Search Results

Search found 18315 results on 733 pages for 'cross domain policy'.

Page 30/733 | < Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >

  • Best Practice: Legitimate Cross-Site Scripting

    - by Ryan
    While cross-site scripting is generally regarded as negative, I've run into several situations where it's necessary. I was recently working within the confines of a very limiting content management system. I needed to include database code within the page, but the hosting server didn't have anything usable available. I set up a couple barebones scripts on my own server, originally thinking that I could use AJAX to import the contents of my scripts directly into the template of the CMS (thus retaining dynamic images, menu items, CSS, etc.). I was wrong. Due to the limitations of XMLHttpRequest objects, it's not possible to grab content from a different domain. So I thought "iFrame" - even though I'm not a fan of frames, I thought that I could create a frame that matched the width and height of the content, so that it would appear native. Again, I was blocked by cross-site scripting "protections." While I could indeed load a remote file into the iFrame, I couldn't execute JavaScript to modify its size on either the host page or inside the loaded page. In this particular scenario, I wasn't able to point a subdomain to my server. I also couldn't create a script on the CMS server that could proxy content from my server, so my last thought was to use a remote JavaScript. A remote JavaScript works. It breaks when the user has JavaScript disabled, which is a downside; but it works. The "problem" I was having with using a remote JavaScript was that I had to use the JS function document.write() to output any content. Any output that isn't JS causes script errors. In addition to using document.write() for every line, you also have to ensure that the content is escaped - or else you end up with more script errors. My solution was as follows: My script received a GET parameter ("page") and then looked for the file ({$page}.php), and read the contents into a variable. However, I had to use awkward buffering techniques in order to actually execute the included scripts (for things like database interaction) then strip the final content of all line break characters ("\n") followed by escaping all required characters. The end result is that my original script (which outputs JavaScript) accesses seemingly "standard" scripts on my server and converts their standard output to JavaScript for displaying within the CMS template. While this solution works, it seems like there may be a better way to accomplish the same thing. What is the best way to make cross-site scripting work specifically for the purpose of including content from a completely different domain?

    Read the article

  • IIS Seems to Forward Domain/IP to Domain Controller

    - by asinc
    We have a server (Server 1) with Win 2008 that is accessible by RDP and also is set as the primary DNS IP for a domain (example.com). This server is on the same network as an SBS 2008 server (Server 2) which is the domain controller and internal Dns server. Web requests going to example.com with IP of Server 1 are being passed to Server 2 and served up by IIS from Server 2. What causes this to happen? Is there a safe way to have Server 1 IIS handle the web requests which was our expected outcome? Example: DNS entry on ISP: example.com = 111.111.111.111 Server 1 = 111.111.111.111 Server 2 = 111.111.111.112 Web user goes to example.com in browser, and the page is actually returned from 111.111.111.112?

    Read the article

  • My Dog, Cross-Channel Shopping, and Fusion SCM

    - by Kathryn Perry
    A guest post by Mark Carson, Director, Oracle Fusion Supply Chain Management I was walking my dog Max in an open space behind my house. As we tromped through the tall weeds I remembered it is tick season and that I should get Max some protection. While he sniffed merrily in the tick infested brush, I started shopping in the middle of an open field on my phone. I thought it would be convenient to pick up the tick medicine from a pet store on the way home. Searching the pet store website I saw that they had the medicine, but there was no information on whether the store had any in stock and there were no options for shipping it to the store for pickup. I could return it, but not pick it up which seamed kind of odd. I really didn't feel like making calls to the local stores to find out if they had it. Since the product is popular, I tried one of the large 'everything' stores. Browsing its website I could see that it could be shipped to me, shipped to the store for free, and that the store nearest to me had it in stock. Needless to say, this store became a better option. This experience is a small example of why retailers, distributors, and manufactures have placed a high priority on enabling 'cross-channel commerce.' Shoppers like you and me expect to be able to search, compare, buy and return products on-line and over the phone using a variety of devices including PDAs, tablets and in-store kiosks. The pet store lost my business because its web channel had limited information about its stores. I have spoken with many customers and prospects about cross-channel commerce. They all realize the business implications and urgency behind cross-channel commerce but recognize there are challenges to enable it. New and existing applications must be integrated together globally through a consistent cross-channel business process. Integration is required between applications that provide the initial shopping experience and delivery applications associated with warehouses, stores, and partners. The enablement must be accomplished in a flexible way to react to fast-changing product portfolios and new acquisitions, while at the same time minimizing costs through reuse of existing systems. Meanwhile, the business must continue to grow and decision makers need to balance new capability with peak seasons. The challenges above are not unique to retail. Any customer in any industry who has multiple points for capturing orders and multiple points for fulfilling orders will face these challenges. With this in mind, we had a unique opportunity in Fusion SCM to re-think how to build a set of modular and flexible applications in the order management space that would make these challenges easier to conquer. The results are Fusion Distributed Order Orchestration and Global Order Promising. These applications can help companies, such as the pet store, enable true cross-channel commerce. The apps provide highly adaptable and flexible business processes to automate order orchestration across multiple cross-channel systems. They also show a global view of supply across warehouses, stores, and partners for real-time availability and more accurate order promising. Additional capability includes a standards-based integration framework for seamless execution and the ability to reuse existing systems for faster and lower cost implementations. OK, that was a mouthful of features and benefits. As Max waited to cross the street (he can do basic math too), I wondered if he could relate. He does not care about leash laws, pick-up courtesy, where he can/can't walk, what time of day it is, or even ticks. He does not care about how all these things could make walking complicated. He just wants to walk. Similarly, customers just want to shop and companies just want to make it easier to sell and deliver. You can learn more about Distributed Order Orchestration and Global Order Promising in cross-channel here.

    Read the article

  • Permanent redirect to different domain followed by temporary redirect to folder

    - by Ricardo Amaral
    I have old-domain.com which I want to migrate to new-domain.com. However, the content on the old domain is, well, old. And I'm currently in the process of redesigning my whole site. My idea is to do a permanent (301) redirect from old-domain.com to new-domain.com so that search engines know about the new domain and forget about the old one. But since the content is old I was thinking to do a temporary (302) redirect from new-domain.com to new-domain.com/old/ until the new content/site is ready to be published. Is this, for some reason, a bad idea? Or there's nothing wrong with it? One last thing... If I go with this, what should I do when the new content is ready? Should I just remove the 302 redirect and that's it, or should I do something else to notify search engines that the temporary redirect is over?

    Read the article

  • Code computing the cross-product

    - by WizardOfOdds
    This is not a dupe of my question: http://stackoverflow.com/questions/2532810/detecting-one-points-location-compared-to-two-other-points If I have the following piece of pseudo-C/Java/C# code: int a[]= { 30, 20 }; int b[] = { 40, 50 }; int c[] = {12, 12}; How do I compute the sign of the cross-product ABxAC? I'm only interested in the sign, so I have: boolean signABxAC = ? Now concretely what do I write to get the sign of the cross-product ABxAC?

    Read the article

  • Subdomain In Addon Domain Is Not Working

    - by zulhfreelancer
    I added a new addon domain to my cPanel hosting. With the new added addon domain, I try to make some subdomain of it. But, the subdomain is not working like subfolder does. This is my situation: mymaindomain.com (the cPanel primary domain - OK) myaddondomain.com (the new domain - OK) en.myaddondomain.com (subdomain of the new domain - not working) myaddondomain.com/en (subfolder of the new domain - OK) What should I do to solve this issue?

    Read the article

  • Spawned Process Terminated in GP Startup Script

    - by Charles Gargent
    I have a Group Policy Startup Script which runs synchronously. I now need this script to run one process asynchronously. So far I have managed to get the spawned process running via the command below, however once the rest of the script finishes and the GP Startup Script "phase" finishes and the logon prompt is shown, my spawned process is terminated. Is there any way to have this process continue beyond the Startup Script phase? cmd /c start spawned.bat I guess the reason why it terminates is because the process was launched by the Startup Script process and when the parent process terminates so do its children. PS I need it to be launched via the exisitng script.

    Read the article

  • How to register a domain for a beginner?

    - by garbage collection
    I've never registered a .com , .net like domain before, and I would like to do some research before doing so. I currently have a ruby on rails app running Heroku. Is there anything special I have to do prior to registering domain on my ruby on rails app at all? Or is it as easy as just inserting my current Heroku address to mask it with another .com or .net name? Is there some special features I should look for registering domain? Or is it typical for domain seller to just sell domain names only? Any recommendations on sellers? Thank you.

    Read the article

  • Using an old penalized domain for a new website

    - by MiladSafaei
    I had a website with 2 domains like these: firstdomain.com and first-domain.com. The main domain was first-domain.com and the other one was 301 redirected to first one. The main domain got a Google Penguin penalty some months ago. I uploaded the site on an new domain and removed Google index of old domain by using the remove URL tool in Webmaster Tools. Now, I want to use firstdomain.com (which was redirected to the penalized domain) for a new and fresh website with new and perfect content. Is it probable that history of this domain affects the new website and harms its ranking?

    Read the article

  • Where can I safetly search domain whois without worrying about the search engine parking on the domain immediately after the search?

    - by Evan Plaice
    There are a lot of companies that provide domain whois but I've heard of a lot of people who had bad experiences where the domain was bought soon after the whois search and the price was increased dramatically. Where can I gain access to a domain whois where I don't have to worry about that happening? Update: Apparently, the official name for this practice is called Domain Front Running and some sites go as far as to create explicit policies stating that they don't do it. This is where a domain registrar or an intermediary (like a domain lookup site) mines the searches for possibly attractive domains and then either sells the data to a third-party, or goes ahead and registers the name themselves ahead of you. In one case a registrar took advantage of what's known as the "grace period" and registered every single domain users looked up through them and held on to them for 5 days before releasing them back into the pool at no cost to themselves. Source: domainwarning.com And apparently, after ICANN was notified of the practice, they wrote it off as a coincidence of random 'domain tasting'. Source: See for yourself

    Read the article

  • View Public Key in Domain Key for a Domain

    - by Josh
    Using Jeff's blog post I'm creating domain keys for my account. I wanted to verify the setup using Get or Host command with Bind for Windows but I'm lost one of the commands. I can see view the _domainkey. txt file with this command: host -t txt _domainkey.stackoverflow.com but I'm at a loss at how I'd find the selector record. Jeff points out it can be anything before the before the period in "._domainkey.domain.com" but how would I list all records if I didn't know the exact query name? Is there a wildcard I could use to view all TXT or all records under this section?

    Read the article

  • How can I prevent users from installing software?

    - by Cypher
    Our organization is a bit different than most. During certain times of the year, we grow to thousands of employees, and during off-times, less than a hundred. Over the course of a few years, many thousands of people have come and gone in our offices, and left their legacy behind in the form of all sorts of unwanted, unapproved, (and sometimes unlicensed) software installs on our desktops. We are currently installing redundant domain controllers and upgrading current servers, all running Windows Server 2008 Enterprise, and will eventually be able to run a pure 2008 DC network. With that in mind, what are our options in being able to lock down users, such that they cannot install unauthorized software on systems without the assistance (or authorization) of the IT group? We need to support approximately 400 desktops, so automation is key. I've taken note of the Software Restrictions we can implement via Group Policy, but that implies that we already know what users will be installing and attempting to run... not quite so elegant. Any ideas?

    Read the article

  • Is there a cross-browser way for tooltips?

    - by Legend
    I am working with d3.js for rendering my graphs. For some reason, I am not a huge fan of svg title because of the delay it incurs and the inability to style them. Please do correct me if I am wrong. I recently came across, tipsy but it does not seem to be cross-browser compatible. For instance, consider this. The tooltips work just fine in Firefox and Chrome but do not appear even in IE 9 and I'm not sure what's going on. Is there a cleaner cross-browser approach for tooltips compatible with d3.js other than using the svg title attribute?

    Read the article

  • Resolving host names to their domain name in an internal BIND domain

    - by Adam Plumb
    I'm setting up a domain on my home network for learning purposes, using BIND on CentOS to act as the name server. I've got the name server up and running as type master for my internal domain (plumbnicoll.family), and can do forward and reverse lookups from other computers in my LAN. For example, host office2.plumbnicoll.family correctly returns office2.plumbnicoll.family has address 192.168.1.3. What I'd like is to be able to resolve just office2 to its address, without needing to put .plumbnicoll.family at the end. Is this possible, or even desirable to do? I'm running a mixed environment at home with both Linux and Windows computers.

    Read the article

  • Iterate set covered by cross-product of ranges in ruby

    - by wilsona
    I figured this answer had been asked before, so I searched, but I couldn't find anything. Granted, there are a ton of Ruby Array questions, so it might be there, just buried. In any case, I'm trying to reduce a cross-product of ranges, returning a sum of all elements of the cross-product that meet some set of conditions. To construct a trivial example, if I have an array like this: [0..1,0..1,0..1] I'd like to iterate over this set: [ [0,0,0], [0,0,1], [0,1,0], [0,1,1], [1,0,0], [1,0,1], [1,1,0], [1,1,1] ] and return a sum based the condition "return 1 if i[0] == 1 and i[2] == 0" (which would give 2). In my contrived example, I could do it like this: br = 0..1 br.reduce(0){|sumx, x| sumx + br.reduce(0){|sumy, y| sumy + br.reduce(0){|sumz, z| sumz + (x == 1 and z == 0 ? 1 : 0) } } } , but in the actual application, the set of ranges might be much larger, and nesting reduces that way would get quite ugly. Is there a better way?

    Read the article

  • set up way of getting mysite.$domain

    - by jose silva
    Hi I have several domains, only one website and one databse table for each domain. example: wbesite.us - data from USA goes to database table main_usa wbesite.co.uk - data form UK goes to database table main_uk Only have one database with name of the website. Having only one website structured, and having variables like $sql="select * from main_".$countrycode." where bla..bla..., and many other variables to catch the domain extension, and so on... Now, instead of having one full website for each domain, how can set a script and wher do I put it in order to detect the domain that the user uses. In my server root do I create something like website.$domain ? Something like website OLX but for different purposes. I hope I made myself clear. Thank you.

    Read the article

  • Move site to new domain divided by language across subdomains

    - by mark
    I managed to find a nice domain for a fairly fledgling site of mine that actually hasn't been parked by scumbag squatters. Given the upcoming move I'm thinking I'd take the opportunity to split the content across subdomains according to language, much like wikipedia for example: current: www.old-domain.com/en/subject # English www.old-domain.com/subjecto # Spanish (default so not locale in url) proposed en.new-domain.com/subject es.new-domain.com/subjecto The advantage of doing this is a fairly competitive keyword such that I may wish to put a copy of my application on a Spanish slice in order to gain a few serp's. Also pure vanity. Google's webmaster tools allows me to move to the new domain and I can add the root domain and the subdomains but forward to only one. I'll 301 from the old domain appropriately but is there anything I should know about webmaster tools in this respect where effectively I'm moving to two addresses? (Feel free to dissuade me from doing this if it's a bad idea in comments.) I've now asked this same question on google's forums.

    Read the article

  • 301 redirect from a country specific domain

    - by Raj
    I originally started using a .do domain extension for my site, but later realized that this country specific domain would prevent us from appearing in search results for places outside of the Dominican Republic. We started using a .co domain extension and redirected all requests to the new domain using an HTTP 301. The "Crawl Stats" in Google Webmaster Tools shows me that the .co domain is being crawled, but the "Index Status" shows the number of pages indexed at 0. The "Crawl Stats" for the .do domain says that it's being crawled and the "Index Status" shows a number greater than 0. I also set a "Change Of Address" in Google Webmaster Tools to have the .do domain point to the new .co domain. We're still not appearing in search results at all even for very specific strings where I would expect to find us. Am I doing something wrong?

    Read the article

  • How does cross domain file (receiver) work?

    - by seatoskyhk
    So, how does it work? How come having a receiver.html can allow cross domain communication? I... just... don't understand. For example, (using Heyzap as example) <script type="text/javascript" src="http://tools.heyzap.com/external/tools/v4.js"></script> <script type="text/javascript"> HeyzapTools.load({ game_key: "your-game-key-here", hz_receiver_url: "http://example.com/hz_receiver.html" }); </script> and the hz_receiver.html has this content: <html> <body> <script src="/external/tools/hz_receiver.js" type="text/javascript"></script> </body> </html> so, why it will allow cross domain?

    Read the article

  • Amazon AWS Ec2 instance, Elastic IP, Domain name from external domainseller, and Google Apps for Email

    - by Sid
    We are hosting our site on an Ec2 instance. Our Elastic IP is w.x.y.z and Public DNS is: ec2-w-x-y-z.compute-1.amazonaws.com. We've bought a domain name domainname.com from a lesser known domain-name-seller. We added an A-record pointing domainname.com to w.x.y.z. Will this work or do we need a CNAME record to point to the same too? We wanted to use Google apps for emailing so adjusted the TXT/MX records according to the Google Apps instructions to be able to send/recv email using @domainname.com email addresses. Have we got it right, more important, we came across queries relating to email sent from ec2-w-x-y-z.compute-1.amazonaws.com (our users can send email from their onsite accounts) going to spam (rDNS not pointing to domainname.com but to ec2-w-x-y-z.compute-1.amazonaws.com). How can we fix this? We came across SPF records, do they provide a complete solution? We aren't sure as to how to use them. Can you help pls? Thank you, Sid

    Read the article

  • Domain joined computer unable to access servers through VPN

    - by kscott
    Our servers are in a virtual off site hosting center, our office has a vpn connection to the data center, but for reasons I don't understand we also have to connect to the Citrix Access Gateway (CAG) client in order to access the servers. I am a programmer with rather limited ops knowledge including a weak grasp of networking and terminology. Bear with me. I was just given a new laptop, which is a 64 bit Windows 7 system unlike my previous 32 bit Windows XP desktop which was able to connect without issue. My laptop has been joined to the domain so that I login with my AD credentials, I am able to connect to the CAG and get authenticated, and after doing this I can ping our servers and they resolve to the correct internal IP addresses, but I am unable to use remote desktop to the servers, connect to SQL servers through my local SQL Management Studio, navigate to them through the file system, or view any of our internal intranet websites. All of which I was able to do previously. I have tried turning off my Windows firewall and the problem remains, the DNS servers are set to the correct IPs of our domain controllers, and the ops guys here are a little stumped. Does any one have any suggestions?

    Read the article

  • why sendmail resolves to ISP domain?

    - by digital illusion
    I wish to setup a local mail server for debugging purposes using fedora 15 I set up sendmail, but there is a problem. When I'm not connected to the internet, the local mail server delivers correctly (to localhost). And in /var/log/mail I see that I correctly delivered a mail to [email protected]: Jun 21 18:24:56 PowersourceII sendmail[6019]: p5LGOttt006019: [email protected], size=328, class=0, nrcpts=1, msgid=<[email protected]>, relay=adriano@localhost Jun 21 18:24:56 PowersourceII sendmail[6020]: p5LGOuSV006020: from=<[email protected]>, size=506, class=0, nrcpts=1, msgid=<[email protected]>, proto=ESMTP, daemon=MTA, relay=PowersourceII.localdomain [127.0.0.1] Jun 21 18:24:56 PowersourceII sendmail[6019]: p5LGOttt006019: [email protected], [email protected] (500/500), delay=00:00:01, xdelay=00:00:00, mailer=relay, pri=30328, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (p5LGOuSV006020 Message accepted for delivery) When I connect, networkmanager fills in /etc/resolv.conf with: domain fastwebnet.it search fastwebnet.it localdomain nameserver 62.101.93.101 nameserver 83.103.25.250 Now sendmail does not work any longer and tries to send messages to my ISP domain, as seen in the log: Jun 21 18:40:02 PowersourceII sendmail[6348]: p5LGe1LV006348: [email protected], [email protected] (500/500), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30327, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (p5LGe10n006352 Message accepted for delivery) Jun 21 18:40:02 PowersourceII sendmail[6354]: p5LGe10n006352: to=<[email protected]>, delay=00:00:01, xdelay=00:00:00, mailer=esmtp, pri=120651, relay=mx3.fastwebnet.it. [85.18.95.21], dsn=5.1.1, stat=User unknown As you can see, it tries to deliver a mail to [email protected], and fails The setup is working under other ISPs. How can I avoid the fastweb ISP DNS relay? Thank you

    Read the article

< Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >