Search Results

Search found 89593 results on 3584 pages for 'just user'.

Page 268/3584 | < Previous Page | 264 265 266 267 268 269 270 271 272 273 274 275  | Next Page >

  • Can a python view template be made to be 'safe/secure' if I make it user editable?

    - by Blankman
    Say I need to have a templating system where a user can edit it online using an online editor. So they can put if tags, looping tags etc., but ONLY for specific objects that I want to inject into the template. Can this be made to be safe from security issues? i.e. them somehow outputing sql connection string information or scripting things outside of the allowable tags and injected objects.

    Read the article

  • How to reliably categorize HTTP sessions in proxy to corresponding browser' windows/tabs user is viewing?

    - by Jehonathan
    I was using the Fiddler core .Net library as a local proxy to record the user activity in web. However I ended up with a problem which seems dirty to solve. I have a web browser say Google Chrome, and the user opened like 10 different tabs each with different web URLs. The problem is that the proxy records all the HTTP session initiated by each pages separately, causing me to figure out using my intelligence the tab which the corresponding HTTP session belonged to. I understand that this is because of the stateless nature of HTTP protocol. However I am just wondering is there an easy way to do this? I ended up with below c# code for that in Fiddler. Still its not a reliable solution due to the heuristics. This is a modification of the sample project bundled with Fiddler core for .NET 4. Basically what it does is filtering HTTP sessions initiated in last few seconds to find the first request or switching to another page made by the same tab in browser. It almost works, but not seems to be a universal solution. Fiddler.FiddlerApplication.AfterSessionComplete += delegate(Fiddler.Session oS) { //exclude other HTTP methods if (oS.oRequest.headers.HTTPMethod == "GET" || oS.oRequest.headers.HTTPMethod == "POST") //exclude other HTTP Status codes if (oS.oResponse.headers.HTTPResponseStatus == "200 OK" || oS.oResponse.headers.HTTPResponseStatus == "304 Not Modified") { //exclude other MIME responses (allow only text/html) var accept = oS.oRequest.headers.FindAll("Accept"); if (accept != null) { if(accept.Count>0) if (accept[0].Value.Contains("text/html")) { //exclude AJAX if (!oS.oRequest.headers.Exists("X-Requested-With")) { //find the referer for this request var referer = oS.oRequest.headers.FindAll("Referer"); //if no referer then assume this as a new request and display the same if(referer!=null) { //if no referer then assume this as a new request and display the same if (referer.Count > 0) { //lock the sessions Monitor.Enter(oAllSessions); //filter further using the response if (oS.oResponse.MIMEType == string.Empty || oS.oResponse.MIMEType == "text/html") //get all previous sessions with the same process ID this session request if(oAllSessions.FindAll(a=>a.LocalProcessID == oS.LocalProcessID) //get all previous sessions within last second (assuming the new tab opened initiated multiple sessions other than parent) .FindAll(z => (z.Timers.ClientBeginRequest > oS.Timers.ClientBeginRequest.AddSeconds(-1))) //get all previous sessions that belongs to the same port of the current session .FindAll(b=>b.port == oS.port ).FindAll(c=>c.clientIP ==oS.clientIP) //get all previus sessions with the same referrer URL of the current session .FindAll(y => referer[0].Value.Equals(y.fullUrl)) //get all previous sessions with the same host name of the current session .FindAll(m=>m.hostname==oS.hostname).Count==0 ) //if count ==0 that means this is the parent request Console.WriteLine(oS.fullUrl); //unlock sessions Monitor.Exit(oAllSessions); } else Console.WriteLine(oS.fullUrl); } else Console.WriteLine(oS.fullUrl); Console.WriteLine(); } } } } };

    Read the article

  • how to made a "admin-only" for in html page (not view.py),has this method :user.is_superuser ??

    - by zjm1126
    in views.py: @user_passes_test(lambda u: u.is_superuser) def h_view(request): return render_to_response('mytest/news.html',context_instance=RequestContext(request)) but i want to show this page when admin login,and my now page is : <li id="tab_mytest"><a href="{% url mytest_list %}" class="{% block mytest_css_name %}{% endblock %}">{% trans "mytest" %}</a></li> how to change it, has this method :user.is_superuser ?? thanks

    Read the article

  • Who owns forum users or are user grabbers legal?

    - by Eugene
    Hi, I am not very strong in "legal or not" questions so I hope someone can help me here. How legal is the following: I create my forum, then choose a random existing forum (not mine), take a user from that forum (username, avatar, etc) and create an identical account at my forum. I know that this is extremely hard to prove and everything but anyway: how legal are the described actions? Thanks!

    Read the article

  • Can the user take the resource from the iPhone Apps?

    - by Tattat
    I know that the Apple Mac OS .app file is a collection of programs and data. I guest the iPhone is similar in this way. I can unzip a Mac OS .app to find the resource , images using this way. Can the iPhone App do the similar thing? I mean, can the user unzip the iPhone .app to get the resource/ img from that? thz.

    Read the article

  • Can I user a layout on the android to render just part of an image at a time?

    - by gamernb
    I have an image file that has all the character sprites that I will be using in a game, and I want to make a layout that will allow the user to cycle through each image to be able to pick which one they want. So, I have one large image, and I need to render just a small (32 x 32) section of it at a time. Is that possible with the layouts or will I have to use a canvas, and manually do most of this?

    Read the article

  • Possible to lock attribute write access by Doors User?

    - by Philip Nguyen
    Is it possible to programmatically lock certain attributes based on the user? So certain attributes can be written to by User2 and certain attributes cannot be written to by User2. However, User1 may have write access to all attributes. What is the most efficient way of accomplishing this? I have to worry about not taking up too many computational resources, as I would like this to be able to work on quite large modules.

    Read the article

  • android : widget long press & movement handling in user activity.

    - by Puneet kaur
    hi, please suggest me a way to handle widget long press event & its movement in user defined home screen .i.e i have activity whose background handles the long click and then we can choose the approprait widget from the list ,but the problem is that i am not able to implement the long click on widget and its movement in my activity. for code reference see the link below http://www.google.com/support/forum/p/Android+Market/thread?tid=25992cd433e6b826&hl=en thanks

    Read the article

< Previous Page | 264 265 266 267 268 269 270 271 272 273 274 275  | Next Page >