Search Results

Search found 15448 results on 618 pages for 'sound api'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 307/618 | < Previous Page | 303 304 305 306 307 308 309 310 311 312 313 314  | Next Page >

  • windows live playback left and right audio channel

    - by user1254761
    I have a multichannel (4x stereo) audiocard (m-audio delta1010lt) and want to playback /playthru some of the channels live. But I am only able to playback/playthru the left channel on each stereo-input (CH1, CH3, CH5, CH7). For CH2,CH4,CH6,CH8 I see the Windows Volume-Indicator going up and down in the Windows Record-Audiosettings but I don't hear any playback sound. Is there a way to playback/playthru all input channels?

    Read the article

  • iTunes video black screen until select computer output

    - by Daniel Huckstep
    I don't remember this happening before, but now whenever I play any video in iTunes (podcast video, movie, TV show, iTunes extras stuff but the menus work) it just shows a black screen with the sound playing. If I stop it, select "Computer" in the little output control on the iTunes video control panel that pops up, then play again, it works fine. What the heck? Tried rebooting, updating, with and without external monitor. OSX 10.6.6

    Read the article

  • Is it possible to use a PC as a external drive via USB?

    - by homemdelata
    I have a bluray player that has a USB interface that allows me to plug external hard drives and pendrives for me to play movies or music files. I was wondering if it's possible to have the PC or notebook or any other computer-like device using a USB-USB cable and make the bluray player detects this as an external drive. Note: I'm using a bluray player as example but it can be the same for DVD players, TV or sound sytems.

    Read the article

  • DVD-Player "Simulation"

    - by SjoerdV
    This may sound like a strange question, but I was wondering if there is software available which can emulate the behaviour of standalone dvd-players. I'm currently debugging a DVD we're creating, and I can't afford to go hopping to my house every time to check. The reason I'm asking is because the problems just appear on 'some' dvd-players which I cannot predict. Other option maybe, is there software that can check a VIDEO_TS folder or iso file for errors?

    Read the article

  • Make headphone output mono

    - by Jonathan.
    my headphones are stereo but I would like the sound from the left and right to be combined then sent to both headphones. The reason is I'm watching a video where the people speaking are in the right ear as well as the music but they never speak in the left ear (it is not because they on the right side of the screen) If I take the right headphone off then I only hear the music in my left and there is no speaking.

    Read the article

  • Is the following combination of components valid to function as a desktop computer? [closed]

    - by Gideon Potgieter
    Could someone with more PC building experience than me tell me whether these PC components can cooperate fully as a self-made PC? Processor: Intel Core i5-3570K Video card: Asus Radeon HD 7870 Motherboard: Gigabyte GA-Z77-D3H RAM: Corsair CMZ16GX3M2A1600C10 Vengeance 16GB 1600MHz CL10 DDR3 (x2) Storage: Western Digital WD1002FAEX (x2) Display: Samsung S24B300HL Sound: Logitech X140 Chassis: Thermaltake V4 Black Edition VM30001W2Z Power supply: Seagate OEM 500W Builder PSU Optical drive: Asus DRW-24B1ST Thanks in advance! (btw, I know 32 GB RAM is unnecessary, but I want to buy it to use as a reserve)

    Read the article

  • Safari 4 starting up slowly on a Vista machine

    - by puri
    I have two PCs (different specs) with the latest Windows Vista and Safari 4 updates installed. In one machine, Safari 4 works great but in the other, it starts up slowly (less than a minute though) with harddisk sound indicating data access activities. I have cleared all internet caches and I am quite sure that there is no virus in both machines. Are there any other reasons that Safari performances are so different in comparably similar software and hardware environments?

    Read the article

  • Use an iPhone as a bluetooth headset for a mac?

    - by Phillip Oldham
    Is there any way, such as an iPhone app, that will let me connect my iPhone to my iMac via bluetooth, so that the iMac pushes all audio through the iPhone? Specifically, what I'm looking to do is be able to watch movies on my iMac with the sound being played through my iPhone & in turn the ear buds.

    Read the article

  • what are the components you can install on RHEL?

    - by user16654
    I just got a question from a customer(actually from a customer to my manager then to me) and he is asking the following question: What are the components that were installed with RHEL? It may sound like a silly question but to me it sounds vague. The main thing I am thinking about now is during install you can select three components: webserver software development and virtualisation. Could they be asking fro something else?

    Read the article

  • speakers muted automatically for some reason

    - by Or A
    i have this weird problem that i'm not sure is specific to me, but more of a windows 7 or Lenovo laptop, so any help would be appreciable. the problem is as follows: Whenever i use skype, msn or any other thing that make noise, the speakers are muted automatically and i need to press the mute/unmute button to re-enable the sound. Does anyone know what can i do to disable windows 7 from doing it? Thanks.

    Read the article

  • Do something by operator dial specified number in Asterisk?

    - by Rev
    I want to make ability for Asterisk phone Operators to able do something like this: While operator talking to caller, if Operator dial specified number like 244 (or something like that but not Sip-Userid's), do something (like play sound for caller or etc) for that call. So, Is this possible? Is need to change dialplan? ¦¦¦¦¦ I found this. in first paragraph it's say someething like: if operator dial exten go voiceMail.

    Read the article

  • Changing default playback device on Windows 8

    - by emartel
    Previously, on Vista and Windows 7, changing the Default Playback device would occur instantly. For example, audio is coming out of my speakers, I right click the Volume Control, click Playback Devices then I select another device and click Set Default. Audio would be transferred immediately. Unfortunately, now, with Windows 8, I need to kill whatever process what outputting sound, and restart it for the change to take effect. Is there something that can be done about it so that changes are taken into account immediately?

    Read the article

  • Test a microphone with an intermittent fault

    - by Mick
    I have a microphone with all the software set up correctly, but there is a loose connection somewhere. I'd like some software to give me instant feedback on whether the computer is picking up the sound of my voice so that I can wiggle some wires and work out where the fault is. Any suggestions?

    Read the article

  • Windows 7 immediately disconnects a USB drive

    - by Daniel Saner
    I am having a problem with Windows 7 x64 consistently disconnecting one specific USB mass storage drive immediately after it is connected. The drive in question is a Cowon C2 digital music player which works in standard mass storage controller mode (i.e. no device-specific drivers needed/available). When I connect the player, Windows plays the "USB connect" sound and the device appears (under its correct name) in the device manager, but it never appears as a drive. The player itself displays "USB Connected" for a split-second before reporting that it has been disconnected again. Since the player, by design, reboots after it has been disconnected, Windows plays the "USB disconnect" sound before restarting the whole cycle once the player has powered back on. I am connecting the player through an Intel X79 Chipset motherboard (Gigabyte GA-X79-UD3) to Windows 7 Pro 64-bit. The player used to work fine the first few times I connected it, showing up as an external drive; it only recently stopped working. It is not a problem with the player, since it works fine when connected to another computer, even such running the exact same operating system. It is also not a problem with the USB controller, since the issue is the same on both the Intel USB 2.0 and the Fresco Logic FL1009 USB 3.0 controller ports. I have also not had the problem with any other drive so far. Among the things I have tried so far: Disabling USB legacy mode in BIOS Disabling energy-saving power down for all USB controllers in Windows' device manager Removing and reinstalling Windows' USB mass storage driver Removing and reinstalling Intel and Fresco Logic USB controller driver Restoring the player to factory defaults None of these made a difference. Again, the player used to work fine on the exact same system just days ago; I didn't install any new hardware or drivers on it since then. I would be very grateful for any hints on what else to try. Edit: Here is another new hint; I found out that when I connect the drive before booting Windows, it is available in Windows Explorer as it should, and does not automatically disconnect. If I remove and reconnect it though, the infinite connect/disconnect-loop starts anew.

    Read the article

  • How to toggle between different monitors with one key on Windows 7?

    - by user443854
    I recently found a post on switching between different sound cards with one key stroke (the answer I ended up using is Default Audio Changer). I am looking for similar functionality for switching between monitors. Win+P is not good enough, as it loops between four choices: Computer | Duplicate | Extend | Projector, and I want to toggle only between two monitors. It also takes at least four key strokes to toggle.

    Read the article

  • Loudspeaker Tile in Windows 8

    - by lampa
    In the classical desktop I have the loudspeaker symbol, which I use to make the sound louder and quieter by using the mouse. On the modern UI Start Screen I can change it through the Charm-Bar and settings, but it is inconvenient. Is there some fast access to the loudspeaker for example through a tile? here is the screenshot of the usual loudspeaker: http://i.stack.imgur.com/O00af.png (I don't have enough rep to post the pic directly)

    Read the article

  • XMLPULLPARSEREXCEPTION...in KSOAP2

    - by aka47
    iam using KSOAP2 for web services. my client is BlackBerry Phone and Server is KeyRingLabs.com. i am using php page for connection...i have taken this code form a Forum.and modified it according to my requirements...but I am having XMLPULLPARSER EXCEPTION...can any body help??? here is my code.... import net.rim.device.api.ui.; import net.rim.device.api.ui.component.; import net.rim.device.api.ui.container.; import net.rim.device.api.system.; import java.util.; import org.ksoap2.; import org.ksoap2.serialization.; import org.ksoap2.transport.; import java.io.IOException; import org.ksoap2.SoapEnvelope; import org.ksoap2.SoapFault; import org.ksoap2.serialization.SoapObject; import org.ksoap2.serialization.SoapSerializationEnvelope; import org.ksoap2.transport.HttpTransport; import org.xmlpull.v1.XmlPullParserException; final class StockQuoteDemo extends UiApplication { public static void main (String[] args) { StockQuoteDemo theApp = new StockQuoteDemo (); theApp.enterEventDispatcher (); } public StockQuoteDemo () { pushScreen (new StockQuoteScreen ()); //doSOAP(); } final class StockQuoteScreen extends MainScreen { public static final String action = "http://keyringlabs.com/Login"; public static final String namespaceRoot = "bbpointofsale.com"; //public static final String webroot = "http://192.168.1.2/bbpointofsale.com/"; public static final String webroot = "http://192.168.0.35/"; //public static final String webroot = "http://www.bbpointofsale.com"; public String errorMessage; public String key; public String transactionID; private HttpTransport transport; private SoapSerializationEnvelope envelope; public StockQuoteScreen () { //transport = new HttpTransport(webroot + "bb/service/index.php"); transport = new HttpTransport(webroot+"Disk/rashid11/index4.php"); transport.debug = true; envelope = new SoapSerializationEnvelope(SoapEnvelope.VER12); key = null; envelope.encodingStyle = SoapSerializationEnvelope.XSD1999; ProcessLogin("[email protected]","123456"); //Dialog.alert("GEN 1"); //Dialog.alert("Warr Gai Vai!!!"); } public boolean onClose () { Dialog.alert ("Goodbye!"); System.exit (0); return true; } public boolean ProcessLogin(String email, String password) { System.err.println("Starting The Process"); errorMessage = ""; String namespace = "urn:" + namespaceRoot + ":login"; //System.err.println("LINK:"+namespace); // SoapObject message = new SoapObject(namespace, "login"); SoapObject message = new SoapObject(namespaceRoot, "login"); message.addProperty("email", email); message.addProperty("password", password); envelope.bodyOut = message; // System.err.println("KSOAP:"+ envelope.toString()); //String soapAction = namespace + "#login"; String soapAction = "http://bbpointofsale.com/login"; // System.err.println("Action : "+soapAction); try { //transport.setXmlVersionTag(""); transport.call(soapAction, envelope); } catch (IOException e) { e.printStackTrace(); System.out.println("error: "+e.getMessage()); errorMessage = e.getMessage(); System.out.println("response1: "+transport.responseDump); return false; } catch (XmlPullParserException e) { e.printStackTrace(); errorMessage = e.getMessage(); System.out.println("request2: "+transport.requestDump); System.out.println("response2: "+transport.responseDump); return false; } try { SoapObject result = (SoapObject) ((SoapObject)envelope.getResponse()).getProperty(0); key = hackToGetResponse("serviceToken", result.toString()); if (key.length() > 0) { System.out.println("KEY:" + key); return true; } else { } } catch (SoapFault e) { errorMessage = e.getMessage(); System.out.println("response3: "+transport.responseDump); return false; } catch (Exception e) { errorMessage = e.getMessage(); System.err.println("response4: "+transport.responseDump); return false; } return false; } public String hackToGetResponse(String key, String response) { System.out.println("hackToGetResponse:" + response); String start = "anyType{key=" + key + "; value="; String end = "; }"; if (response.indexOf(start) == -1 || response.indexOf(end) == -1) return ""; System.out.println("hackToGetResponse:" + "response.substring(0, " + response.indexOf(start) + ").substring(0, " + response.indexOf(end) + ");"); response = response.substring(response.indexOf(start) + start.length()); response = response.substring(0, response.indexOf(end)); if (response.indexOf("anyType{}") != -1) return ""; return response; } } } //******************PHP FILE************************ $server = new SoapServer(null, array('uri' = "urn:keyringlabs.com")); //$server = new SoapServer(null, array('uri' = "urn: bbpointofsale.com")); $server-addFunction("login"); //$email='[email protected]'; //$pass='123456'; function login($email, $pass) { if (strlen($email) == 0) { return Array('serviceToken' => ''); } elseif (strlen($pass) == 0) { return Array('serviceToken' => ''); } else { $objMerchant = Merchant::LoadByEmailPassword($email, $pass); if ($objMerchant == null || $objMerchant->Id &lt==1) { return Array('serviceToken' => ''); } else { $key = uniqid(); $objSess = new Merchantsessions(); $objSess->MerchantID = $objMerchant->Id; $objSess->ServiceToken = $key; $objSess->Save(); } } $result = Array('serviceToken' => $key); //print $result; return $result; } ? ///**************************************** is there any need of an XML page or something..to run it perfectly...please help thank you for your time!

    Read the article

  • what does calling ´this´ outside of a jquery plugin refer to

    - by Richard
    Hi, I am using the liveTwitter plugin The problem is that I need to stop the plugin from hitting the Twitter api. According to the documentation I need to do this $("#tab1 .container_twitter_status").each(function(){ this.twitter.stop(); }); Already, the each does not make sense on an id and what does this refer to? Anyway, I get an undefined error. I will paste the plugin code and hope it makes sense to somebody MY only problem thusfar with this plugin is that I need to be able to stop it. thanks in advance, Richard /* * jQuery LiveTwitter 1.5.0 * - Live updating Twitter plugin for jQuery * * Copyright (c) 2009-2010 Inge Jørgensen (elektronaut.no) * Licensed under the MIT license (MIT-LICENSE.txt) * * $Date: 2010/05/30$ */ /* * Usage example: * $("#twitterSearch").liveTwitter('bacon', {limit: 10, rate: 15000}); */ (function($){ if(!$.fn.reverse){ $.fn.reverse = function() { return this.pushStack(this.get().reverse(), arguments); }; } $.fn.liveTwitter = function(query, options, callback){ var domNode = this; $(this).each(function(){ var settings = {}; // Handle changing of options if(this.twitter) { settings = jQuery.extend(this.twitter.settings, options); this.twitter.settings = settings; if(query) { this.twitter.query = query; } this.twitter.limit = settings.limit; this.twitter.mode = settings.mode; if(this.twitter.interval){ this.twitter.refresh(); } if(callback){ this.twitter.callback = callback; } // ..or create a new twitter object } else { // Extend settings with the defaults settings = jQuery.extend({ mode: 'search', // Mode, valid options are: 'search', 'user_timeline' rate: 15000, // Refresh rate in ms limit: 10, // Limit number of results refresh: true }, options); // Default setting for showAuthor if not provided if(typeof settings.showAuthor == "undefined"){ settings.showAuthor = (settings.mode == 'user_timeline') ? false : true; } // Set up a dummy function for the Twitter API callback if(!window.twitter_callback){ window.twitter_callback = function(){return true;}; } this.twitter = { settings: settings, query: query, limit: settings.limit, mode: settings.mode, interval: false, container: this, lastTimeStamp: 0, callback: callback, // Convert the time stamp to a more human readable format relativeTime: function(timeString){ var parsedDate = Date.parse(timeString); var delta = (Date.parse(Date()) - parsedDate) / 1000; var r = ''; if (delta < 60) { r = delta + ' seconds ago'; } else if(delta < 120) { r = 'a minute ago'; } else if(delta < (45*60)) { r = (parseInt(delta / 60, 10)).toString() + ' minutes ago'; } else if(delta < (90*60)) { r = 'an hour ago'; } else if(delta < (24*60*60)) { r = '' + (parseInt(delta / 3600, 10)).toString() + ' hours ago'; } else if(delta < (48*60*60)) { r = 'a day ago'; } else { r = (parseInt(delta / 86400, 10)).toString() + ' days ago'; } return r; }, // Update the timestamps in realtime refreshTime: function() { var twitter = this; $(twitter.container).find('span.time').each(function(){ $(this).html(twitter.relativeTime(this.timeStamp)); }); }, // Handle reloading refresh: function(initialize){ var twitter = this; if(this.settings.refresh || initialize) { var url = ''; var params = {}; if(twitter.mode == 'search'){ params.q = this.query; if(this.settings.geocode){ params.geocode = this.settings.geocode; } if(this.settings.lang){ params.lang = this.settings.lang; } if(this.settings.rpp){ params.rpp = this.settings.rpp; } else { params.rpp = this.settings.limit; } // Convert params to string var paramsString = []; for(var param in params){ if(params.hasOwnProperty(param)){ paramsString[paramsString.length] = param + '=' + encodeURIComponent(params[param]); } } paramsString = paramsString.join("&"); url = "http://search.twitter.com/search.json?"+paramsString+"&callback=?"; } else if(twitter.mode == 'user_timeline') { url = "http://api.twitter.com/1/statuses/user_timeline/"+encodeURIComponent(this.query)+".json?count="+twitter.limit+"&callback=?"; } else if(twitter.mode == 'list') { var username = encodeURIComponent(this.query.user); var listname = encodeURIComponent(this.query.list); url = "http://api.twitter.com/1/"+username+"/lists/"+listname+"/statuses.json?per_page="+twitter.limit+"&callback=?"; } $.getJSON(url, function(json) { var results = null; if(twitter.mode == 'search'){ results = json.results; } else { results = json; } var newTweets = 0; $(results).reverse().each(function(){ var screen_name = ''; var profile_image_url = ''; if(twitter.mode == 'search') { screen_name = this.from_user; profile_image_url = this.profile_image_url; created_at_date = this.created_at; } else { screen_name = this.user.screen_name; profile_image_url = this.user.profile_image_url; // Fix for IE created_at_date = this.created_at.replace(/^(\w+)\s(\w+)\s(\d+)(.*)(\s\d+)$/, "$1, $3 $2$5$4"); } var userInfo = this.user; var linkified_text = this.text.replace(/[A-Za-z]+:\/\/[A-Za-z0-9-_]+\.[A-Za-z0-9-_:%&\?\/.=]+/, function(m) { return m.link(m); }); linkified_text = linkified_text.replace(/@[A-Za-z0-9_]+/g, function(u){return u.link('http://twitter.com/'+u.replace(/^@/,''));}); linkified_text = linkified_text.replace(/#[A-Za-z0-9_\-]+/g, function(u){return u.link('http://search.twitter.com/search?q='+u.replace(/^#/,'%23'));}); if(!twitter.settings.filter || twitter.settings.filter(this)) { if(Date.parse(created_at_date) > twitter.lastTimeStamp) { newTweets += 1; var tweetHTML = '<div class="tweet tweet-'+this.id+'">'; if(twitter.settings.showAuthor) { tweetHTML += '<img width="24" height="24" src="'+profile_image_url+'" />' + '<p class="text"><span class="username"><a href="http://twitter.com/'+screen_name+'">'+screen_name+'</a>:</span> '; } else { tweetHTML += '<p class="text"> '; } tweetHTML += linkified_text + ' <span class="time">'+twitter.relativeTime(created_at_date)+'</span>' + '</p>' + '</div>'; $(twitter.container).prepend(tweetHTML); var timeStamp = created_at_date; $(twitter.container).find('span.time:first').each(function(){ this.timeStamp = timeStamp; }); if(!initialize) { $(twitter.container).find('.tweet-'+this.id).hide().fadeIn(); } twitter.lastTimeStamp = Date.parse(created_at_date); } } }); if(newTweets > 0) { // Limit number of entries $(twitter.container).find('div.tweet:gt('+(twitter.limit-1)+')').remove(); // Run callback if(twitter.callback){ twitter.callback(domNode, newTweets); } // Trigger event $(domNode).trigger('tweets'); } }); } }, start: function(){ var twitter = this; if(!this.interval){ this.interval = setInterval(function(){twitter.refresh();}, twitter.settings.rate); this.refresh(true); } }, stop: function(){ if(this.interval){ clearInterval(this.interval); this.interval = false; } } }; var twitter = this.twitter; this.timeInterval = setInterval(function(){twitter.refreshTime();}, 5000); this.twitter.start(); } }); return this; }; })(jQuery);

    Read the article

  • SINGLE SIGN ON SECURITY THREAT! FACEBOOK access_token broadcast in the open/clear

    - by MOKANA
    Subsequent to my posting there was a remark made that this was not really a question but I thought I did indeed postulate one. So that there is no ambiquity here is the question with a lead in: Since there is no data sent from Facebook during the Canvas Load process that is not at some point divulged, including the access_token, session and other data that could uniquely identify a user, does any one see any other way other than adding one more layer, i.e., a password, sent over the wire via HTTPS along with the access_toekn, that will insure unique untampered with security by the user? Using Wireshark I captured the local broadcast while loading my Canvas Application page. I was hugely surprised to see the access_token broadcast in the open, viewable for any one to see. This access_token is appended to any https call to the Facebook OpenGraph API. Using facebook as a single click log on has now raised huge concerns for me. It is stored in a session object in memory and the cookie is cleared upon app termination and after reviewing the FB.Init calls I saw a lot of HTTPS calls so I assumed the access_token was always encrypted. But last night I saw in the status bar a call from what was simply an http call that included the App ID so I felt I should sniff the Application Canvas load sequence. Today I did sniff the broadcast and in the attached image you can see that there are http calls with the access_token being broadcast in the open and clear for anyone to gain access to. Am I missing something, is what I am seeing and my interpretation really correct. If any one can sniff and get the access_token they can theorically make calls to the Graph API via https, even though the call back would still need to be the site established in Facebook's application set up. But what is truly a security threat is anyone using the access_token for access to their own site. I do not see the value of a single sign on via Facebook if the only thing that was established as secure was the access_token - becuase for what I can see it clearly is not secure. Access tokens that never have an expire date do not change. Access_tokens are different for every user, to access to another site could be held tight to just a single user, but compromising even a single user's data is unacceptable. http://www.creatingstory.com/images/InTheOpen.png Went back and did more research on this: FINDINGS: Went back an re ran the canvas application to verify that it was not any of my code that was not broadcasting. In this call: HTTP GET /connect.php/en_US/js/CacheData HTTP/1.1 The USER ID is clearly visible in the cookie. So USER_ID's are fully visible, but they are already. Anyone can go to pretty much any ones page and hover over the image and see the USER ID. So no big threat. APP_ID are also easily obtainable - but . . . http://www.creatingstory.com/images/InTheOpen2.png The above file clearly shows the FULL ACCESS TOKEN clearly in the OPEN via a Facebook initiated call. Am I wrong. TELL ME I AM WRONG because I want to be wrong about this. I have since reset my app secret so I am showing the real sniff of the Canvas Page being loaded. Additional data 02/20/2011: @ifaour - I appreciate the time you took to compile your response. I am pretty familiar with the OAuth process and have a pretty solid understanding of the signed_request unpacking and utilization of the access_token. I perform a substantial amount of my processing on the server and my Facebook server side flows are all complete and function without any flaw that I know of. The application secret is secure and never passed to the front end application and is also changed regularly. I am being as fanatical about security as I can be, knowing there is so much I don’t know that could come back and bite me. Two huge access_token issues: The issues concern the possible utilization of the access_token from the USER AGENT (browser). During the FB.INIT() process of the Facebook JavaScript SDK, a cookie is created as well as an object in memory called a session object. This object, along with the cookie contain the access_token, session, a secret, and uid and status of the connection. The session object is structured such that is supports both the new OAuth and the legacy flows. With OAuth, the access_token and status are pretty much al that is used in the session object. The first issue is that the access_token is used to make HTTPS calls to the GRAPH API. If you had the access_token, you could do this from any browser: https://graph.facebook.com/220439?access_token=... and it will return a ton of information about the user. So any one with the access token can gain access to a Facebook account. You can also make additional calls to any info the user has granted access to the application tied to the access_token. At first I thought that a call into the GRAPH had to have a Callback to the URL established in the App Setup, but I tested it as mentioned below and it will return info back right into the browser. Adding that callback feature would be a good idea I think, tightens things up a bit. The second issue is utilization of some unique private secured data that identifies the user to the third party data base, i.e., like in my case, I would use a single sign on to populate user information into my database using this unique secured data item (i.e., access_token which contains the APP ID, the USER ID, and a hashed with secret sequence). None of this is a problem on the server side. You get a signed_request, you unpack it with secret, make HTTPS calls, get HTTPS responses back. When a user has information entered via the USER AGENT(browser) that must be stored via a POST, this unique secured data element would be sent via HTTPS such that they are validated prior to data base insertion. However, If there is NO secured piece of unique data that is supplied via the single sign on process, then there is no way to guarantee unauthorized access. The access_token is the one piece of data that is utilized by Facebook to make the HTTPS calls into the GRAPH API. it is considered unique in regards to BOTH the USER and the APPLICATION and is initially secure via the signed_request packaging. If however, it is subsequently transmitted in the clear and if I can sniff the wire and obtain the access_token, then I can pretend to be the application and gain the information they have authorized the application to see. I tried the above example from a Safari and IE browser and it returned all of my information to me in the browser. In conclusion, the access_token is part of the signed_request and that is how the application initially obtains it. After OAuth authentication and authorization, i.e., the USER has logged into Facebook and then runs your app, the access_token is stored as mentioned above and I have sniffed it such that I see it stored in a Cookie that is transmitted over the wire, resulting in there being NO UNIQUE SECURED IDENTIFIABLE piece of information that can be used to support interaction with the database, or in other words, unless there were one more piece of secure data sent along with the access_token to my database, i.e., a password, I would not be able to discern if it is a legitimate call. Luckily I utilized secure AJAX via POST and the call has to come from the same domain, but I am sure there is a way to hijack that. I am totally open to any ideas on this topic on how to uniquely identify my USERS other than adding another layer (password) via this single sign on process or if someone would just share with me that I read and analyzed my data incorrectly and that the access_token is always secure over the wire. Mahalo nui loa in advance.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 303 304 305 306 307 308 309 310 311 312 313 314  | Next Page >