Search Results

Search found 1491 results on 60 pages for 'tea with cookies'.

Page 28/60 | < Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >

  • Chemical alternatives to caffeine / coffee for mental clarity and alertness? [on hold]

    - by einsteinx2
    Currently I drink about 2 cups of coffee or tea a day (one in the morning and one in the afternoon usually). However I'm very sensitive to stimulants and drinking caffeine regularly keeps my resting heart rate really high, causes occasional heart palpitations, and sometimes trouble sleeping. I've tried going without coffee, and while I can do it, I have trouble concentrating at work and even just enjoying my work. I'm borderline ADD (or possibly full on ADD, but haven't been checked). And I tend to lose focus easily if I don't have some coffee or tea in me. For health reasons, I'd like to cut it out completely, but when I do my work performance seriously suffers. I already work out (cardio and/or weight lifting) 5 - 6 days a week, and get an average of about 8 hours of sleep, but I still can't focus throughout the day without caffeine. Are there any over the counter chemical or supplement alternatives for mental clarity that you've used with success don't cause the additional unwanted physical side effects that come with regular stimulants like caffeine?

    Read the article

  • Trying to read FormsAuthentication tickets to read in other areas of site

    - by Pasha Aryana
    Hi, NOTE: I have included 3 links in here to my localhost areas but could not submit the post so I seperetaed them with a space character so it would post on stackoverflow. I currently have 2 ASP.NET MVC apps in my solution. First I run the first one by setting it to be startup project. It goes to the login page, from there once the data has been entered I execute the following code: var authTicket = new FormsAuthenticationTicket(1, login.LoginDataContract.MSISDN, DateTime.Now, DateTime.Now.AddMinutes(Convert.ToDouble("30")), true, ""); string cookieContents = FormsAuthentication.Encrypt(authTicket); var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, cookieContents) { Expires = authTicket.Expiration, //Path = FormsAuthentication.FormsCookiePath //Path = "http://localhost" Domain = "" }; if (System.Web.HttpContext.Current != null) { System.Web.HttpContext.Current.Response.Cookies.Add(cookie); } As you can see I have set the Domain = "", so theoretically speaking it should work on any thing under my http: //localhost. Then I have set the persist security of the cookie to true so I can access it from any where under localhost. The cookie writes fine and I get logged in and all godd for now. BTW the url for this login page is: http //localhost/MyAccount/Login Now then I stop the solution and set the other MVC apps to be the startup. Then I run it. The URL for the second site is: http: //localhost/WebActivations/ Here is the code in the other apps start controller: public class HomeController : Controller { public ActionResult Index() { ViewData["Message"] = "Welcome to ASP.NET MVC!"; // PASHA: Added code to read the authorization cookie set at // login in MyAccount *.sln for (int i = 0; i < System.Web.HttpContext.Current.Request.Cookies.Count;i++) { Response.Write(System.Web.HttpContext.Current.Request.Cookies[i].Name + " " + System.Web.HttpContext.Current.Request.Cookies[i].Value); } HttpCookie authorizationCookie = System.Web.HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName.ToString()]; // decrypt. FormsAuthenticationTicket authorizationForm = FormsAuthentication.Decrypt(authorizationCookie.Value); ViewData["Message"] = authorizationForm.UserData[0].ToString(); return View(); } public ActionResult About() { return View(); } The problem is in this Home controller when I run the solution it cannot read the authentication cookie, you see the loop there it does not find the .ASPXAUTH cookie. But once it crashes in Firefox I have a look in the Page Info and then security and Cookies and its there and its the same cookie. What am I doing wrong?

    Read the article

  • Setting Path and Expiration for session cookie in asp.net

    - by Sergej Andrejev
    Anything I have tried didn't work. Currenly I have following code to change asp.net session cookie expiration date and path, but asp doesn't want to listen to me. I sends same cookie in Set-Cookie header two times sometimes, sometimes it sends it's default cookie ignoring path and expiration date, sometimes it sends everything as expected, and sometimes it doesn't send Set-Cookie at all. What should I do. This drives me nuts :( My code in Global.asax protected void Application_PreRequestHandlerExecute(Object sender, EventArgs e) { /// only apply session cookie persistence to requests requiring session information if (Context.Handler is IRequiresSessionState || Context.Handler is IReadOnlySessionState) { var sessionState = ConfigurationManager.GetSection("system.web/sessionState") as SessionStateSection; var cookieName = sessionState != null && !string.IsNullOrEmpty(sessionState.CookieName) ? sessionState.CookieName : "ASP.NET_SessionId"; var timeout = sessionState != null ? sessionState.Timeout : TimeSpan.FromMinutes(20); /// Ensure ASP.NET Session Cookies are accessible throughout the subdomains. if (Request.Cookies[cookieName] != null && Session != null && Session.SessionID != null) { Response.Cookies[cookieName].Value = Session.SessionID; Response.Cookies[cookieName].Path = Request.ApplicationPath; Response.Cookies[cookieName].Expires = DateTime.Now.Add(timeout); } } }

    Read the article

  • Setting dijit.Tree cookie for all pages

    - by peirix
    I'm using the same dijit.Tree view over several pages in our application, and I'd like to have the cookie saved for the server name, instead of the folder name. Right now I've got 3 pages and 3 cookies, which each hold their own information on the state of the Tree, which is kinda annoying. Any ways to accomplish this? The only thing I've found on cookies in the API, is that I can set the cookieName and turn cookies on/off.

    Read the article

  • Help on Removal of Dynamically Created sprites.

    - by Brrr Ice Tea
    import flash.display.Sprite; import flash.net.URLLoader; var index:int = 0; var constY = 291; var constW = 2; var constH = 40; hydrogenBtn.label = "Hydrogen"; heliumBtn.label = "Helium"; lithiumBtn.label = "Lithium"; hydrogenBtn.addEventListener (MouseEvent.CLICK, loadHydrogen); heliumBtn.addEventListener (MouseEvent.CLICK, loadHelium); lithiumBtn.addEventListener (MouseEvent.CLICK, loadLithium); var myTextLoader:URLLoader = new URLLoader(); myTextLoader.addEventListener(Event.COMPLETE, onLoaded); function loadHydrogen (event:Event):void { myTextLoader.load(new URLRequest("hydrogen.txt")); } function loadHelium (event:Event):void { myTextLoader.load(new URLRequest("helium.txt")); } function loadLithium (event:Event):void { myTextLoader.load(new URLRequest("lithium.txt")); } var DataSet:Array = new Array(); var valueRead1:String; var valueRead2:String; function onLoaded(event:Event):void { var rawData:String = event.target.data; for(var i:int = 0; i<rawData.length; i++){ var commaIndex = rawData.search(","); valueRead1 = rawData.substr(0,commaIndex); rawData = rawData.substr(commaIndex+1, rawData.length+1); DataSet.push(valueRead1); commaIndex = rawData.search(","); if(commaIndex == -1) {commaIndex = rawData.length+1;} valueRead2 = rawData.substr(0,commaIndex); rawData = rawData.substr(commaIndex+1, rawData.length+1); DataSet.push(valueRead2); } generateMask_Emission(DataSet); } function generateMask_Emission(dataArray:Array):void{ var spriteName:String = "Mask"+index; trace(spriteName); this[spriteName] = new Sprite(); for (var i:int=0; i<dataArray.length; i+=2){ this[spriteName].graphics.beginFill(0x000000, dataArray[i+1]); this[spriteName].graphics.drawRect(dataArray[i],constY,constW, constH); this[spriteName].graphics.endFill(); } addChild(this[spriteName]); index++; } Hi, I am relatively new to flash and action script as well and I am having a problem getting the sprite to be removed after another is called. I am making emission spectrum's of 3 elements by dynamically generating the mask over a picture on the stage. Everything works perfectly fine with the code I have right now except the sprites stack on top of each other and I end up with bold lines all over my picture instead of a new set of lines each time i press a button. I have tried using try/catch to remove the sprites and I have also rearranged the entire code from what is seen here to make 3 seperate entities (hoping I could remove them if they were seperate variables) instead of 2 functions that handle the whole process. I have tried everything to the extent of my knowledge (which is pretty minimal @ this point) any suggestions? Thanks ahead of time!

    Read the article

  • ASP.NET - What happens when a HttpCookie expiration has been crossed

    - by user70192
    Hello, I am creating some cookies in my ASP.NET application. These cookies expire 10 minutes after they have been created. I follow the approach described on MSDN as shown here: http://msdn.microsoft.com/en-us/library/system.web.httpcookie.expires.aspx My question is, when a cookie "expires", what happens? Does the browser automatically delete the cookie? Is it our responsibility as developers to remove the cookies if they exist and have expired? Thank you,

    Read the article

  • Event handle in drop-down menu.

    - by QLiu
    Hello fellows, I am trying to develop a dynamic drop down menu by a customized widget style The custom widget has two main features: Read user's location cookies variable to set the proper contact phone number in the CP pages When users select on the drop down menu, it triggers onChange event, it re-select the contact phone number based on users' selections, but it won't reset the location cookies. My widgets conatins two files: Controller.php: Simply one, it uses to handle get cookies variables class serial extends Widget { function __construct() { parent::__construct(); } function generateWidgetInformation() { $this->info['notes'] = "Serial Number search Box"; } function getData() { //Get cookies code will go here, and pass to view.php $this->data['locale'] = 'gb';// for test purpose now } } view.php is about Presentation layer contains HTML, which get the data from my controller <div style="border: 1px solid black; display: block;" id="<?=$this->instanceID;?>"></div> <script>locale2contact('<?=$this->data['locale']?>', '<?=$this->instanceID;?>');</script> And then the Javascript function, call locale2contact var element_id =''; //Define Global Variables, //Receive the cookies locale, and instance id from view.php function locale2contact(locale, instance_id) { var details = ''; this.element_id=instance_id; //assing the instance id into global variable // alert(instance_id); //Check whether we got the instance id from view files if (locale == 'gb') details = 'UK Contact Details<br>' + build_dropdown(locale); else if (locale == 'fr') details = 'French Contact Details<br>'+build_dropdown(locale); else if (locale == 'be') details = 'Belgian Contact Details<br>'+ build_dropdown(locale); else details = 'Unknown Contact Detail'; writeContactInfo(details); } //Build the drop down menu with pre-selected option by using cookies. function build_dropdown(locale) { var dropdown = '<select onChange=changeContactInfo(this.options[selectedIndex].text)>'; dropdown += '<option' + (locale == 'gb' ? ' selected' : '') + '>UK</option>'; dropdown += '<option' + (locale == 'be' ? ' selected' : '') + '>Belgium</option>'; dropdown += '</select>'; return dropdown; } // Not smart way in here, once the people select the drop down box, it reselect the drop down menu and reset the contact info function changeContactInfo(selected) { var details =''; //alert(this.element_id); //alert(locale); if (selected == 'UK') details = 'UK Contact Details<br>' + build_dropdown2(selected); else if (selected == 'fr') details = 'French Contact Details<br>'+ build_dropdown2(selected); else if (selected == 'Belgium') details = 'Belgian Contact Details<br>'+ build_dropdown2(selected); else details = 'Unknown Contact Detail'; writeContactInfo(details); } //Build the drop down menu function build_dropdown2(selected) { var dropdown = '<select onChange=changeContactInfo(this.options[selectedIndex].text)>'; dropdown += '<option' + (selected == 'UK' ? ' selected' : '') + '>UK</option>'; dropdown += '<option' + (selected == 'Belgium' ? ' selected' : '') + '>Belgium</option>'; dropdown += '</select>'; return dropdown; } //Back to view function writeContactInfo(details) { document.getElementById(this.element_id).innerHTML = details; //update the instance field in view } Javascript function is not efficient. As you see, I got two similar duplicate functions to handle events. Users go to the page, the widget read the cookies variable to display contact info (locale2contact)and preselect the drop-down menu (function build_dropdown) If users select the drop down menu, the displya contact info change (function changeContactInfo), and then I need to rebuild the drop down menu with user previously selection (function build_dropdown2). I am looking for best practices for adding this functionality to RightNow widget. Thank you. I really do not like the way i am doing now. It works; but the code looks bad.

    Read the article

  • How can I check for missing references in VB.NET?

    - by Tea With Cookies
    I need to check if all the references in a project exist to avoid possible errors but I can't find anywhere how to do it in VB.NET. I can do it in VBA like this: Dim vbProj As VBProject Dim chkRef As Reference Set vbProj = ThisWorkbook.VBProject For Each chkRef In vbProj.References If chkRef.IsBroken Then Debug.Print chkRef.Name " reference doesn't exist!" End If Next How do I accomplish this in VB.NET?

    Read the article

  • How to clear a cookie programatically?

    - by peter
    Hi All, I am using silverlight unit tests to test an important part of our site. Is it possible to clear cookies before each unit test runs? The problem is that if I do this, HtmlPage.Document.Cookies = ""; It doesn't work. If the cookie already was this, key = value I can do this, HtmlPage.Document.Cookies = "key="; It kind of clears it out, but the string "key" is still part of the cookie. Any ideas? Are there any other classes in .NET that deal with cookies? The functionality seems quite limited when I am dealing with more complicated scenarios.

    Read the article

  • PHP curl post to login to wordpress

    - by Sbad
    I am using php curl to login to wordpress behind-the-scenes as described here: Wordpress autologin using CURL or fsockopen in PHP However my script is not setting the cookies necessary to retain the wordpress session. Instead they are being sent back to my script and stored in cookies.txt. Both the curl script and the wordpress login are on the same server in different directories. Do I need to write another curl script to manually set the wordpress cookies? Is that possible?

    Read the article

  • How to set up secure cookie on weblogic server

    - by adejuanc
    WebLogic Server allows a user to securely access HTTPS resources in a session that was initiated using HTTP, without loss of session data. To enable this feature, add AuthCookieEnabled="true" to the WebServer element in config.xml: <WebServer Name="myserver" AuthCookieEnabled="true"/>Setting AuthCookieEnabled to true, which is the default setting, causes the WebLogic Server instance to send a new secure cookie, _WL_AUTHCOOKIE_JSESSIONID, to the browser when authenticating via an HTTPS connection. Once the secure cookie is set, the session is allowed to access other security-constrained HTTPS resources only if the cookie is sent from the browser.Thus, WebLogic Server uses two cookies: the JSESSIONID cookie and the _WL_AUTHCOOKIE_JSESSIONID cookie. By default, the JSESSIONID cookie is never secure, but the _WL_AUTHCOOKIE_JSESSIONID cookie is always secure. A secure cookie is only sent when an encrypted communication channel is in use. Assuming a standard HTTPS login (HTTPS is an encrypted HTTP connection), your browser gets both cookies.For subsequent HTTP access, you are considered authenticated if you have a valid JSESSIONID cookie, but for HTTPS access, you must have both cookies to be considered authenticated. If you only have the JSESSIONID cookie, you must re-authenticate.To configure on Admin Console : Log into WebLogic Admin Console. Under Domain Structure, press click on <domainname> Select the "Web Applications" tab Select "Lock and Edit" in change center. Click on  "Auth Cookie Enabled" checkbox. Restart to confirm changes. Test an application and view the cookie which got stored as "JSESSIONID" To Configure the Web application's weblogic-application.xml file: Run the following to extract the file from the web application's weblogic-application.xml: $PATH_JDK_HOME\binjar -xvf easy-web-examples.ear META-INF/weblogic-application.xml Add <cookie-secure>true</cookie-secure> between <session-descriptor> </session-descriptor> to the weblogic-application.xml. Run the following to repackage the file to the application: $PATH_JDK_HOME\bin\jar -uvf easy-web-examples.ear META-INF/weblogic-application.xml Deploy the application into WebLogic For further information, please read the documentation on "Using Secure Cookies to Prevent Session Stealing " : http://download.oracle.com/docs/cd/E12840_01/wls/docs103/security/thin_client.html#wp1053780

    Read the article

  • What are some best practices for cookie based web authentication?

    - by rdasxy
    I'm working on a small side project using CGI and Python (scalability is not an issue and it needs to be a VERY simple system. I was thinking of implementing authentication using cookies, and was wondering if there were any established best practices. When the user successfully authenticates, I want to use cookies to figure out who is logged on. What, according to the best practices, should be stored in such a cookie?

    Read the article

  • How can I screen clients that try to register multiple times?

    - by Aba Dov
    My company offers a bonus to every client that register. We would like to prevent people from abusing this by registering several times. we thought about filtering clients by ip (there is a problem with workplaces where all stations have the same ip) cookies (if cookies are not allowed we might lose a client) I would like your opinions on these two methods and will be glad to hear about new ones. thanks

    Read the article

  • Serving images from different domain

    - by Tom Gullen
    Google audit: Serve static content from a cookieless domain (15) 2.65KB of cookies were sent with the following static resources. Serve these static resources from a domain that does not set cookies: If my domain is widgets.com, should I set up a img.widgets.com that servers these resources? How beneficial is this? Edit I setup img.widgets.com to serve images from, and changed all images to this URL. But I still get that message?

    Read the article

  • Website cookie scanner

    - by user359650
    I'm in charge of a relatively big corporate website (circa 95K pages) and need to perform a cookie audit. I can see cookies issued on a per-page basis with Chrome or Firefox console, but given the amount of pages I need a tool to automate the process. I tried to google for website cookie scanner but my search was unfruitful and found: either online tools which only scan the home page paid services (ex1, ex2) Does any of you know about a tool to scan an entire website and generate a report showing which cookies are being used and which page set them?

    Read the article

  • A working Python AIM/Oscar bot

    - by Cookies
    I've tried everything and haven't got an AIM bot to work, I've tried on two servers and they all return this error: "struct.error: unpack requires a string argument of length 10" List includes: pyaimt oscar demo w/ twisted words howie larvotto None of them work, does anyone know where to find a good example bot?

    Read the article

  • Why is Varnish not caching?

    - by Justin
    I am troubleshooting the setup of Varnish 3.x on my Ubuntu server. I'm running Drupal 7 on two sites set up on the box, via named-based vhosts. Before trying to get Varnish to play nice with Drupal I'm trying to just get Varnish to a PNG from cache. Here are the headers I get from a curl -I request of the PNG file: HTTP/1.1 200 OK Server: Apache/2.2.22 (Ubuntu) Last-Modified: Sun, 07 Oct 2012 21:18:59 GMT ETag: "a57c2-3850-4cb7ea73db6c0" Accept-Ranges: bytes Content-Length: 14416 Cache-Control: max-age=1209600 Expires: Thu, 25 Oct 2012 22:55:14 GMT Content-Type: image/png Accept-Ranges: bytes Date: Thu, 11 Oct 2012 22:55:14 GMT X-Varnish: 1766703058 Age: 0 Via: 1.1 varnish Connection: keep-alive X-Varnish-Cache: MISS Here is the Varnish VCL file I'm using (It's a default VCL configuration designed for Drupal): # Default backend definition. Set this to point to your content # server. # backend default { .host = "127.0.0.1"; .port = "8080"; } # Respond to incoming requests. sub vcl_recv { # Use anonymous, cached pages if all backends are down. if (!req.backend.healthy) { unset req.http.Cookie; } # Allow the backend to serve up stale content if it is responding slowly. set req.grace = 6h; # Pipe these paths directly to Apache for streaming. #if (req.url ~ "^/admin/content/backup_migrate/export") { # return (pipe); #} # Do not cache these paths. if (req.url ~ "^/status\.php$" || req.url ~ "^/update\.php$" || req.url ~ "^/admin$" || req.url ~ "^/admin/.*$" || req.url ~ "^/flag/.*$" || req.url ~ "^.*/ajax/.*$" || req.url ~ "^.*/ahah/.*$") { return (pass); } # Do not allow outside access to cron.php or install.php. #if (req.url ~ "^/(cron|install)\.php$" && !client.ip ~ internal) { # Have Varnish throw the error directly. # error 404 "Page not found."; # Use a custom error page that you've defined in Drupal at the path "404". # set req.url = "/404"; #} # Always cache the following file types for all users. This list of extensions # appears twice, once here and again in vcl_fetch so make sure you edit both # and keep them equal. if (req.url ~ "(?i)\.(pdf|asc|dat|txt|doc|xls|ppt|tgz|csv|png|gif|jpeg|jpg|ico|swf|css|js)(\?.*)?$") { unset req.http.Cookie; } # Remove all cookies that Drupal doesn't need to know about. We explicitly # list the ones that Drupal does need, the SESS and NO_CACHE. If, after # running this code we find that either of these two cookies remains, we # will pass as the page cannot be cached. if (req.http.Cookie) { # 1. Append a semi-colon to the front of the cookie string. # 2. Remove all spaces that appear after semi-colons. # 3. Match the cookies we want to keep, adding the space we removed # previously back. (\1) is first matching group in the regsuball. # 4. Remove all other cookies, identifying them by the fact that they have # no space after the preceding semi-colon. # 5. Remove all spaces and semi-colons from the beginning and end of the # cookie string. set req.http.Cookie = ";" + req.http.Cookie; set req.http.Cookie = regsuball(req.http.Cookie, "; +", ";"); set req.http.Cookie = regsuball(req.http.Cookie, ";(SESS[a-z0-9]+|SSESS[a-z0-9]+|NO_CACHE)=", "; \1="); set req.http.Cookie = regsuball(req.http.Cookie, ";[^ ][^;]*", ""); set req.http.Cookie = regsuball(req.http.Cookie, "^[; ]+|[; ]+$", ""); if (req.http.Cookie == "") { # If there are no remaining cookies, remove the cookie header. If there # aren't any cookie headers, Varnish's default behavior will be to cache # the page. unset req.http.Cookie; } else { # If there is any cookies left (a session or NO_CACHE cookie), do not # cache the page. Pass it on to Apache directly. return (pass); } } } # Set a header to track a cache HIT/MISS. sub vcl_deliver { if (obj.hits > 0) { set resp.http.X-Varnish-Cache = "HIT"; } else { set resp.http.X-Varnish-Cache = "MISS"; } } # Code determining what to do when serving items from the Apache servers. # beresp == Back-end response from the web server. sub vcl_fetch { # We need this to cache 404s, 301s, 500s. Otherwise, depending on backend but # definitely in Drupal's case these responses are not cacheable by default. if (beresp.status == 404 || beresp.status == 301 || beresp.status == 500) { set beresp.ttl = 10m; } # Don't allow static files to set cookies. # (?i) denotes case insensitive in PCRE (perl compatible regular expressions). # This list of extensions appears twice, once here and again in vcl_recv so # make sure you edit both and keep them equal. if (req.url ~ "(?i)\.(pdf|asc|dat|txt|doc|xls|ppt|tgz|csv|png|gif|jpeg|jpg|ico|swf|css|js)(\?.*)?$") { unset beresp.http.set-cookie; } # Allow items to be stale if needed. set beresp.grace = 6h; } # In the event of an error, show friendlier messages. sub vcl_error { # Redirect to some other URL in the case of a homepage failure. #if (req.url ~ "^/?$") { # set obj.status = 302; # set obj.http.Location = "http://backup.example.com/"; #} # Otherwise redirect to the homepage, which will likely be in the cache. set obj.http.Content-Type = "text/html; charset=utf-8"; synthetic {" <html> <head> <title>Page Unavailable</title> <style> body { background: #303030; text-align: center; color: white; } #page { border: 1px solid #CCC; width: 500px; margin: 100px auto 0; padding: 30px; background: #323232; } a, a:link, a:visited { color: #CCC; } .error { color: #222; } </style> </head> <body onload="setTimeout(function() { window.location = '/' }, 5000)"> <div id="page"> <h1 class="title">Page Unavailable</h1> <p>The page you requested is temporarily unavailable.</p> <p>We're redirecting you to the <a href="/">homepage</a> in 5 seconds.</p> <div class="error">(Error "} + obj.status + " " + obj.response + {")</div> </div> </body> </html> "}; return (deliver); } I'm getting a MISS and age 0 every time. If I'm understanding correctly, this means the file isn't being returned from Varnish's cache. Is there a problem with my Varnish config?

    Read the article

  • Google Chrome doesn't stay logged in to Google sites when using pinned tabs

    - by Nick T
    Despite checking "stay logged in" or the like on Gmail or Docs, Chrome refuses to do so when I close and re-open it with Google sites pinned. If they're not pinned, it works fine. The "Clear cookies and other site and plug-in data when I close my browser" checkbox in the settings is not checked, and I don't have any cookie exceptions. All settings are defaults. Nor is the incognito mode being used. This occurs on all my computers using Chrome. I have deleted my cookies file (%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cookies) with no effect (other than losing the logins that ordinarly work fine). Of note is that when I relaunch Chrome with Gmail pinned and it asks me to log in, doing so once will fail (does nothing; no errors), then it will work on the second attempt. If I refresh the window before doing so, it will work on the first attempt.

    Read the article

  • Beware: Upgrade to ASP.NET MVC 2.0 with care if you use AntiForgeryToken

    - by James Crowley
    If you're thinking of upgrading to MVC 2.0, and you take advantage of the AntiForgeryToken support then be careful - you can easily kick out all active visitors after the upgrade until they restart their browser. Why's this?For the anti forgery validation to take place, ASP.NET MVC uses a session cookie called "__RequestVerificationToken_Lw__". This gets checked for and de-serialized on any page where there is an AntiForgeryToken() call. However, the format of this validation cookie has apparently changed between MVC 1.0 and MVC 2.0. What this means is that when you make to switch on your production server to MVC 2.0, suddenly all your visitors session cookies are invalid, resulting in calls to AntiForgeryToken() throwing exceptions (even on a standard GET request) when de-serializing it: [InvalidCastException: Unable to cast object of type 'System.Web.UI.Triplet' to type 'System.Object[]'.]   System.Web.Mvc.AntiForgeryDataSerializer.Deserialize(String serializedToken) +104[HttpAntiForgeryException (0x80004005): A required anti-forgery token was not supplied or was invalid.]   System.Web.Mvc.AntiForgeryDataSerializer.Deserialize(String serializedToken) +368   System.Web.Mvc.HtmlHelper.GetAntiForgeryTokenAndSetCookie(String salt, String domain, String path) +209   System.Web.Mvc.HtmlHelper.AntiForgeryToken(String salt, String domain, String path) +16   System.Web.Mvc.HtmlHelper.AntiForgeryToken() +10  <snip> So you've just kicked all your active users out of your site with exceptions until they think to restart their browser (to clear the session cookies). The only work around for now is to either write some code that wipes this cookie - or disable use of AntiForgeryToken() in your MVC 2.0 site until you're confident all session cookies will have expired. That in itself isn't very straightforward, given how frequently people tend to hibernate/standby their machines - the session cookie will only clear once the browser has been shut down and re-opened. Hope this helps someone out there!

    Read the article

  • How to login to wordpress programmatically?

    - by T-Rex
    I need to perform some action in wordpress admin panel programmatically but can't manage how to login to Wordpress using C# and HttpWebRequest. Here is what I do: private void button1_Click(object sender, EventArgs e) { string url = "http://localhost/wordpress/wp-login.php"; HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url); CookieContainer cookies = new CookieContainer(); SetupRequest(url, request, cookies); //request.Accept = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"; //request.Headers["Accept-Language"] = "uk,ru;q=0.8,en-us;q=0.5,en;q=0.3"; //request.Headers["Accept-Encoding"] = "gzip,deflate"; //request.Headers["Accept-Charset"] = "windows-1251,utf-8;q=0.7,*;q=0.7"; string user = "test"; string pwd = "test"; request.Credentials = new NetworkCredential(user, pwd); string data = string.Format( "log={0}&pwd={1}&wp-submit={2}&testcookie=1&redirect_to={3}", user, pwd, System.Web.HttpUtility.UrlEncode("Log In"), System.Web.HttpUtility.UrlEncode("http://localhost/wordpress/wp-admin/")); SetRequestData(request, data); ShowResponse(request); } private static void SetupRequest(string url, HttpWebRequest request, CookieContainer cookies) { request.CookieContainer = cookies; request.UserAgent = "Mozilla/5.0 (Windows; U; Windows NT 6.0; uk; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2 (.NET CLR 3.5.30729)"; request.KeepAlive = true; request.Timeout = 120000; request.Method = "POST"; request.Referer = url; request.ContentType = "application/x-www-form-urlencoded"; } private void ShowResponse(HttpWebRequest request) { HttpWebResponse response = (HttpWebResponse)request.GetResponse(); responseTextBox.Text = (((HttpWebResponse)response).StatusDescription); responseTextBox.Text += "\r\n"; StreamReader reader = new StreamReader(response.GetResponseStream()); responseTextBox.Text += reader.ReadToEnd(); } private static void SetRequestData(HttpWebRequest request, string data) { byte[] streamData = Encoding.ASCII.GetBytes(data); request.ContentLength = streamData.Length; Stream dataStream = request.GetRequestStream(); dataStream.Write(streamData, 0, streamData.Length); dataStream.Close(); } But unfortunately in responce I get only HTML source code of login page and it seems that cookies don't contain session ID. All requests which I perform after that code also return HTML source of login page so I can assume that it does not login correctly. Can anybody help me to solve that problem or give working example? Main thing which I want to achieve is scanning for new images in Nextgen Gallery plugin for Wordpress. Is there XML-RPC way of doing that? Thanks in advance.

    Read the article

  • Authorizing a computer to access a web application

    - by HackedByChinese
    I have a web application, and am tasked with adding secure sign-on to bolster security, akin to what Google has added to Google accounts. Use Case Essentially, when a user logs in, we want to detect if the user has previously authorized this computer. If the computer has not been authorized, the user is sent a one-time password (via email, SMS, or phone call) that they must enter, where the user may choose to remember this computer. In the web application, we will track authorized devices, allowing users to see when/where they logged in from that device last, and deauthorize any devices if they so choose. We require a solution that is very light touch (meaning, requiring no client-side software installation), and works with Safari, Chrome, Firefox, and IE 7+ (unfortunately). We will offer x509 security, which provides adequate security, but we still need a solution for customers that can't or won't use x509. My intention is to store authorization information using cookies (or, potentially, using local storage, degrading to flash cookies, and then normal cookies). At First Blush Track two separate values (local data or cookies): a hash representing a secure sign-on token, as well as a device token. Both values are driven (and recorded) by the web application, and dictated to the client. The SSO token is dependent on the device as well as a sequence number. This effectively allows devices to be deauthorized (all SSO tokens become invalid) and mitigates replay (not effectively, though, which is why I'm asking this question) through the use of a sequence number, and uses a nonce. Problem With this solution, it's possible for someone to just copy the SSO and device tokens and use in another request. While the sequence number will help me detect such an abuse and thus deauthorize the device, the detection and response can only happen after the valid device and malicious request both attempt access, which is ample time for damage to be done. I feel like using HMAC would be better. Track the device, the sequence, create a nonce, timestamp, and hash with a private key, then send the hash plus those values as plain text. Server does the same (in addition to validating the device and sequence) and compares. That seems much easier, and much more reliable.... assuming we can securely negotiate, exchange, and store private keys. Question So then, how can I securely negotiate a private key for authorized device, and then securely store that key? Is it more possible, at least, if I settle for storing the private key using local storage or flash cookies and just say it's "good enough"? Or, is there something I can do to my original draft to mitigate the vulnerability I describe?

    Read the article

  • What am I missing in this ASP.NET XSS Security Helper class?

    - by smartcaveman
    I need a generic method for preventing XSS attacks in ASP.NET. The approach I came up with is a ValidateRequest method that evaluates the HttpRequest for any potential issues, and if issues are found, redirect the user to the same page, but in a away that is not threatening to the application. (Source code below) While I know this method will prevent most XSS attacks, I am not certain that I am adequately preventing all possible attacks while also minimizing false positives. So, what is the most effective way to adequately prevent all possible attacks, while minimizing false positives? Are there changes I should make to the helper class below, or is there an alternative approach or third party library that offers something more convincing? public static class XssSecurity { public const string PotentialXssAttackExpression = "(http(s)*(%3a|:))|(ftp(s)*(%3a|:))|(javascript)|(alert)|(((\\%3C) <)[^\n]+((\\%3E) >))"; private static readonly Regex PotentialXssAttackRegex = new Regex(PotentialXssAttackExpression, RegexOptions.IgnoreCase); public static bool IsPotentialXssAttack(this HttpRequest request) { if(request != null) { string query = request.QueryString.ToString(); if(!string.IsNullOrEmpty(query) && PotentialXssAttackRegex.IsMatch(query)) return true; if(request.HttpMethod.Equals("post", StringComparison.InvariantCultureIgnoreCase)) { string form = request.Form.ToString(); if (!string.IsNullOrEmpty(form) && PotentialXssAttackRegex.IsMatch(form)) return true; } if(request.Cookies.Count > 0) { foreach(HttpCookie cookie in request.Cookies) { if(PotentialXssAttackRegex.IsMatch(cookie.Value)) { return true; } } } } return false; } public static void ValidateRequest(this HttpContext context, string redirectToPath = null) { if(context == null || !context.Request.IsPotentialXssAttack()) return; // expire all cookies foreach(HttpCookie cookie in context.Request.Cookies) { cookie.Expires = DateTime.Now.Subtract(TimeSpan.FromDays(1)); context.Response.Cookies.Set(cookie); } // redirect to safe path bool redirected = false; if(redirectToPath != null) { try { context.Response.Redirect(redirectToPath,true); redirected = true; } catch { redirected = false; } } if (redirected) return; string safeUrl = context.Request.Url.AbsolutePath.Replace(context.Request.Url.Query, string.Empty); context.Response.Redirect(safeUrl,true); } }

    Read the article

  • How can i maintain last cookie value in flex with jsp?

    - by praveen
    Hi All, my login form in flex when I login I have created a cookie in jsp like this name setValueCookie.jsp <%@ page language="java" import="java.util.* , javax.net.*" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <% String username = request.getParameter("value"); System.out.println("Email got in cookieSet = " + username); if(username==null) username=""; Date now = new Date(); String timestamp = now.toString(); Cookie cookie = new Cookie("username",username); cookie.setMaxAge(365 * 24 * 60 * 60); response.addCookie(cookie); %> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>DashBoard-Cookie</title> </head> <body> </body> </html> now using Http service request parameter i am passing username 'Value' to this jsp. and i am reading cookie value from getValueCookie.jsp like this <% String cookieName = "username"; Cookie cookies [] = request.getCookies (); Cookie myCookie = null; String result; if (cookies != null) { for (int i = 0; i < cookies.length; i++) { if (cookies [i].getName().equals (cookieName)) { myCookie = cookies[i]; break; } } } %> <data> <status><%=myCookie.getValue().toString()%></status> </data> through the httpservice value i am getting but if i open a new window or any new tab cookie value is not getting how can i solve this? Thanks in advance.

    Read the article

  • Javascript - undefined cookie value?

    - by Computeras
    Try running the code, I know the problem is in the 1. part. Thanks in advance, P.S. I'm a newbie in JS. <html> <head> <script> { //1. part var Cookies = ""; function createCookie(name,value,days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*24*60*60*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0;i < ca.length;i++) { var c = ca[i]; while (c.charAt(0)==' ') c = c.substring(1,c.length); if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length,c.length); } return null; } function eraseCookie(name) { createCookie(name,"",-1); } //2. part function saveIt(name) { var x = document.forms['cookieform'].cookievalue.value; if (!x) alert('Please fill in a value in the input box.'); else { Cookies.create(name,x,7); alert('Cookie created'); } } function readIt(name) { alert('The value of the cookie is ' + Cookies[name]); } function eraseIt(name) { Cookies.erase(name); alert('Cookie erased'); } function init() { for (var i=1;i<3;i++) { var x = Cookies['ppkcookie' + i]; if (x) alert('Cookie ppkcookie' + i + '\nthat you set on a previous visit, is still active.\nIts value is ' + x); } } } </script> <body> <form name = "forma"> <input type = "text" name = "cookievalue"> <input type = "button" value = "Spremi" onClick = "saveIt('ppkcookie1')"> <input type = "button" value = "Ispisi" onClick = "readIt('ppkcookie1')"> </form> </body> </html>

    Read the article

  • How to handle multiple pages of the same site with the same outlinks

    - by pandafromchina
    I am developing a back link tool for Chinese SEO (our web site URL is: http://link.aizhan.com just like ahrefs.com. I encountered a problem which is how to handle multiple pages of the same site with the same out links. For example: Most pages of bbs.chinaz.com have the same out links such as: bbs.chinaz.com/Tea/thread-6293993-1-1.html bbs.chinaz.com/Tea/list-1.html bbs.chinaz.com/alimama/thread-6265032-1-1.html bbs.chinaz.com/alimama/thread-6265032-2-1.html?userid=-1&extParms= bbs.chinaz.com/Shuiba/list-1.html bbs.chinaz.com/FeedBack/thread-4456753-1-1.html etc.. All of the pages have the same out links in the top of the page: www.cnzz.com(anchor text:????) www.313.com(????) www.idc123.com(????) Suppose I store these outlinks into database. The SEO will find there are six backlinks from bbs.chinaz.com of www.cnzz.com. This is obviously no sense for the SEO. Can you tell me how do you deal with this problem?

    Read the article

< Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >