to have both a comment and a post" do followup = Followup.make followup.comment = Comment.make followup.should be_valid followup.post = Post.make followup.should_not be_valid end I can see a bunch of ways of doing this, but what would be the most elegant way of doing this?

    Read the article

  • Is using os.path.abspath to validate an untrusted filename's location secure?

    - by mcmt
    I don't think I'm missing anything. Then again I'm kind of a newbie. def GET(self, filename): name = urllib.unquote(filename) full = path.abspath(path.join(STATIC_PATH, filename)) #Make sure request is not tricksy and tries to get out of #the directory, e.g. filename = "../.ssh/id_rsa". GET OUTTA HERE assert full[:len(STATIC_PATH)] == STATIC_PATH, "bad path" return open(full).read() Edit: I realize this will return the wrong HTTP error code if the file doesn't exist (at least under web.py). I will fix this.

    Read the article

  • how can I validate column names and count in an List array? C#

    - by Christopher Klein
    I'm trying to get this resolved in .NET 2.0 and unfortunately that is not negotiable. I am reading in a csv file with columns of data that 'should' correspond to a List of tickers in IdentA with some modifications. The csv file columsn would read: A_MSFT,A_CSCO,_A_YHOO,B_MSFT,B_CSCO,B_YHOO,C_MSFT,C_CSCO,C_YHOO IdentA[0]="MSFT" IdentA[1]="CSCO" IdentA[2]="YHOO" The AssetsA array is populated with the csv data AssetsA[0]=0 AssetsA[1]=1.1 AssetsA[2]=0 AssetsA[3]=2 AssetsA[4]=3.2 AssetsA[5]=12 AssetsA[6]=54 AssetsA[7]=13 AssetsA[8]=0.2 The C_ columns are optional but if they exist they all need to exist. All of the suffixes must match the values in IdentA. The values in the csv files all need to be decimal. I'm using a group of 3 as an example, there could be any number of tickers in the IdentA array. Its easy enough to do the first part: for (int x = 0; x < IdentA.Count; x++) { decimal.TryParse(AssetsA[x + IdentA.Count], out currentelections); } So that will get me the first set of values for the A_ columns but how can I get through B_ and C_ ? I can't do something as simple as IdentA.Count*2...

    Read the article

  • datareader.close is called in if - else branching. How to validate datareader is actually closed usi

    - by tanmay
    Hi, I have written couple of custom rules in for fxcop 1.36. I have written a code to find weather opened datareader is closed or not. But it does not check which datareader object is calling the close() method so I can't be sure if all opened datareader objs are closed!! 2nd: if I am using data reader in IF else like if 1=2 dr = cmd.executeReader(); else dr = cmd2.execureReader(); end if in this case it will search for 2 datareader objects to be closed.. I am putting my code for more clarity. public override ProblemCollection Check(Member member) { Method method = member as Method; int countCatch =0; int countErrLog = 0; Instruction objInstr = null; if (method != null) { for (int i = 0; i < method.Instructions.Count; i++) { objInstr = method.Instructions[i]; if (objInstr.Value != null) { if (objInstr.Value.ToString().Contains("System.Data.SqlClient.SqlDataReader")) { countCatch += 1; } if (countCatch>0) { if (objInstr.Value.ToString().Contains("System.Data.SqlClient.SqlDataReader.Close")) { countErrLog += 1; } } } } } if (countErrLog!=countCatch) { Resolution resolu = GetResolution(new string[] { method.ToString() }); Problems.Add(new Problem(resolu)); } return Problems; Thanks and regards, Tanmay.

    Read the article

  • im unable to validate a login of users ,since if im entering the wrong values my datareader is not getting executed y ?

    - by Salman_Khan
    //code private void glassButton1_Click(object sender, EventArgs e) { if (textBox1.Text == "" || textBox1.Text == "" || comboBox1.SelectedIndex == 0) { Message m = new Message(); m.ShowDialog(); } else { try { con.ConnectionString = "Data source=BLACK-PEARL;Initial Catalog=LIFELINE ;User id =sa; password=143"; con.Open(); SqlCommand cmd = new SqlCommand("Select LoginID,Password,Department from Login where LoginID=@loginID and Password=@Password and Department=@Department", con); cmd.Parameters.Add(new SqlParameter("@loginID", textBox1.Text)); cmd.Parameters.Add(new SqlParameter("@Password", textBox2.Text)); cmd.Parameters.Add(new SqlParameter("@Department", comboBox1.Text)); SqlDataReader dr = cmd.ExecuteReader(); if (dr.Read()) { string Strname = dr[0].ToString(); string StrPass = dr[1].ToString(); string StrDept = dr[2].ToString(); if(dr[2].ToString().Equals(comboBox1.Text)&&dr[0].ToString().Equals(textBox1.Text)&&dr[1].ToString().Equals(textBox2.Text)) { MessageBox.Show("Welcome"); } else { MessageBox.Show("Please Enter correct details"); } } dr.Close(); } catch (Exception ex) { MessageBox.Show("Exception" + ex); } finally { con.Close(); } } }

    Read the article

  • Best way to validate a WinCE OS image (.bin) file?

    - by Ryan Clark
    We have a Windows CE 6.0 based product that allows for firmware upgrades through a web interface. I want to perform a sanity check on the new firmware image to be sure that it is valid. How should I perform the validation? I see in the BIOSLOADER code, there is support code for decoding a BIN file. I suppose I could massage that to perform the validation. Is there a better way? Thanks!

    Read the article

  • ASP.NET C# Writting a string into html to validate ?

    - by Yardstermister
    I am pretty new to ASP.NET and C# I have spent the day learning the basics of the ASP.NET Membership provider I have built all my validator but are getting stuck at outputting my error message on the page. private void LogCreateUserError(MembershipCreateStatus status, string username) { string reasonText = status.ToString(); switch (status) { case MembershipCreateStatus.DuplicateEmail: case MembershipCreateStatus.DuplicateProviderUserKey: case MembershipCreateStatus.DuplicateUserName: reasonText = "The user details you entered are already registered."; break; case MembershipCreateStatus.InvalidAnswer: case MembershipCreateStatus.InvalidEmail: case MembershipCreateStatus.InvalidProviderUserKey: case MembershipCreateStatus.InvalidQuestion: case MembershipCreateStatus.InvalidUserName: case MembershipCreateStatus.InvalidPassword: reasonText = string.Format("The {0} provided was invalid.", status.ToString().Substring(7)); break; default: reasonText = "Due to an unknown problem, we were not able to register you at this time"; break; } //CODE TO WRITE reasonText TO THE HTML PAGE ?? } What is the best way to output the varible result onto the page as I have relied upon the built in ASP:Validators untill now.

    Read the article

  • How do i have optional parameter but still validate them in asp.net mvc routing ?

    - by ooo
    I have this route that i just added routes.MapRoute( "MyRoute", "MyController/{action}/{orgId}/{startDate}/{endDate}", new { controller = "MyController", action = "MyAction", orgId = 0, startDate = DateTime.Today.AddMonths(-1), endDate = DateTime.Today }, new { action = new FromValuesListConstraint(new string[] { "MyAction", "MyActionEx" }), orgId = new IntegerRouteConstraint(), startDate = new DateTimeRouteConstraint(), endDate = new DateTimeRouteConstraint() } when i put in this url, it resolves down to the default route (controller, action,id) and the above rout does not catch this url: http://localhost:1713/MyController/MyAction/16 But this below works fine. http://localhost:1713/MyController/MyAction/16/11-May-10/11-May-10 my question is that i thought both would work as i am giving default values to the startDate and enddate fields i tested this using the RouteDebugger and this route turned up false how can i have these last two parameter as optional but still have the validation ?

    Read the article

  • How to validate DataReader is actually closed using FxCop custom rule?

    - by tanmay
    I have written couple of custom rules in for FxCop 1.36. I have written code to find weather an opened DataReader is closed or not. But it does not check which DataReader object is calling the Close() method so I can't be sure if all opened DataReader objects are closed!! 2nd: If I am a DataReader in an 'if/else' like if 1=2 dr = cmd.ExecuteReader(); else dr = cmd2.ExecuteReader(); end if In this case it will search for 2 DataReader objects to be closed. I am putting my code for more clarity. public override ProblemCollection Check(Member member) { Method method = member as Method; int countCatch =0; int countErrLog = 0; Instruction objInstr = null; if (method != null) { for (int i = 0; i < method.Instructions.Count; i++) { objInstr = method.Instructions[i]; if (objInstr.Value != null) { if (objInstr.Value.ToString() .Contains("System.Data.SqlClient.SqlDataReader")) { countCatch += 1; } if (countCatch>0) { if (objInstr.Value.ToString().Contains( "System.Data.SqlClient.SqlDataReader.Close")) { countErrLog += 1; } } } } } if (countErrLog!=countCatch) { Resolution resolu = GetResolution(new string[] { method.ToString() }); Problems.Add(new Problem(resolu)); } return Problems; }

    Read the article

  • This simple XHTML will not validate. What is the problem?

    - by Justice Conder
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <?xml version="1.0" encoding="UTF-8"?> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>My Title</title> <link rel="stylesheet" type="text/css" href="myStyle.css"/> </head> <body> <div> <h1>Heading One</h1> <p class="para1">Paragraph One</p> <h3>Heading Two</h3> <p>Paragraph Two</p> <h3>Heading Three</h3> <p>Paragraph Three<p> <br /> <a href="Lab1Page2.html">Link One</a> <br /> <a href="Lab1Page3.html">Link Two</a> </div> </body> </html>

    Read the article

  • How to validate a bunch of proxies against a URL?

    - by NJTechGuy
    I have a list of 100 proxies. The URL I am interested in is abc.com. I want to check the number of proxies which can successfully fetch this URL and the time taken for the same. I am hoping I made sense. I am a Python noob. I am looking for a code snippet. A helping hand is really appreciated :) Proxies : 200.43.54.212 200.43.54.212 200.43.54.212 200.43.54.212 URL : abc.com Desired result : Proxy isGood Time 200.43.54.112 n 23.12 200.43.54.222 n 12.34 200.43.54.102 y 11.09 200.43.54.111 y 8.85 p.s : All the above proxies have ports either 80 or 8080

    Read the article

  • How do I add a function to an element via jQuery?

    - by Chad Johnson
    I want to do something like this: $('.dynamicHtmlForm').validate = function() { return true; } $('.dynamicHtmlForm .saveButton').click(function() { if (!$(this).closest('.dynamicHtmlForm').validate()) { return false; } return true; }); And then when I have a form of class dynamicHtmlForm, I want to be able to provide a custom validate() function: $('#myDynamicHtmlForm').validate = function() { // do some validation if (there are errors) { return false; } return true; } But I get this when I do this: $(this).closest(".dynamicHtmlForm").validate is not a function Is what I've described even possible? If so, what am I doing wrong?

    Read the article

  • Does Core Data automatically validate new values when they are set?

    - by mystify
    In this question, someone asked how to write a validation method for Core Data. I did that, and it looks cool. But one thing doesn't happen: The validation. I can easily set any "bad" value and this method doesn't get called automatically. What's the concept behind this? Must I always first call the validation method before setting any value? So would I write setter methods which call the appropriate validation method first? And if yes, what's the point of following a strict convention in how to write the validation method signature? I guess there's also some automatic way of validation, then. How to activate this?

    Read the article

  • Store Business Rules in XML Document, Validate afterwards in Java, how?

    - by JavaPete
    Example XML Rules document: <user> <username> <not-null/> <capitals value="false"/> <max-length value="15"/> </username> <email> <not-null/> <isEmail/> <max-length value="40"/> </email> </user> How do I implement this? I'm starting from scratch, what I currently have is a User-class, and a UserController which saves the User object in de DB (through a Service-layer and Dao-layer), basic Spring MVC. I can't use Spring MVC Validation however in our Model-classes, I have to use an XML document so an Admin can change the rules I think I need a pattern which dynamically builds an algorithm based on what is provided by the XML Rules document, but I can't seem to think of anything other than a massive amount of if-statements. I also have nothing for the parsing yet and I'm not sure how I'm gonna (de)couple it from the actual implementation of the validation-process.

    Read the article

< Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >