Search Results

Search found 3574 results on 143 pages for 'nautilus actions'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 25/143 | < Previous Page | 21 22 23 24 25 26 27 28 29 30 31 32  | Next Page >

  • Complex sorting of XML subnodes in .Net3.5 onwards

    - by MicMit
    XML structure expressed in Xpath kind of Records/Record/Actions/Action/ActionDate the other node on the same level Records/Record/Actions/Action/CTCDate Is there easy or not easy way to sort it on "order by ActionDate,CTCDate" ( in SQL notation ), but per Actions for each selected Record when we iterate somehow ( not per XML file ). File around 50M

    Read the article

  • Cake php menu generation

    - by RSK
    hai everyone........ I am trying to generate dynamic menu according to the user permission given with ACL component in cake php.. ie., if a user logins, i need to check which all actions are permitted for that specific user and according that list of actions i need to generate menu can any one help me to get all the permitted actions from the acos,aros,acos_aros tables thanks in advance

    Read the article

  • Producing POD summary information in HTML

    - by justintime
    Is there a tool available that can produce an HTML summary list of perl modules or scripts in a directory tree. Given =head1 NAME wibble.pl - does wibble actions I would like to see something like <a href="docsforwibble">wibble.pl</a> - does wibble actions <a href="docsforwobble">wibble.pl</a> - does wobble actions

    Read the article

  • Need Help on entity framework

    - by Sarathi1904
    I have 3 tables(Roles,Actions and RoleActionLinks). Roles table has few columns(RoleID,RoleName,Desc). Actions table has few colums(ActionID,ActionName,Desc). In RoleActionLink is created for store the association between Roles and Actions and this table has the columns such as RoleID,ActionID When I created the data model(edmx). it shows only Role and Action as entity. i did not find RoleActionLink table. but even there is no direct relation between Roles and Actions table, both tables are automatically related using RoleActionLink table. When i create the new Action, a action record should be populated in Action table(this is works fine). At the same time, i need to populate record in RoleActionLinks table. But i dont have the entity to populate. Please tell me how to accomplish my needs.

    Read the article

  • Batch update records in Grails

    - by UltraVi01
    I have to calculate a "total" for each user based on individual actions -- that is, a User hasMany Actions and each Action has a point. So I need to basically get a sum of all the points on all the actions. Actions are added and subtracted regularly. Since this can be a rather heavy operation, it's not feasible that I execute the "total" each time I need it. Therefore, I am thinking of running the operation once a day for each user and storing the total points on the User as an int. Because I have thousands of users, I am trying to figure out the best way to do this. Should I basically iterate through all the users and call User.save() each time, or is there some kind of batch update mechanism I can use in Grails / GORM?

    Read the article

  • how to pass Html.TextBox to controller?

    - by sam26092004
    May be this simple. But, I've hard time figuring it out. I've a controller with different actions that calls the DB code and return result. I want to pass the value of text box to different actions in controller. How to do it? I know that, I can pass values by using form. But, I don't to know how to call different actions in controller from single view.

    Read the article

  • Extending the IndexController with a BaseController in Zend

    - by BillA
    I'm trying to extend my controllers with a global base controller as such: class BaseController extends Zend_Controller_Action { // common controller actions public function listAction() { // do stuff } } class IndexController extends BaseController { // index controller specific actions } class LoginController extends BaseController { // login controller specific actions } But I get this error: PHP Fatal error: Class 'BaseController' not found in /var/www/Zend/project/application/controllers/IndexController.php on line 3 Any ideas on how to get Zend to "see" this controller?

    Read the article

  • Home Pages in ASP.NET MVC

    - by Maxim Z.
    I'm trying out ASP.NET MVC, but, after reading a huge tutorial, I'm slightly confused. I understand how Controllers have Actions that URLs are routed to, but how do home pages work? Is the home page its own controller (e.g. "Home") that has no actions? This sounds correct, but how is it functionality implemented without Actions (no Actions means no methods that call the View Engine)? In other words, my question is this: how are home pages implemented (in terms of Controllers and Views)? Could you please provide sample code?

    Read the article

  • What does the Facebook Ads API link_click metric indicate in adcampaignstats

    - by Michael Baird
    I would love to get a definitive answer or a glossary that defines the data returned from the Facebook ads api adcampaignstats. Specifically the difference between the actions and inline_actions. Below is the result for a dark post, and I like to know what the "link_click" metric in actions and inline_actions actually counts. i.e. Does this tell me that in total the campaign had 342 links clicked, or does "link_click" in "actions" and "inline_actions" indicate something else? act_{ad_account_id}/adcampaignstats?campaign_ids=[123456] { "is_completed": false, "social_unique_clicks": 0, "topline_id": 0, "unique_impressions": 0, "start_time": null, "campaign_id": 123456, "actions": { "offsite_conversion.registration": 14, "post_like": 2, "like": 5, "photo_view": 1, "link_click": 180 }, "clicks": 301, "inline_actions": { "comment": 0, "video_play": 0, "title_clicks": 0, "like": 10, "rsvp_maybe": 0, "post_like": 13, "photo_view": 0, "rsvp_yes": 0, "link_click": 162, "question_vote": 0 }, }

    Read the article

  • How to stop/override a Jquery TimeOut function?

    - by Tom
    Hi, I have a small jquery snippet that displays notification message at the top of the screen in response to user actions on a page. The notification is often displayed after Ajax actions with dynamic content inside it. For example: $("#mini-txt").html("Thank you!"); $("#mini").fadeIn("fast"); setTimeout(function() {$("#mini").animate({height: "hide", opacity: "hide"}, "medium");}, 3000); The notification works well, except when a user does two or more actions in rapid succession, in which case the TimeOut function will confuse itself and the second message appears to come inside the previous 3000 milliseconds. Is there a way to "kill" the previous notification if a new action is performed. I've got no problem with the actions/selectors, just the TimeOut function.... either stopping it or overriding it somehow. Or perhaps there's a better alternative for getting the message to linger on the screen for a few seconds before disappearing? Thank you.

    Read the article

  • db optimization - have a total field or query table?

    - by Dorian Fife
    I have an app where users get points for actions they perform - either 1 point for an easy action or 2 for a difficult one. I wish to display to the user the total number of points he got in my app and the points obtained this week (since Monday at midnight). I have a table that records all actions, along with their time and number of points. I have two alternatives and I'm not sure which is better: Every time the user sees the report perform a query and sum the points the user got Add two fields to each user that records the number of points obtained so far (total and weekly). The weekly points value will be set to 0 every Monday at midnight. The first option is easier, but I'm afraid that as I'll get many users and actions queries will take a long time. The second option bares the risk of inconsistency between the table of actions and the summary values. I'm very interested in what you think is the best alternative here. Thanks, Dorian

    Read the article

  • new controller in oo php

    - by pradeep
    Hi , I have a practical doubt , I am using OO php , and i am new to it. I am using zend framework to be clear. I am writing controllers(class) and actions(methods) with in it say PatientMapper.php which has all single mysql table related actions and Patient.php which has all setter and getter functions. I get a doubt that when should i write a new controller. Should i write a controller for all the actions on a single mysql table . or a single controller for all actions related to a module.

    Read the article

  • Block call in Ruby on Rails

    - by Mattias
    Hi, I'm trying to clean up my code and get rid of a lot of ugly hashes. In my views I define several actions like this: @actions = { :interest => {'Show interest', link_to(..), :disabled => true}, :follow => {'Follow this case', link_to(..)} ... } As these hashes grow, the maintainability decreases. I want to convert the above format to something like: actions do item :interest, 'Show interest', link_to(..), :disabled => true item :follow, 'Follow', link_to(..) ... end How do I structure my helper methods to allow this? Preferably the 'item'-method should only be available in the 'actions' block and not in the global scope. Thanks!

    Read the article

  • Blender multiple animations and Collada export

    - by Morgan Bengtsson
    Say I have a simple mesh in Blender, with two keyframes, like so: Then, another animation for the same mesh, also with two keyframes: Theese animations worke fine in Blender and I can switch between them in the Dopesheet, where they are called "actions": The problem arises, when i try to export this to the Collada format, for use in my game engine. The only animation/action that seems to be carried over, is the one currently associated to the mesh. Is it possible to export multiple animations/actions for the same mesh, to the Collada format?

    Read the article

  • I have removed my password now what should I answer when it asks for password?

    - by Manik Rastogi
    I used pass word earlier but for now I removed password and used to login without password. Now some actions need administrators aurthentication through password even to set password I it asks for password but actually there is no password and so it doesn't authenticates any actions that need administrators authentication and when I try to use my old password but it also doesn't works. Now what should I do for this case ?

    Read the article

  • Removing Menu Items from Window Tabs

    - by Geertjan
    So you're working on your NetBeans Platform application and you notice that when you right-click on tabs in the predefined windows, e.g., the Projects window, you see a long list of popup menus. For whatever the reason is, you decide you don't want those popup menus. You right-click the application and go to the Branding dialog. There you uncheck the checkboxes that are unchecked below: As you can see above, you've removed three features, all of them related to closing the windows in your application. Therefore, "Close" and "Close Group" are now gone from the list of popup menus: But that's not enough. You also don't want the popup menus that relate to maximizing and minimizing the predefined windows, so you uncheck those checkboxes that relate to that: And, hey, now they're gone too: Next, you decide to remove the feature for floating, i.e., undocking the windows from the main window: And now they're gone too: However, even when you uncheck all the remaining checkboxes, as shown here... You're still left with those last few pesky popup menu items that just will not go away no matter what you do: The reason for the above? Those actions are hardcoded into the action list, which is a bug. Until it is fixed, here's a handy workaround: Set an implementation dependency on "Core - Windows" (core.window). That is, set a dependency and then specify that it is an implementation dependency, i.e., that you'll be using an internal class, not one of the official APIs. In one of your existing modules, or in a new one, make sure you have (in addition to the above) a dependency on Lookup API and Window System API. And then, add the class below to the module: import javax.swing.Action; import org.netbeans.core.windows.actions.ActionsFactory; import org.openide.util.lookup.ServiceProvider; import org.openide.windows.Mode; import org.openide.windows.TopComponent; @ServiceProvider(service = ActionsFactory.class) public class EmptyActionsFactory extends ActionsFactory { @Override public Action[] createPopupActions(TopComponent tc, Action[] actions) { return new Action[]{}; } @Override public Action[] createPopupActions(Mode mode, Action[] actions) { return new Action[]{}; } } Hurray. Farewell to superfluous popup menu items on your window tabs. In the screenshot below, the tab of the Projects window is being right-clicked and no popup menu items are shown, which is true for all the other windows, those that are predefined as well as those that you add afterwards:

    Read the article

  • SSL on site which asks API via HTTPS

    - by Larry Cinnabar
    For example I have a site site.com. It has its own http json api: api.site.com. API has authorisation and it runs under https. Now, I need to make visualization of some functionality of json api - so I need to make a profile section on site.com: Authorisation form, and user profile section with actions. All actions will be done via cURL requests to https://api.site.com. Have I use SSL on site.com too?

    Read the article

  • Affiliate programs offering redirects back to my site after successful conversion

    - by Andy
    I am building a website where members are rewarded for actions completed. For some of these actions within my site (such as uploading a photo), I would like to offer my members the ability to participate in affiliate sites as follows: Once they complete the required action, they are rewarded on my site. Ideally, I would pass in the redirect url when sending the member to their site. Are there affiliate programs that offer to redirect back to your site?

    Read the article

  • Sending notification after an event has remained open for a specified period

    - by Loc Nhan
    Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 Enterprise Manager (EM) 12c allows you to create an incident rule to send a notification and/or create an incident after an event has been open for a specified period. Such an incident rule will help prevent premature alerts on issues that may correct themselves within a certain amount of time. For example, there are some agents in an unstable network area, and often there are communication failures between the agents and the OMS lasting three, four minutes at a time. In this scenario, you may only want to receive alerts after an agent in that area has been in the Agent Unreachable status for at least five minutes. Note: Many non-target availability metrics allow users to specify the “number of occurrences” or the number of consecutive times metric values reach thresholds before a notification is sent. It is best to use the feature for such metrics. This article provides a step-by-step guide for creating an incident rule set to cater for the above scenario, that is, to create an incident and send a notification after the Agent Unreachable event has remained open for a five-minute duration. Steps to create the incident rule 1.     Log on to the console and navigate to Setup -> Incidents -> Incident Rules. Note: A non-super user requires the Create Enterprise Rule Set privilege, which is a resource privilege, to create an incident rule. The Incident Rules - All Enterprise Rules page displays. 2.     Click Create Rule Set … The Create Rule Set page displays. 3.     Enter a name for the rule set (e.g. Rule set for agents in flaky network areas), optionally enter a description, and leave everything else at default values, and click + Add. The Search and Select: Targets page pops up. Note:  While you can create a rule set for individual targets, it is a best practice to use a group for this purpose. 4.     Select an appropriate group, e.g. the AgentsInFlakyNework group. The Select button becomes enabled, click the button. The Create Rule Set page displays. 5.     Leave everything at default values, and click the Rules tab. The Create Rule Set page displays. 6.     Click Create… The Select Type of Rule to Create page pops up. 7.     Leave the Incoming events and updates to events option selected, and click Continue. The Create New Rule : Select Events page displays. 8.     Select Target Availability from the Type drop-down list. The page shows more options for Target Availability. 9.     Select the Specific events of type Target Availability option, and click + Add. The Select Target Availability events page pops up. 10.   Select Agent from the Target Type dropdown list. The page expands. 11.   Click the Agent unreachable checkbox, and click OK. Note: If you want to also receive a notification when the event is cleared, click the Agent unreachable end checkbox as well before clicking OK. The Create New Rule : Select Events page displays. 12.   Click Next. The Create New Rule : Add Actions page displays. 13.   Click + Add. The Add Actions page displays. 14.   Do the following: a.     Select the Only execute the actions if specified conditions match option (You don’t want the action to trigger always). The following options appear in the Conditions for Actions section. b.     Select the Event has been open for specified duration option. The Conditions for actions section expands. c.     Change the values of Event has been open for to 5 Minutes as shown below. d.     In the Create Incident or Update Incident section, click the Create Incident checkbox as following: e.     In the Notifications section, enter an appropriate EM user or email address in the E-mail To field. f.     Click Continue (in the top right hand corner). The Create New Rule : Add Actions page displays. 15.   Click Next. The Create New Rule : Specify name and Description page displays. 16.   Enter a rule name, and click Next. The Create New Rule : Review page appears. 17.   Click Continue, and proceed to save the rule set. The incident rule set creation completes. After one of the agents in the group specified in the rule set is stopped for over 5 minutes, EM will send a mail notification and create an incident as shown in the following screenshot. In conclusion, you have seen the steps to create an example incident rule set that only creates an incident and triggers a notification after an event has been open for a specified period. Such an incident rule can help prevent unnecessary incidents and alert notifications leaving EM administrators time to more important tasks. - Loc Nhan

    Read the article

  • How to get full control of umask/PAM/permissions?

    - by plua
    OUR SITUATION Several people from our company log in to a server and upload files. They all need to be able to upload and overwrite the same files. They have different usernames, but are all part of the same group. However, this is an internet server, so the "other" users should have (in general) just read-only access. So what I want to have is these standard permissions: files: 664 directories: 771 My goal is that all users do not need to worry about permissions. The server should be configured in such a way that these permissions apply to all files and directories, newly created, copied, or over-written. Only when we need some special permissions we'd manually change this. We upload files to the server by SFTP-ing in Nautilus, by mounting the server using sshfs and accessing it in Nautilus as if it were a local folder, and by SCP-ing in the command line. That basically covers our situation and what we aim to do. Now, I have read many things about the beautiful umask functionality. From what I understand umask (together with PAM) should allow me to do exactly what I want: set standard permissions for new files and directories. However, after many many hours of reading and trial-and-error, I still do not get this to work. I get many unexpected results. I really like to get a solid grasp of umask and have many question unanswered. I will post these questions below, together with my findings and an explanation of my trials that led to these questions. Given that many things appear to go wrong, I think that I am doing several things wrong. So therefore, there are many questions. NOTE: I am using Ubuntu 9.10 and therefore can not change the sshd_config to set the umask for the SFTP server. Installed SSH OpenSSH_5.1p1 Debian-6ubuntu2 < required OpenSSH 5.4p1. So here go the questions. 1. DO I NEED TO RESTART FOR PAM CHANGS TO TAKE EFFECT? Let's start with this. There were so many files involved and I was unable to figure out what does and what does not affect things, also because I did not know whether or not I have to restart the whole system for PAM changes to take effect. I did do so after not seeing the expected results, but is this really necessary? Or can I just log out from the server and log back in, and should new PAM policies be effective? Or is there some 'PAM' program to reload? 2. IS THERE ONE SINGLE FILE TO CHANGE THAT AFFECTS ALL USERS FOR ALL SESSIONS? So I ended up changing MANY files, as I read MANY different things. I ended up setting the umask in the following files: ~/.profile -> umask=0002 ~/.bashrc -> umask=0002 /etc/profile -> umask=0002 /etc/pam.d/common-session -> umask=0002 /etc/pam.d/sshd -> umask=0002 /etc/pam.d/login -> umask=0002 I want this change to apply to all users, so some sort of system-wide change would be best. Can it be achieved? 3. AFTER ALL, THIS UMASK THING, DOES IT WORK? So after changing umask to 0002 at every possible place, I run tests. ------------SCP----------- TEST 1: scp testfile (which has 777 permissions for testing purposes) server:/home/ testfile 100% 4 0.0KB/s 00:00 Let's check permissions: user@server:/home$ ls -l total 4 -rwx--x--x 1 user uploaders 4 2011-02-05 17:59 testfile (711) ---------SSH------------ TEST 2: ssh server user@server:/home$ touch anotherfile user@server:/home$ ls -l total 4 -rw-rw-r-- 1 user uploaders 0 2011-02-05 18:03 anotherfile (664) --------SFTP----------- Nautilus: sftp://server/home/ Copy and paste newfile from client to server (777 on client) TEST 3: user@server:/home$ ls -l total 4 -rwxrwxrwx 1 user uploaders 3 2011-02-05 18:05 newfile (777) Create a new file through Nautilus. Check file permissions in terminal: TEST 4: user@server:/home$ ls -l total 4 -rw------- 1 user uploaders 0 2011-02-05 18:06 newfile (600) I mean... WHAT just happened here?! We should get 644 every single time. Instead I get 711, 777, 600, and then once 644. And the 644 is only achieved when creating a new, blank file through SSH, which is the least probable scenario. So I am asking, does umask/pam work after all? 4. SO WHAT DOES IT MEAN TO UMASK SSHFS? Sometimes we mount a server locally, using sshfs. Very useful. But again, we have permissions issues. Here is how we mount: sshfs -o idmap=user -o umask=0113 user@server:/home/ /mnt NOTE: we use umask = 113 because apparently, sshfs starts from 777 instead of 666, so with 113 we get 664 which is the desired file permission. But what now happens is that we see all files and directories as if they are 664. We browse in Nautilus to /mnt and: Right click - New File (newfile) --- TEST 5 Right click - New Folder (newfolder) --- TEST 6 Copy and paste a 777 file from our local client --- TEST 7 So let's check on the command line: user@client:/mnt$ ls -l total 8 -rw-rw-r-- 1 user 1007 3 Feb 5 18:05 copyfile (664) -rw-rw-r-- 1 user 1007 0 Feb 5 18:15 newfile (664) drw-rw-r-- 1 user 1007 4096 Feb 5 18:15 newfolder (664) But hey, let's check this same folder on the server-side: user@server:/home$ ls -l total 8 -rwxrwxrwx 1 user uploaders 3 2011-02-05 18:05 copyfile (777) -rw------- 1 user uploaders 0 2011-02-05 18:15 newfile (600) drwx--x--x 2 user uploaders 4096 2011-02-05 18:15 newfolder (711) What?! The REAL file permissions are very different from what we see in Nautilus. So does this umask on sshfs just create a 'filter' that shows unreal file permissions? And I tried to open a file from another user but the same group that had real 600 permissions but 644 'fake' permissions, and I could still not read this, so what good is this filter?? 5. UMASK IS ALL ABOUT FILES. BUT WHAT ABOUT DIRECTORIES? From my tests I can see that the umask that is being applied also somehow influences the directory permissions. However, I want my files to be 664 (002) and my directories to be 771 (006). So is it possible to have a different umask for directories? 6. PERHAPS UMASK/PAM IS REALLY COOL, BUT UBUNTU IS JUST BUGGY? On the one hand, I have read topics of people that have had success with PAM/UMASK and Ubuntu. On the other hand, I have found many older and newer bugs regarding umask/PAM/fuse on Ubuntu: https://bugs.launchpad.net/ubuntu/+source/gdm/+bug/241198 https://bugs.launchpad.net/ubuntu/+source/fuse/+bug/239792 https://bugs.launchpad.net/ubuntu/+source/pam/+bug/253096 https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/549172 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314796 So I do not know what to believe anymore. Should I just give up? Would ACL solve all my problems? Or do I have again problems using Ubuntu? One word of caution with backups using tar. Red Hat /Centos distributions support acls in the tar program but Ubuntu does not support acls when backing up. This means that all acls will be lost when you create a backup. I am very willing to upgrade to Ubuntu 10.04 if that would solve my problems too, but first I want to understand what is happening.

    Read the article

  • Python/C "defs" file - what is it?

    - by detly
    In the nautilus-python bindings, there is a file "nautilus.defs". It contains stanzas like (define-interface MenuProvider (in-module "Nautilus") (c-name "NautilusMenuProvider") (gtype-id "NAUTILUS_TYPE_MENU_PROVIDER") ) or (define-method get_mime_type (of-object "NautilusFileInfo") (c-name "nautilus_file_info_get_mime_type") (return-type "char*") ) Now I can see what most of these do (eg. that last one means that I can call the method "get_mime_type" on a "FileInfo" object). But I'd like to know: what is this file, exactly (ie. what do I search the web for to find out more info)? Is it a common thing to find in Python/C bindings? What is the format, and where is it documented? What program actually processes it? (So far, I've managed to glean that it gets transformed into a C source file, and it looks a bit like lisp to me.)

    Read the article

  • VPS with Plesk, one ip, and godaddy (definely need help)

    - by Francesco
    Hi there, here's my situation : i've Plesk 8.3.0 with one IP and i've registered my domains at godaddy.com My problem : i cannot figure out how to configure plesk and godaddy to have my domains (6) properly working into the VPS. i've only one IP, so i can't have my personal NS and need to use godaddy ns. But.. how do i set all the stuff ? I've made a try but it's not working. Please take a look : This is an example of how the domain i'm actually working on is configured On Plesk : Host Record type Value 1.2.3.4 / 24 PTR mydomain.com. ftp.mydomain.com. CNAME mydomain.com. mail.mydomain.com. A 1.2.3.4 ns.mydomain.com. A 1.2.3.4 mydomain.com. NS ns.mydomain.com. mydomain.com. A 1.2.3.4 mydomain.com. MX (10) mail.mydomain.com. webmail.mydomain.com. A 1.2.3.4 www.mydomain.com. CNAME mydomain.com. On godaddy,(Total DNS Control) for the same domain i have this setup : A (Host) Host Points To TTL Actions * 1.2.3.4 1 Hour CNAMES (Aliases) Host Points To TTL Actions e email.secureserver.net 1 Hour email email.secureserver.net 1 Hour ftp @ 1 Hour imap imap.secureserver.net 1 Hour mail pop.secureserver.net 1 Hour mobilemail mobilemail-v01.prod.mesa1.secureserver.net 1 Hour pda mobilemail-v01.prod.mesa1.secureserver.net 1 Hour pop pop.secureserver.net 1 Hour smtp smtp.secureserver.net 1 Hour webmail webmail.secureserver.net 1 Hour www @ 1 Hour MX (Mail Exchange) Priority Host Goes To TTL Actions 10 @ mailstore1.secureserver.net 1 Hour 0 @ smtp.secureserver.net Host Points To TTL Actions @ ns53.domaincontrol.com @ ns54.domaincontrol.com What should i correct ? Thanks for helping me Francesco

    Read the article

  • Anti-Forgery Request in ASP.NET MVC and AJAX

    - by Dixin
    Background To secure websites from cross-site request forgery (CSRF, or XSRF) attack, ASP.NET MVC provides an excellent mechanism: The server prints tokens to cookie and inside the form; When the form is submitted to server, token in cookie and token inside the form are sent by the HTTP request; Server validates the tokens. To print tokens to browser, just invoke HtmlHelper.AntiForgeryToken():<% using (Html.BeginForm()) { %> <%: this.Html.AntiForgeryToken(Constants.AntiForgeryTokenSalt)%> <%-- Other fields. --%> <input type="submit" value="Submit" /> <% } %> which writes to token to the form:<form action="..." method="post"> <input name="__RequestVerificationToken" type="hidden" value="J56khgCvbE3bVcsCSZkNVuH9Cclm9SSIT/ywruFsXEgmV8CL2eW5C/gGsQUf/YuP" /> <!-- Other fields. --> <input type="submit" value="Submit" /> </form> and the cookie: __RequestVerificationToken_Lw__=J56khgCvbE3bVcsCSZkNVuH9Cclm9SSIT/ywruFsXEgmV8CL2eW5C/gGsQUf/YuP When the above form is submitted, they are both sent to server. [ValidateAntiForgeryToken] attribute is used to specify the controllers or actions to validate them:[HttpPost] [ValidateAntiForgeryToken(Salt = Constants.AntiForgeryTokenSalt)] public ActionResult Action(/* ... */) { // ... } This is very productive for form scenarios. But recently, when resolving security vulnerabilities for Web products, I encountered 2 problems: It is expected to add [ValidateAntiForgeryToken] to each controller, but actually I have to add it for each POST actions, which is a little crazy; After anti-forgery validation is turned on for server side, AJAX POST requests will consistently fail. Specify validation on controller (not on each action) Problem For the first problem, usually a controller contains actions for both HTTP GET and HTTP POST requests, and usually validations are expected for HTTP POST requests. So, if the [ValidateAntiForgeryToken] is declared on the controller, the HTTP GET requests become always invalid:[ValidateAntiForgeryToken(Salt = Constants.AntiForgeryTokenSalt)] public class SomeController : Controller { [HttpGet] public ActionResult Index() // Index page cannot work at all. { // ... } [HttpPost] public ActionResult PostAction1(/* ... */) { // ... } [HttpPost] public ActionResult PostAction2(/* ... */) { // ... } // ... } If user sends a HTTP GET request from a link: http://Site/Some/Index, validation definitely fails, because no token is provided. So the result is, [ValidateAntiForgeryToken] attribute must be distributed to each HTTP POST action in the application:public class SomeController : Controller { [HttpGet] public ActionResult Index() // Works. { // ... } [HttpPost] [ValidateAntiForgeryToken(Salt = Constants.AntiForgeryTokenSalt)] public ActionResult PostAction1(/* ... */) { // ... } [HttpPost] [ValidateAntiForgeryToken(Salt = Constants.AntiForgeryTokenSalt)] public ActionResult PostAction2(/* ... */) { // ... } // ... } Solution To avoid a large number of [ValidateAntiForgeryToken] attributes (one attribute for one HTTP POST action), I created a wrapper class of ValidateAntiForgeryTokenAttribute, where HTTP verbs can be specified:[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)] public class ValidateAntiForgeryTokenWrapperAttribute : FilterAttribute, IAuthorizationFilter { private readonly ValidateAntiForgeryTokenAttribute _validator; private readonly AcceptVerbsAttribute _verbs; public ValidateAntiForgeryTokenWrapperAttribute(HttpVerbs verbs) : this(verbs, null) { } public ValidateAntiForgeryTokenWrapperAttribute(HttpVerbs verbs, string salt) { this._verbs = new AcceptVerbsAttribute(verbs); this._validator = new ValidateAntiForgeryTokenAttribute() { Salt = salt }; } public void OnAuthorization(AuthorizationContext filterContext) { string httpMethodOverride = filterContext.HttpContext.Request.GetHttpMethodOverride(); if (this._verbs.Verbs.Contains(httpMethodOverride, StringComparer.OrdinalIgnoreCase)) { this._validator.OnAuthorization(filterContext); } } } When this attribute is declared on controller, only HTTP requests with the specified verbs are validated:[ValidateAntiForgeryTokenWrapper(HttpVerbs.Post, Constants.AntiForgeryTokenSalt)] public class SomeController : Controller { // Actions for HTTP GET requests are not affected. // Only HTTP POST requests are validated. } Now one single attribute on controller turns on validation for all HTTP POST actions. Submit token via AJAX Problem For AJAX scenarios, when request is sent by JavaScript instead of form:$.post(url, { productName: "Tofu", categoryId: 1 // Token is not posted. }, callback); This kind of AJAX POST requests will always be invalid, because server side code cannot see the token in the posted data. Solution The token must be printed to browser then submitted back to server. So first of all, HtmlHelper.AntiForgeryToken() must be called in the page where the AJAX POST will be sent. Then jQuery must find the printed token in the page, and post it:$.post(url, { productName: "Tofu", categoryId: 1, __RequestVerificationToken: getToken() // Token is posted. }, callback); To be reusable, this can be encapsulated in a tiny jQuery plugin:(function ($) { $.getAntiForgeryToken = function () { // HtmlHelper.AntiForgeryToken() must be invoked to print the token. return $("input[type='hidden'][name='__RequestVerificationToken']").val(); }; var addToken = function (data) { // Converts data if not already a string. if (data && typeof data !== "string") { data = $.param(data); } data = data ? data + "&" : ""; return data + "__RequestVerificationToken=" + encodeURIComponent($.getAntiForgeryToken()); }; $.postAntiForgery = function (url, data, callback, type) { return $.post(url, addToken(data), callback, type); }; $.ajaxAntiForgery = function (settings) { settings.data = addToken(settings.data); return $.ajax(settings); }; })(jQuery); Then in the application just replace $.post() invocation with $.postAntiForgery(), and replace $.ajax() instead of $.ajaxAntiForgery():$.postAntiForgery(url, { productName: "Tofu", categoryId: 1 }, callback); // Token is posted. This solution looks hard coded and stupid. If you have more elegant solution, please do tell me.

    Read the article

  • Delete corrupted folder

    - by Peter Becich
    I am trying to delete a folder in my home directory; its name is completely garbled. In Nautilus, the garbled text is followed by 'Invalid Directory.' Deleting it with Nautilus stalls; I can't type in the garbled name in the terminal. peter@io_vbox:~$ ls -lbdR * ... drwxrwxr-x 3 peter peter 4096 Jul 28 15:19 \346>\3152\357+\332)\363*\356,\253-\277+H&\266\033z\v\373\366\340\340?\314\022\274P\262\003\260?\303p\326\342\351\214\374f\016X\036r)!.\026 ... Any ideas? Running 12.04; if it's of any importance, this is running in VirtualBox on a Macbook Air. It was installed through VirtualBox. I don't have any other signs of SSD failure that I've picked up on -- referring to this question: Random files (invalid encoding) appearing in home directory Thanks

    Read the article

  • Command line method to find disk usage of camera mounted using gvfs

    - by Hamish Downer
    When my camera was mounted on /media I could use the standard tools (df) to see the disk usage of the card in my camera. However now the camera is mounted using gvfs, and df seems to ignore it. I've also tried pydf and discus to no avail. The camera is definitely available through nautilus, and when I select the camera in nautlius, the status bar tells me the amount of disk free. I can also open the ~/.gvfs/ folder in nautilus and right click on the camera folder and get the disk usage in a graphical way. But that is no use for a script. Are there command line tools that are the equivalent of df for gvfs filesystems? Or even better, a way to make df report on gvfs filesystems?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 21 22 23 24 25 26 27 28 29 30 31 32  | Next Page >