Search Results

Search found 1926 results on 78 pages for 'cookie monster'.

Page 31/78 | < Previous Page | 27 28 29 30 31 32 33 34 35 36 37 38  | Next Page >

  • How to set cookies with redirect in Pylons

    - by user136589
    In light of the cookie-handling bugs affecting Safari and Chrome (see this thread), and Pylons implementation of redirect_to as an exception, is it possible to reliably set a tracking cookie and redirect at the same time? Is the META refresh method looked down upon?

    Read the article

  • Sharing cookies/session from WebView to HttpClient doesn't work

    - by Toni Kanoni
    I know this question has been asked a hundred times, and I've read and tried for 2 hours now, but I can't find my error :-( I am trying to create a simple webbrowser and therefore have a webview, where I login on a site and get access to a picture area. With help of a DefaultHttpClient, I want to make it possible to download pictures in the secured area. Therefore I am trying to share the cookies from the webview and pass them on to the HttpClient, so that it is authenticated and able to download. But whatever I try and do, I always get a 403 response back... Basically the steps are the following: 1) Enter URL, webview loads website 2) Enter login details in a form 3) Navigate to picture and long hold for context menu 4) Retrieve the image URL and pass it on to AsynTask for downloading Here's the code of the AsyncTask with the Cookie stuff: protected String doInBackground(String... params) { //params[0] is the URL of the image try { CookieManager cookieManager = CookieManager.getInstance(); String c = cookieManager.getCookie(new URL(params[0]).getHost()); BasicCookieStore cookieStore = new BasicCookieStore(); BasicHttpContext localContext = new BasicHttpContext(); localContext.setAttribute(ClientContext.COOKIE_STORE, cookieStore); String[] cookieParts = null; String cookies[] = null; cookies = c.split(";"); for(int i=0;i<cookies.length;i++) { cookieParts = cookies[i].split("="); BasicClientCookie sessionCookie = new BasicClientCookie(cookieParts[0].trim(), cookieParts[1].trim()); sessionCookie.setDomain(new URL(params[0]).getHost()); cookieStore.addCookie(sessionCookie); } DefaultHttpClient httpClient = new DefaultHttpClient(); httpClient.setCookieStore(cookieStore); HttpGet pageGet = new HttpGet(new URL(params[0]).toURI()); HttpResponse response = httpClient.execute(pageGet, localContext); if(response.getStatusLine().getStatusCode() == HttpStatus.SC_OK) -- NEVER Happens, always get 403 .) One of the problems is that the webview saves some cookies for the host *www.*example.com, but the image-URL to download (params[0]) is *static.*example.com. The line cookieManager.getCookie(new URL(params[0]).getHost()); returns null, because there is no cookie for static.example.com, but only for www.example.com. .) When I manually say cookieManager.getCookie("www.example.com"); I get some cookies back, which I add to the HttpClient cookie store: There are 5 cookies added - testcookie = 0 - PHPSESSID = 320947238someGibberishSessionId - email = [email protected] - pass = 32423te32someEncodedPassGibberish - user = 345542 So although these cookies, a session ID and other stuff, get added to the HttpClient, it never get's through to download an image. Im totally lost... though I guess that it either has something to do with the cookies domains, or that Im still missing other cookies. But from where the heck should I know which cookies exist in the webview, when I have to specify a specific URL to get a cookie back?? :-( Any advice?

    Read the article

  • Web Security: Worst-Case Situation

    - by Yongho
    I currently have built a system that checks user IP, browser, and a random-string cookie to determine if he is an admin. In the worst case, someone steals my cookie, uses the same browser I do, and masks his IP to appear as mine. Is there another layer of security I should add onto my script to make it more secure?

    Read the article

  • Facebook Connect 'next' error

    - by Mark
    I am trying to experiment with the new facebook authentication system, and I can't getthe login to work. I'm getting the following error message: API Error Code: 100 API Error Description: Invalid parameter Error Message: next is not owned by the application. The url that is being sent to facebook is: http://www.facebook.com/connect/uiserver.php?app_id=444444444444444&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23%3F%3D%26cb%3Df357eceb0361a8a%26origin%3Dhttp%253A%252F%252Fwww.mysite.com%252Ff38fea4f9ea573%26relation%3Dopener%26transport%3Dpostmessage%26frame%3Df23b800f8a78%26result%3DxxRESULTTOKENxx&display=popup&channel=http%3A%2F%2Fwww.mysite.com%2Ffbtester.php&cancel=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23%3F%3D%26cb%3Df6095a98598be8%26origin%3Dhttp%253A%252F%252Fwww.mysite.com%252Ff38fea4f9ea573%26relation%3Dopener%26transport%3Dpostmessage%26frame%3Df23b800f8a78%26result%3DxxRESULTTOKENxx&locale=en_US&return_session=1&session_version=3&fbconnect=1&canvas=0&legacy_return=1&method=permissions.request Note that the 'Next' variable in the url is: next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23%3F%3D%26cb%3Df357eceb0361a8a%26origin%3Dhttp%253A%252F%252Fwww.mysite.com%252Ff38fea4f9ea573%26relation%3Dopener%26transport%3Dpostmessage%26frame%3Df23b800f8a78%26result%3DxxRESULTTOKENxx Any ideas what could be going wrong? All I've done is copy and paste the facebook login demo code from facebook's website: <?php define('FACEBOOK_APP_ID', 'your application id'); define('FACEBOOK_SECRET', 'your application secret'); function get_facebook_cookie($app_id, $application_secret) { $args = array(); parse_str(trim($_COOKIE['fbs_' . $app_id], '\\"'), $args); ksort($args); $payload = ''; foreach ($args as $key => $value) { if ($key != 'sig') { $payload .= $key . '=' . $value; } } if (md5($payload . $application_secret) != $args['sig']) { return null; } return $args; } $cookie = get_facebook_cookie(FACEBOOK_APP_ID, FACEBOOK_SECRET); ?> <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml"> <body> <?php if ($cookie) { ?> Your user ID is <?= $cookie['uid'] ?> <?php } else { ?> <fb:login-button></fb:login-button> <?php } ?> <div id="fb-root"></div> <script src="http://connect.facebook.net/en_US/all.js"></script> <script> FB.init({appId: '<?= FACEBOOK_APP_ID ?>', status: true, cookie: true, xfbml: true}); FB.Event.subscribe('auth.login', function(response) { window.location.reload(); }); </script> </body> </html> Thanks for the help!

    Read the article

  • Detect base64 encoding in PHP?

    - by Ian Silber
    Is there some way to detect if a string has been base64_encoded() in PHP? We're converting some storage from plain text to base64 and part of it lives in a cookie that needs to be updated. I'd like to reset their cookie if the text has not yet been encoded, otherwise leave it alone.

    Read the article

  • HttpOnly cookies on google app engine java

    - by Spines
    Anyone know how I can use httponly cookies for sessions and cookies on the app engine? In the javadoc for the Cookie class, http://java.sun.com/javaee/6/docs/api/javax/servlet/http/Cookie.html#setHttpOnly(boolean) , there is a setHttpOnly method. I get a compiler error when trying to use it when developing for app engine though. The method was introduced in the Servlet 3.0 spec, so its pretty new.

    Read the article

  • using php's libcurl to register user and upload file to server

    - by tunpishuang
    here is a site http://www.lyrkjsw.gov.cn that can let the registered user to upload file (e.g. images or office files) to the site. i want to register user and upload image to this site using libcurl binding with php. only registered user can upload image. so i use cookiejar stored in c:\cookie.txt after register and use c:\cookie.txt in uploadImg() function . register user is valid but failed to upload image , can anybody know is there any mistake of my code: <? /* options */ //the list url $expUrl='http://www.lyrkjsw.gov.cn/hbcms/user/list_resource.php'; //the user info to be registered $regUser='jiong'; $regPass='jiong'; $regMail='[email protected]'; $regUrl=str_replace('list_resource.php','register.php',$expUrl); // options for image upload $fileDir='@D:\img\b.jpg'; $fileTitle='aaaaaaaaaaaaa'; $fileDesc='aaaaaaaaaaaaadesc'; $uploadImgUrl=str_replace('list_resource.php','add_resource.php',$expUrl); /* register function */ function reg($regurl,$u,$p,$m) { $ch = curl_init(); $options=array( CURLOPT_URL=>$regurl, CURLOPT_RETURNTRANSFER=>true, CURLOPT_POST=>true, CURLOPT_POSTFIELDS=>'mod=register_now&next_url=index.php&addon_app=&referrer_id=&login_name='.$u.'&login_pass='.$p.'&confirm_login_pass='.$p.'&login_email='.$m.'&nickname=&gender=0&qq=&mobile=&telephone=&true_name=&website_name=&website_url=&my_question=&my_answer=', CURLOPT_COOKIESESSION=>true, CURLOPT_HEADER=>true, CURLOPT_COOKIEJAR=>'c:\cookie.txt' ); curl_setopt_array($ch,$options); $data = curl_exec($ch); if(strpos($data,'??')){ printf("register ok :)\n"); curl_close($ch); return true; }else{ printf("register failed:(\n"); curl_close($ch); return false; } } /* image uploading function */ function uploadImg($uploadimgurl,$filedir,$filetitle,$filedesc) { $ch = curl_init(); $options=array( CURLOPT_COOKIEFILE=>'c:\cookie.txt', CURLOPT_URL=>$uploadimgurl, CURLOPT_RETURNTRANSFER=>1, CURLOPT_POST=>1, CURLOPT_POSTFIELDS=>" 'MAX_FILE_SIZE'='33554432'& 'preview_area_id'='upload_file'& 'editor_area_id'='body'& 'js_function'=''& 'resource_id'=''& 'show_top_part'='no'& 'file_1'=$filedir& 'file_title_1'=$filetitle& 'file_desc_1'=$filedesc " ); curl_setopt_array($ch,$options); $data = curl_exec($ch); if(strpos($data,'??')){ printf("upload ok :)\n"); }else{ printf("upload failed :(\n"); } curl_close($ch); } if(reg($regUrl,$regUser,$regPass,$regMail) != false) { uploadImg($uploadImgUrl,$fileDir,$fileTitle,$fileDesc); } http://www.lyrkjsw.gov.cn/hbcms/user/list_resource.php (list file page) http://www.lyrkjsw.gov.cn/hbcms/user/register.php (register page) http://www.lyrkjsw.gov.cn/hbcms/user/add_resource.php (image uploading page)

    Read the article

  • authlogic without cookies, how?

    - by Alexandr Borisov
    G'day, I am developing server application with Ruby on Rails and I'd like to store session token in each request's body. For example {"token":"asdkjahsdoahgfblkasblbag"}. And I am stuck, really don't know how to configure authlogic to handle token from params, not via cookie. And how to prevent "set-cookie" header sending? Thanks, Alexandr

    Read the article

  • Federated Identity- Windows Identity Server - disable cookies in the browser

    - by vinoj
    Hello, I see that Federated Identity stores Security token to a cookie, after its first request to the STS(Secure Token Service). In that case if I disable cookie in my browser, how does it work. Does the authentication module again connects to the STS to retrieve the user information or will it throw any error ? Is there any way that I can use federated authentication cookieless ?

    Read the article

  • webob cookies

    - by dhaval
    I am not able to set cookies using following statements self.request.headers['Cookie'] = 'uniqueid = ',unique_identifier self.request.headers['Cookie'] = 'nickname = ',nickname as self.request.cookies is returning null dictionary in another request. environment is python on google app engine

    Read the article

  • Why do some cookies have a '.' before the domain?

    - by Blankman
    Trying to share cookies accross 2 domains in asp.net, for some reason 1 domain has a '.' before the domain, and the other doesn't. Why is that? e.g: .staging.example.com and staging.example.com Is this something to do with how I create the cookie, or a web.config change? I am not using forms authentication, just creating a cookie manually.

    Read the article

  • Do session use cookies?

    - by Pandiya Chendur
    This is an interview question asked a month ago.... Do session use cookies? If so,how do they do so? Assume Session["UserId"]=1 how does this session variable uses cookies internally? If so, what will be the name of the cookie and what is the value of that cookie....

    Read the article

  • Google Chrome showing javascript security error

    - by Clint
    I need help resolving this Google Chrome Error..."Uncaught Error: SECURITY_ERR: DOM Exception 18" Here is the code. //Get Cookie function get_cookie (cookie_name) { var results = document.cookie.match ( '(^|;) ?' + cookie_name + '=([^;]*)(;|$)' ); if (results) return ( unescape ( results[2] ) ); else return null; }; Many thanks, C

    Read the article

  • Nginx syntax problem '~*'

    - by Joseph Silvashy
    I have at condition checking to see if user has a cookie like this: if ($http_cookie ~* "developer=true" ) { ... } I'm not familiar with the ~* syntax, I assume that that means if it 'contains', but what about the opposite? like what if I wanted to check if $http_cookie doesn't contain that cookie?

    Read the article

  • "Register My Computer" on a website

    - by user279521
    I am working on a secure web site, that will allow the user to register their computer, to avoid answering the primary security questions. Is this just placing a cookie on their machine, and checking to see if the cookie exists? Or do I need to retrieve the client machines ID data?

    Read the article

  • Explaining NULL and Empty to your 6-year old?

    - by Atomiton
    I'm thinking in terms of Objects here. I think it's important to simplify ideas. If you can explain this to a 6-year old, you can teach new programmers the difference. I'm thinking that a cookie object would be apropos: public class Cookie { public string flavor {get; set; } public int numberOfCrumbs { get; set; } }

    Read the article

  • ASP.NET - What happens when a HttpCookie expiration has been crossed

    - by user70192
    Hello, I am creating some cookies in my ASP.NET application. These cookies expire 10 minutes after they have been created. I follow the approach described on MSDN as shown here: http://msdn.microsoft.com/en-us/library/system.web.httpcookie.expires.aspx My question is, when a cookie "expires", what happens? Does the browser automatically delete the cookie? Is it our responsibility as developers to remove the cookies if they exist and have expired? Thank you,

    Read the article

  • How to Login Google webmaster tools with XMLHTTP

    - by darkandcold
    Hello, I have tried so many times but I couldn't get it worked. I am trying to log in google webmaster tools to get Search Queries List (top 20) I used XMLHTTP and AspTear, but no action :(. It says "my browser isnt cookie supported" But how can I log in google webmaster tools via xMLHTTP cookied enables? xmlhttp has any parameter about cookie?

    Read the article

  • Rails page caching and flash messages

    - by KJF
    I'm pretty sure I can page cache the vast majority of my site but the one thing preventing me from doing so is that my flash messages will not show, or they'll show at the wrong time. One thing I'm considering is writing the flash message to a cookie, reading it and displaying it via javascript and clearing the cookie once the message has been displayed. Has anyone had any success doing this or are there better methods? Thanks.

    Read the article

  • Web Form Security

    - by brandon14_99
    I set a cookie in the headers with an md5 hashed keyword. Then in my code, it checks for the exact matching cookie before displaying a form. Is this pretty much pointless? The form submits to an external site, so I am trying to secure the form without using captcha..

    Read the article

  • Hashes or tokens for "remember me" cookies?

    - by Emanuil Rusev
    When it comes to remember me cookies, there are 2 distinct approaches: Hashes The remember me cookie stores a string that can identify the user (i.e. user ID) and a string that can prove that the identified user is the one it pretends to be - usually a hash based on the user password. Tokens The remember me cookie stores a random (meaningless), yet unique string that corresponds with with a record in a tokens table, that stores a user ID. Which approach is more secure and what are its disadvantages?

    Read the article

  • Where does User.Identity data come from?

    - by niaher
    For example: if I am retrieving User.Identity.Name, does it come from .ASPXAUTH cookie or is retrieved from the database using my membership provider? Are any database requests made when I access User.Identity? Thanks. EDIT: Right now I am pretty sure it comes from an authentication ticket cookie, but can't find any official documentation to confirm this. Anyone?

    Read the article

< Previous Page | 27 28 29 30 31 32 33 34 35 36 37 38  | Next Page >