Search Results

Search found 33151 results on 1327 pages for 'www browser'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 271/1327 | < Previous Page | 267 268 269 270 271 272 273 274 275 276 277 278  | Next Page >

  • EXC_BAD_ACCESS in NSURLConnection: how to debug?

    - by baswell
    I have an iPhone app that downloads URLs. (PDFs to display) Easy: self.conn = [NSURLConnection connectionWithRequest:self.request delegate:self]; where self.conn is a retained property. For specific URLs, this throws EXC_BAD_ACCESS. The URL is valid and is constructed in the same way as URLs that do work. (90% of URLs are fine) These ones work: http://www.airservicesaustralia.com/publications/current/ersa/FAC_YARG_11-Mar-2010.pdf http://www.airservicesaustralia.com/publications/current/ersa/FAC_YARK_11-Mar-2010.pdf These don't: http://www.airservicesaustralia.com/publications/current/ersa/FAC_YAMK_11-Mar-2010.pdf http://www.airservicesaustralia.com/publications/current/ersa/FAC_YATN_11-Mar-2010.pdf Spot the difference? Yeah, me neither. Also no difference in response headers from the server for them. To clarify, the ones that work ALWAYS work, the ones that don't NEVER work. So not some random release/retain issue it seems. For the ones that don't work, none of the methods in my delegate are ever called, it fails hard before that. And with no error message, just EXC_BAD_ACCESS. Sooo.... Any way to debug what is going on inside NSURLConnection?

    Read the article

  • Get Youtube Video ID from html code with PHP

    - by asumaran
    I want to get all only youtube video ID from html code look the (or multiple) object/embed code for youtube video // html from database <p>loremm ipsum dolor sit amet enot <a href="link" attribute=""blah blah blah">anchor link</a> </p> <object width="425" height="344"> <param name="movie" value="http://www.youtube.com/v/Ou5eVl5eqtg&hl=es_ES&fs=1&"></param> <param name="allowFullScreen" value="true"></param> <param name="allowscriptaccess" value="always"></param> <embed src="http://www.youtube.com/v/Ou5eVl5eqtg&hl=es_ES&fs=1&" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="425" height="344"> </embed> </object> <image src="path/to/image.ext" > <p>lorem ipsum dolor sit amet... blah</p> <p>lorem ipsum dolor sit amet... blah</p> <object width="425" height="344"> <param name="movie" value="http://www.youtube.com/v/Ou5eVl5eqtg&hl=es_ES&fs=1&"></param> <param name="allowFullScreen" value="true"></param> <param name="allowscriptaccess" value="always"></param> <embed src="http://www.youtube.com/v/Ou5eVl5eqtg&hl=es_ES&fs=1&" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="425" height="344"> </embed> </object> <p>blah</p> blah<br/> blah<br/> blah<br/>

    Read the article

  • SINGLE SIGN ON SECURITY THREAT! FACEBOOK access_token broadcast in the open/clear

    - by MOKANA
    Subsequent to my posting there was a remark made that this was not really a question but I thought I did indeed postulate one. So that there is no ambiquity here is the question with a lead in: Since there is no data sent from Facebook during the Canvas Load process that is not at some point divulged, including the access_token, session and other data that could uniquely identify a user, does any one see any other way other than adding one more layer, i.e., a password, sent over the wire via HTTPS along with the access_toekn, that will insure unique untampered with security by the user? Using Wireshark I captured the local broadcast while loading my Canvas Application page. I was hugely surprised to see the access_token broadcast in the open, viewable for any one to see. This access_token is appended to any https call to the Facebook OpenGraph API. Using facebook as a single click log on has now raised huge concerns for me. It is stored in a session object in memory and the cookie is cleared upon app termination and after reviewing the FB.Init calls I saw a lot of HTTPS calls so I assumed the access_token was always encrypted. But last night I saw in the status bar a call from what was simply an http call that included the App ID so I felt I should sniff the Application Canvas load sequence. Today I did sniff the broadcast and in the attached image you can see that there are http calls with the access_token being broadcast in the open and clear for anyone to gain access to. Am I missing something, is what I am seeing and my interpretation really correct. If any one can sniff and get the access_token they can theorically make calls to the Graph API via https, even though the call back would still need to be the site established in Facebook's application set up. But what is truly a security threat is anyone using the access_token for access to their own site. I do not see the value of a single sign on via Facebook if the only thing that was established as secure was the access_token - becuase for what I can see it clearly is not secure. Access tokens that never have an expire date do not change. Access_tokens are different for every user, to access to another site could be held tight to just a single user, but compromising even a single user's data is unacceptable. http://www.creatingstory.com/images/InTheOpen.png Went back and did more research on this: FINDINGS: Went back an re ran the canvas application to verify that it was not any of my code that was not broadcasting. In this call: HTTP GET /connect.php/en_US/js/CacheData HTTP/1.1 The USER ID is clearly visible in the cookie. So USER_ID's are fully visible, but they are already. Anyone can go to pretty much any ones page and hover over the image and see the USER ID. So no big threat. APP_ID are also easily obtainable - but . . . http://www.creatingstory.com/images/InTheOpen2.png The above file clearly shows the FULL ACCESS TOKEN clearly in the OPEN via a Facebook initiated call. Am I wrong. TELL ME I AM WRONG because I want to be wrong about this. I have since reset my app secret so I am showing the real sniff of the Canvas Page being loaded. Additional data 02/20/2011: @ifaour - I appreciate the time you took to compile your response. I am pretty familiar with the OAuth process and have a pretty solid understanding of the signed_request unpacking and utilization of the access_token. I perform a substantial amount of my processing on the server and my Facebook server side flows are all complete and function without any flaw that I know of. The application secret is secure and never passed to the front end application and is also changed regularly. I am being as fanatical about security as I can be, knowing there is so much I don’t know that could come back and bite me. Two huge access_token issues: The issues concern the possible utilization of the access_token from the USER AGENT (browser). During the FB.INIT() process of the Facebook JavaScript SDK, a cookie is created as well as an object in memory called a session object. This object, along with the cookie contain the access_token, session, a secret, and uid and status of the connection. The session object is structured such that is supports both the new OAuth and the legacy flows. With OAuth, the access_token and status are pretty much al that is used in the session object. The first issue is that the access_token is used to make HTTPS calls to the GRAPH API. If you had the access_token, you could do this from any browser: https://graph.facebook.com/220439?access_token=... and it will return a ton of information about the user. So any one with the access token can gain access to a Facebook account. You can also make additional calls to any info the user has granted access to the application tied to the access_token. At first I thought that a call into the GRAPH had to have a Callback to the URL established in the App Setup, but I tested it as mentioned below and it will return info back right into the browser. Adding that callback feature would be a good idea I think, tightens things up a bit. The second issue is utilization of some unique private secured data that identifies the user to the third party data base, i.e., like in my case, I would use a single sign on to populate user information into my database using this unique secured data item (i.e., access_token which contains the APP ID, the USER ID, and a hashed with secret sequence). None of this is a problem on the server side. You get a signed_request, you unpack it with secret, make HTTPS calls, get HTTPS responses back. When a user has information entered via the USER AGENT(browser) that must be stored via a POST, this unique secured data element would be sent via HTTPS such that they are validated prior to data base insertion. However, If there is NO secured piece of unique data that is supplied via the single sign on process, then there is no way to guarantee unauthorized access. The access_token is the one piece of data that is utilized by Facebook to make the HTTPS calls into the GRAPH API. it is considered unique in regards to BOTH the USER and the APPLICATION and is initially secure via the signed_request packaging. If however, it is subsequently transmitted in the clear and if I can sniff the wire and obtain the access_token, then I can pretend to be the application and gain the information they have authorized the application to see. I tried the above example from a Safari and IE browser and it returned all of my information to me in the browser. In conclusion, the access_token is part of the signed_request and that is how the application initially obtains it. After OAuth authentication and authorization, i.e., the USER has logged into Facebook and then runs your app, the access_token is stored as mentioned above and I have sniffed it such that I see it stored in a Cookie that is transmitted over the wire, resulting in there being NO UNIQUE SECURED IDENTIFIABLE piece of information that can be used to support interaction with the database, or in other words, unless there were one more piece of secure data sent along with the access_token to my database, i.e., a password, I would not be able to discern if it is a legitimate call. Luckily I utilized secure AJAX via POST and the call has to come from the same domain, but I am sure there is a way to hijack that. I am totally open to any ideas on this topic on how to uniquely identify my USERS other than adding another layer (password) via this single sign on process or if someone would just share with me that I read and analyzed my data incorrectly and that the access_token is always secure over the wire. Mahalo nui loa in advance.

    Read the article

  • How to wrtie a XML License Line in C#?

    - by Nano HE
    My want to write a XML file as this: <?xml version="1.0" encoding="UTF-8"?> <Equipment xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <License licenseId="" licensePath="" /> Some piece of my code attached here // Create a new file in D:\\ and set the encoding to UTF-8 XmlTextWriter textWriter = new XmlTextWriter("D:\\books.xml", System.Text.Encoding.UTF8); // Format automatically textWriter.Formatting = Formatting.Indented; // Opens the document textWriter.WriteStartDocument(); // Write the namespace declaration. textWriter.WriteStartElement("books", null); // Write the genre attribute. textWriter.WriteAttributeString("xmlns", "xsd", null, "http://www.w3.org/2001/XMLSchema"); textWriter.WriteAttributeString("xmlns", "xsi", null, "http://www.w3.org/2001/XMLSchema-instance"); And now I need to write the License Line below in C# <License licenseId="" licensePath="" /> But I don't know how to move on for I found the Line ended with the special / .Thank you.

    Read the article

  • How to prevent auto correction / suggestion of text in textarea?

    - by pinky
    We provide a page where a student can provide his answer to a certain question. This information is obtained via an input text area box and we would prefer that the browser doesn't auto correct and indicate grammatical errors on the student responses (e.g. obey is correct but obay is wrong). The browser shows a red underline if there are grammatical mistakes. How do I prevent this across all browsers.

    Read the article

  • Large Table in iFrame crashes IE8

    - by Brian
    I have a page with an iFrame whose source is an ashx page. The handler takes in 3 arguments through the query string and generates a text/html response containing a table. When the table gets 1700 rows it crashes the IE8 browser. The browser freezes and returns a null reference error. If I take the html that is being rendered and place it inside a DIV on the page it renders fine in IE8. Any suggestions?

    Read the article

  • Error when connecting to hello world yesod example on Windows 8

    - by reltone
    I start the executable (after building it with cabal) and it says "Application launched, listening on port 3000." Next I connect to it with my web browser and the console says "threadWaitRead requires -threaded on Windows, or use System.IO.hWaitForInput." The web browser never connects. Not sure what this is actually recommending I do to resolve the problem. {-# LANGUAGE TypeFamilies, QuasiQuotes, MultiParamTypeClasses, TemplateHaskell, OverloadedStrings #-} import Yesod data HelloWorld = HelloWorld mkYesod "HelloWorld" [parseRoutes| / HomeR GET |] instance Yesod HelloWorld getHomeR :: Handler RepHtml getHomeR = defaultLayout [whamlet|Hello World!|] main :: IO () main = warpDebug 3000 HelloWorld

    Read the article

  • Subversion (svn) beginner's questions

    - by Marius
    Hello, Here's what i'm trying to do. I have a project in /var/www/project. I'd like to use svn for this project. I've installed SVN on my debian server for this purpose, but i don't understand how to use it and the googling got me even more confused. I'd like to create a repository /var/svn/project and use it. After some changes occur, i'd like to export all the code back to /var/www/project. Now here's what i've done: i've created a repository: svnadmin create /var/svn/project i've imported the code: svn import /var/www/project file:///var/svn/project -m "Initial import" i've checked out the code with "Versions" client Everything seems to work fine, but ... If i go to /var/svn/project, there are no source files from my project there or in any subdirectory. Although the svn client is able to checkout all of those files. So i've read that in svn, files are not stored separately neither in berkley db nor in fsfs filesystems. Then the question is ... how do i export the source back to /var/www/project? If i do an svn export command on the /var/svn/project directory, it says i'm not in a working copy :(

    Read the article

  • How to manipulate string to delete quotes?

    - by user1751581
    I am trying to manipulate a string so that any quotes (") within <a href> and <\a> get taken out... Sorry if its been asked before but I just can't get it to work! By the way, I am POSTing the data from a form and then manipulating the string. This is basically html but its in the form of a string, and I want to take out quotes on things like images and links... Another thing is, I do not want to escape the quotes because that would break the link... And the whole point is that the html can be used and work fine... But now, something is automatically creating a second set of quotes inside the normal quotes, like this: <a href="\"http://www.example.com/\""></a> Example input would be: <p><a href="http://www.example.com">example</a></p> Heres how it appears when I echo it however: <p><a href=\"http://www.example.com\">example</a></p> Heres how I want it to look: <p><a href="http://www.example.com">example</a></p> So I would actually be trying to get rid of the (/) my bad...

    Read the article

  • How can I use Qt to get html code of this NCBI page??

    - by user308503
    I'm trying to use Qt to download the html code from the following url: http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?db=nucleotide&cmd=search&term=AB100362 this url will re-direct to www.ncbi.nlm.nih.gov/nuccore/27884304 I try to do it by following way, but I cannot get anything. it works for some webpage such as www.google.com, but not for this NCBI page. is there any way to get this page?? QNetworkReply::NetworkError downloadURL(const QUrl &url, QByteArray &data) { QNetworkAccessManager manager; QNetworkRequest request(url); QNetworkReply *reply = manager.get(request); QEventLoop loop; QObject::connect(reply, SIGNAL(finished()), &loop, SLOT(quit())); loop.exec(); if (reply->error() != QNetworkReply::NoError) { return reply->error(); } data = reply->readAll(); delete reply; return QNetworkReply::NoError; } void GetGi() { int pos; QString sGetFromURL = "http://www.ncbi.nlm.nih.gov/entrez/query.fcgi"; QUrl url(sGetFromURL); url.addQueryItem("db", "nucleotide"); url.addQueryItem("cmd", "search"); url.addQueryItem("term", "AB100362"); QByteArray InfoNCBI; int errorCode = downloadURL(url, InfoNCBI); if (errorCode != 0 ) { QMessageBox::about(0,tr("Internet Error "), tr("Internet Error %1: Failed to connect to NCBI.\t\nPlease check your internect connection.").arg(errorCode)); return "ERROR"; } }

    Read the article

  • Using placeholders/variables in a sed command

    - by jesse_galley
    I want to store a specific part of a matched result as a variable to be used for replacement later. I would like to keep this in a one liner instead of finding the variable I need before hand. when configuring apache, and use mod_rewrite, you can specificy specific parts of patterns to be used as variables,like this: RewriteRule ^www.example.com/page/(.*)$ http://www.example.com/page.php?page=$1 [R=301,L] the part of the pattern match that's contained inside the parenthesis is stored as $1 for use later. So if the url was www.example.com/page/home, it would be replaced with www.example.com/page.php?page=home. So the "home" part of the match was saved in $1 because it was the part of the pattern inside the parenthesis. I want something like this functionality with a sed command, I need to automatically replace many strings in a SQL dump file, to add drop table if exist commands before each create table, but I need to know the table name to do this, so if the dump file contains something like: ... CREATE TABLE `orders` ... I need to run something like: cat dump.sql | sed "s/CREATE TABLE `(.*)`/DROP TABLE IF EXISTS $1\N CREATE TABLE `$1`/g" to get the result of: ... DROP TABLE IF EXISTS `orders` CREATE TABLE `orders` ... I'm using the mod_rewrite syntax in the sed command as a logical example of what I'm trying to do. Any suggestions?

    Read the article

  • Does html5 allow desktop execution?

    - by Shawn Mclean
    I want a functionality similiar to Adobe AIR or Silverlight Out of Browser but without the need for downloading plugins. I want the user to be on the site, then click install, javascript takes over and save itself to the local file system where it can then be clicked, then started up in the browser. Similiar to save-file. Html5 will handle the offline execution, etc.

    Read the article

  • problem with include in PHP

    - by EquinoX
    I have a php file called Route.php which is located on: /var/www/api/src/fra/custom/Action and the file I want to include is in: /var/www/api/src/fra/custom/ So what I have inside route php is an absolute path to the two php file I want to include: <?php include '/var/www/api/src/frapi/custom/myneighborlists.php'; include '/var/www/api/src/frapi/custom/mynodes.php'; ............ ........... ?> These two file has an array of large amount of size that I want to use in Route.php. When I do vardump($global) it just returns NULL. What am I missing here? UPDATE: I did an echo on the included file and it prints something, so therefore it is included.. however I can't get access that array... when I do a vardump on the array, it just returns NULL! I did add a global $myarray inside the function in which I want to access the array from the other php file Sample myneighborlists.php: <?php $myarray = array( 1=> array(3351=>179), 2=> array(3264=>172, 3471=>139), 3=> array(3467=>226), 4=> array(3309=>211, 3469=>227), 5=> array(3315=>364, 3316=>144, 3469=>153), 6=> array(3305=>273, 3309=>171), 7=> array(3267=>624, 3354=>465, 3424=>411, 3437=>632), 8=> array(3302=>655, 3467=>212), 9=> array(3305=>216, 3306=>148, 3465=>505), 10=> array(3271=>273, 3472=>254), 11=> array(3347=>273, 3468=>262), 12=> array(3310=>237, 3315=>237)); ?>

    Read the article

  • downloading security related problem in php

    - by pareek-rohit
    hi i have to upload a video.but i want to gives permission only authenticate user to download .but i have a problem in that.because if any body type the video detail in browser.(ex http://sitename/folder_name/videoname) then browser download that video.but i don't want this .please suggest me how can i resolve this problem.either i should generate the video name randomly or make a temporary folder in which video reside only for specific time,after this video will be delete. Or if any other ideas you have please let me know Thanks in advance

    Read the article

  • Replace an embed or iframe youtube video by an tumbnail + link to vídeo.

    - by Evel
    I need an javascript that can be placed on header that recognizes an youtube embed or iframe player and replaces it by a tumbnail linked to the vídeo on youtube. The script should identifies an code like this ones: <object width="560" height="340"><param name="movie" value="http://www.youtube.com/v/J4oJWUJpbLY?fs=1&amp;hl=pt_BR&amp;hd=1&amp;color1=0x5d1719&amp;color2=0xcd311b"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/J4oJWUJpbLY?fs=1&amp;hl=pt_BR&amp;hd=1&amp;color1=0x5d1719&amp;color2=0xcd311b" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="560" height="340"></embed></object> <iframe title="YouTube video player" class="youtube-player" type="text/html" width="560" height="345" src="http://www.youtube.com/embed/J4oJWUJpbLY?hd=1" frameborder="0"></iframe> And replace by it: <a href="http://www.youtube.com/watch?v=n1VCUF2xqKk" target="_blank"><img src="http://img.youtube.com/vi/n1VCUF2xqKk/default.jpg" alt="" /></a> Look that the variable is the video ID. It is possible?

    Read the article

  • SVG rotate deletes Elemets

    - by user1468661
    I'm trying to generate svg-Code in a web-application. Here's an example output: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"> <svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:ev="http://www.w3.org/2001/xml-events" version="1.1" baseProfile="full" width="1000px" height="600px"> <rect x="147.50198255352893" y="109.43695479777953" width="15.860428231562253" height="295.79698651863595" stroke="rgb(0,0,0)" fill="rgb(255,255,255)" stroke-width="3" transform="rotate(20 155.43219666931006 257.3354480570975)"/> <rect x="163.36241078509119" y="405.2339413164155" width="379.85725614591587" height="-23.79064234734335" stroke="rgb(0,0,0)" fill="rgb(255,255,255)" stroke-width="3" transform="rotate(20 353.2910388580491 393.3386201427438)"/> <rect x="543.219666931007" y="381.44329896907215" width="22.204599524187188" height="-353.6875495638382" stroke="rgb(0,0,0)" fill="rgb(255,255,255)" stroke-width="3" transform="rotate(20 554.3219666931006 204.59952418715304)"/> </svg> There should be three rotated Rectangles, but somehow in Chrome, Safari, and Inkscape only one of them is displayed. I did google and have no clue what is wrong. Thx for your help.

    Read the article

  • ASP C# How to handle large files from database?

    - by Martijn
    In my web application I am working with files. Some files are very large. I use Response.Write() to write the file to the browser. This goes well for the smaller files, but for large files this can take a while and the bandfwith is fully used. My question is, is it possible to split large documents and send it piece by piece to the browser? I hold the document as a property of an object.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 267 268 269 270 271 272 273 274 275 276 277 278  | Next Page >