Search Results

Search found 1214 results on 49 pages for 'protection'.

Page 34/49 | < Previous Page | 30 31 32 33 34 35 36 37 38 39 40 41  | Next Page >

  • Are there white lists for Yahoo, Gmail, Hotmail and AOL?

    - by Waleed Eissa
    In my website (under development), the members can send messages to each other which are sent directly to their email, now I'm worried that some members can send spam to other members (I have a spam filter but it doesn't give 100% protection as you know), I'm worried that my domain might get blacklisted on Yahoo, Gmail, Hotmail or AOL which will cause any messages sent from my domain to end up in the spam folder, this is why I want to add the domain of my website to their whitelists (if they exist). P.S. I don't want to use private messages that members check on the site and I have my reason for this. Thanks

    Read the article

  • Remove HTTP headers from a raw response

    - by Ed
    Let's say we make a request to a URL and get back the raw response, like this: HTTP/1.1 200 OK Date: Wed, 28 Apr 2010 14:39:13 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=ISO-8859-1 Set-Cookie: PREF=ID=e2bca72563dfffcc:TM=1272465553:LM=1272465553:S=ZN2zv8oxlFPT1BJG; expires=Fri, 27-Apr-2012 14:39:13 GMT; path=/; domain=.google.co.uk Server: gws X-XSS-Protection: 1; mode=block Connection: close <!doctype html><html><head>...</head><body>...</body></html> What would be the best way to remove the HTTP headers from the response in C#? With regexes? Parsing it into some kind of HTTPResponse object and using only the body? EDIT: I'm using SOCKS to make the request, that's why I get the raw response.

    Read the article

  • .net open auth?

    - by chobo2
    Hi I know stackoverflow uses open authentication. I want to try and use this as well. I am using asp.net mvc 2.0 with C#. I found this http://www.dotnetopenauth.net/ and I am wondering if this is what was used for stackoverflow. Also any tutorials would be nice as well. Edit I am trying to load up some sample projects but when I build it in VS2010 I get Error 6 'System.Diagnostics.Contracts.ContractInvariantMethodAttribute' is inaccessible due to its protection level C:\Users\chobo2\Downloads\DotNetOpenAuth-3.4.6.10357\DotNetOpenAuth-3.4.6.10357\Samples\OpenIdOfflineProvider\TextBoxTextWriter.cs 73 4 OpenIdOfflineProvider Error 7 The type or namespace name 'ContractInvariantMethod' could not be found (are you missing a using directive or an assembly reference?) C:\Users\chobo2\Downloads\DotNetOpenAuth-3.4.6.10357\DotNetOpenAuth-3.4.6.10357\Samples\OpenIdOfflineProvider\TextBoxTextWriter.cs 73 4 OpenIdOfflineProvider

    Read the article

  • Error processing response in .net web service with WSE3 mutualCertificate10Security Assertion

    - by Maeloc
    I am securing a .net web service (framework 2.0) with WSE3 mutualCertificate10Security Assertion. When request are valid all is fine and the response is wellformed, but when the request is invalid (cause a invalid signature, failed check, or soapexception thrown), the web server isn't able to process the response to send to the client. The error in application event log is: An error occured processing an outgoing fault response. Details of the error causing the processing failure: System.InvalidOperationException: Send security filter on the server could not retrieve the operation protection requirements from the operation state. en Microsoft.Web.Services3.Security.SecureConversationServiceSendSecurityFilter.SecureMessage(SoapEnvelope envelope, Security security) en Microsoft.Web.Services3.Security.SendSecurityFilter.ProcessMessage(SoapEnvelope envelope) en Microsoft.Web.Services3.Pipeline.ProcessOutputMessage(SoapEnvelope envelope) en Microsoft.Web.Services3.WseProtocol.GetFilteredResponseEnvelope(SoapEnvelope outputEnvelope) All certificate permissions are OK (when request is OK the web service is able to sign the response). Error occurs only if a soapFault must be returned in the response. Any ideas?

    Read the article

  • protect php result

    - by siko
    hii i had simple php file to protect wmv files from downloading and stolen the file is like this <?php // get-file.php $id = (isset($_GET["id"])) ? strval($_GET["id"]) : "1"; // lookup $url[1] = 'http://mlfat.ledawy.net/Files/eng/moslslat/mosque/1.wmv'; $url[2] = 'URL'; $url[3] = 'URL'; header('Content-Type: text/plain'); echo("$url[$id]"); ?> and i embedd the movies like this http:// mlfat.ledawy.net/Files/eng/moslslat/mosque/mosque.php?id=1 but if you call this link you can find the source url can i have some protection ?? tried a lot of adding a php session variable so that the script can not be accessed directly. thank you

    Read the article

  • Users being forced to re-login randomly, before session and auth ticket timeout values are reached

    - by Don
    I'm having reports and complaints from my user that they will be using a screen and get kicked back to the login screen immediately on their next request. It doesn't happen all the time but randomly. After looking at the Web server the error that shows up in the application event log is: Event code: 4005 Event message: Forms authentication failed for the request. Reason: The ticket supplied has expired. Everything that I read starts out with people asking about web gardens or load balancing. We are not using either of those. We're a single Windows 2003 (32-bit OS, 64-bit hardware) Server with IIS6. This is the only website on this server too. This behavior does not generate any application exceptions or visible issues to the user. They just get booted back to the login screen and are forced to login. As you can imagine this is extremely annoying and counter-productive for our users. Here's what I have set in my web.config for the application in the root: <authentication mode="Forms"> <forms name=".TcaNet" protection="All" timeout="40" loginUrl="~/Login.aspx" defaultUrl="~/MyHome.aspx" path="/" slidingExpiration="true" requireSSL="false" /> </authentication> I have also read that if you have some locations setup that no longer exist or are bogus you could have issues. My path attributes are all valid directories so that shouldn't be the problem: <location path="js"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> <location path="images"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> <location path="anon"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> <location path="App_Themes"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> <location path="NonSSL"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> The only thing I'm not clear on is if my timeout value in the forms property for the auth ticket has to be the same as my session timeout value (defined in the app's configuration in IIS). I've read some things that say you should have the authentication timeout shorter (40) than the session timeout (45) to avoid possible complications. Either way we have users that get kicked to the login screen a minute or two after their last action. So the session definitely should not be expiring. Update 2/23/09: I've since set the session timeout and authentication ticket timeout values to both be 45 and the problem still seems to be happening. The only other web.config in the application is in 1 virtual directory that hosts Community Server. That web.config's authentication settings are as follows: <authentication mode="Forms"> <forms name=".TcaNet" protection="All" timeout="40" loginUrl="~/Login.aspx" defaultUrl="~/MyHome.aspx" path="/" slidingExpiration="true" requireSSL="true" /> </authentication> And while I don't believe it applies unless you're in a web garden, I have both of the machine key values set in both web.config files to be the same (removed for convenience): <machineKey validationKey="<MYVALIDATIONKEYHERE>" decryptionKey="<MYDECRYPTIONKEYHERE>" validation="SHA1" /> <machineKey validationKey="<MYVALIDATIONKEYHERE>" decryptionKey="<MYDECRYPTIONKEYHERE>" validation="SHA1"/> Any help with this would be greatly appreciated. This seems to be one of those problems that yields a ton of Google results, none of which seem to be fitting into my situation so far.

    Read the article

  • Penalty clause on programming contract

    - by Everyone
    I am considering the move to the other side of development, as a contract programmer. SO has given me a good few hints on the kind of figures to quote ( and why ), and a few points to bear in mind such as Non-competition and [IP Protection] Having worked as a programmer for a while, I know that a few reasons for deadline delays may be - Estimates can be all over the place both from the Contractor, and the Job provider Things like bandwidth bottlenecks, merge for high-impact code etc Clarification time on provided requirements... etc If you have worked as a contract programmer then How frequently do you encounter a penalty/forfeit clause in your agreement? What do you deem unacceptable in the penalty/forfeit clause?

    Read the article

  • Can I make controls defined in my markup public instead of protected

    - by RoboShop
    Say I have a web site with a master page and an aspx page. In my ASPX page, I am pointing to my masterpage with the MasterType tag. <%@ MasterType VirtualPath="~/mymasterpage.master" % Say, I've defined a label in the markup of my master page. If you look at the designer code, this label should be something like this. protected global::System.Web.UI.WebControls.Label label1; Now in my content page, I would like to reference this label. If I type in this "Master.label1", the complier will complain that the control is inaccessible due to the protection level" and rightly so, as label1 is automatically defined as "protected". My question is, if I define controls in my markup page, is it possible to set these controls as public instead of protected? I do not see an attribute for it. thanks in advance.

    Read the article

  • ASP.NET Page Unauthorization for common pages

    - by Mahesh
    Hi I am developing a web application which has form based authentication. All pages needs to be authenticated except AboutUs and ContactUs pages. I configured everything correct except AboutUs and ContactUs pages. Since I am denying all users in authorization section, application is redirecting even if the customer browse AboutUs and ContactUs pages. Configuration Rules <authentication mode= "Forms"> <forms name=".ASPXAUTH" loginUrl="Login.aspx" timeout="20" protection="All" slidingExpiration="true" /> </authentication> <authorization> <deny users="?" /> </authorization> Could you please let me know how can I tell asp.net to remove these pages for authorization?? Thanks, Mahesh

    Read the article

  • Protect .NET assemblies from decomplie

    - by Holli
    One if the first things I learned when I started with C# was the most important one. You can decompile any .NET assembly with Reflector or other tools. Many developers are not aware of this fact and most of them are shocked when I show them their source code. Protection against decompilation is still a difficult task. I am still looking for a fast, easy and secure way to do it. I don't want to obfuscate my code so my method names will be a,b,c or so. Reflector or other tools should be unable to recognize my application as .NET assembly at all. I know about some tools already but they are very expensive. Is there any other way to protect my applications?

    Read the article

  • Prevent query string manipulation by adding a hash?

    - by saille
    To protect a web application from query string manipulation, I was considering adding a query string parameter to every url which stores a SHA1 hash of all the other query string parameters & values, then validating against the hash on every request. Does this method provide strong protection against user manipulation of query string values? Are there any other downsides/side-effects to doing this? I am not particularly concerned about the 'ugly' urls for this private web application. Url's will still be 'bookmarkable' as the hash will always be the same for the same query string arguments. This is an ASP.NET application.

    Read the article

  • My jquery AJAX POST requests works without sending an Authenticity Token (Rails)

    - by dchua
    Hi all, Is there any provisions in rails that would allow all AJAX POST requests from the site to pass without an authenticity_token? I have a Jquery POST ajax call that calls a controller method, but I did not put any authenticity code in it and yet the call succeeds. My ApplicationController does have 'request_forgery_protection' and I've changed config.action_controller.consider_all_requests_local to false in my environments/development.rb I've also searched my code to ensure that I was not overloading ajaxSend to send out authenticity tokens. Is there some mechanism in play that disables the check? Now I'm not sure if my CSRF protection is working or not. I'm using Rails 2.3.5.

    Read the article

  • ASP.Net Web Forms LoginStatus Multiple LoginURL - suggestions?

    - by TGuimond
    Hi Guys, I am developing a multi-lingual website. I am determining the requested language via a querystring variable eg: http://mydomain.com/default.aspx?lang=en I am using two <asp:LoginStatus /> controls in my masterpage. My web.config file is set up like this for forms authentication. <authentication mode="Forms"> <forms loginUrl="~/login.aspx" protection="All" timeout="30" name=".ASPXAUTH" path="/" requireSSL="false" slidingExpiration="true" defaultUrl="default.aspx" cookieless="UseDeviceProfile" enableCrossAppRedirects="false"/> </authentication> Currently when you click on a <asp:LoginStatus /> you will be redirected to my login page and the url will look something like this: http://mydomain.com/login.aspx?ReturnUrl=%2fdefault.aspx%3flang%3den What solutions are available to me so that I can append my lang variable to my login.aspx? depending on which language is currently active?

    Read the article

  • How to implement a good system for login/out into a webapp

    - by Brandon Wang
    I am one of the developers at PassPad, a secure password generator and username storage system. We're still working on it, but I have a few questions on the best way to implement a secure login/out system. Right now, what we plan on doing is to have the login system save a cookie with the username and a session key, and that's all that serves as authentication. The server verifies the two to match. Upon login/out a new key is created. This is a security-related webapp and while we don't actually store any information that might make the user queasy, because it is security-oriented it makes it a necessity for us to at least appear secure in a way that the user would be happy with. Is there a better way to implement a login/out system in PHP? Preferably it won't take too much coding time or server resources. Is there anything else I need to implement, like brute-force protection, etc? How would I go about that?

    Read the article

  • App not shown in 2.1 Market

    - by an
    I published several free and paid app in the Market. I recently get several complains from customers about not finding my app in the 2.1 Market. Even if they have bought them before, they can't find it in the market or their download list after updating to 2.1. Can anyone tell me what the problem is? My apps only require minimal SDK 3.. Thanks a lot!! Update: It looks like that they are not shown because they have copy protection enabled. Is this a bug in the Market?

    Read the article

  • Prevent Casual Piracy for Simple Utility

    - by Chad
    I've written a small utility that I wish to sell for less than $10. My primary concern is "casual piracy". The scenario that plays out in my mind is this: User buys the program, enjoys using it and tells their friends. The friends copy the application to their USB drives and take it home - using the application for free (maybe never realizing they should have purchased it. Since I've got absolutely no protection built in, it would just be a simple copy'n paste to pirate the app. The users who would be using the app are in close proximity to each other (work in the same environment), so casual piracy would likely occur frequently. Any ideas? Keeping in mind the app is cheap (partly to reduce casual piracy), and the level of effort to write the app hasn't been very demanding. Update: the app will run on any system that supports .NET 3.5.

    Read the article

  • Xss redirect and cookies

    - by user1824906
    I found Active XSS on one site. I need to steal cookies and after it to make redirect on other site. This site has a non-frame protection I tried to put "><script src='http://site.ru/1.js' /></script>" http://site.ru/1.js contains: img = new Image(); img.src = "http:/sniffer.com/nasdasdnu.gif?"+document.cookie; var URL = "http://images.cards.mail.ru/11bolprivet.jpg" var speed = 100; function reload() { document.location = URL } setTimeout("reload()", speed); But it doesn't work=\ Any help?

    Read the article

  • Check whether Excel file is Password protected

    - by Torben Klein
    I am trying to open an Excel (xlsm) file via VBA. It may or may not be protected with a (known) password. I am using this code: On Error Resume Next Workbooks.Open filename, Password:=user_entered_pw opened = (Err.Number=0) On Error Goto 0 Now, this works fine if the workbook has a password. But if it is unprotected, it can NOT be opened. Apparently this is a bug in XL2007 if there is also workbook structure protection active. (http://vbaadventures.blogspot.com/2009/01/possible-error-in-excel-2007.html). On old XL2003, supplying a password would open both unprotected and password protected file. I tried: Workbooks.Open filename, Password:=user_entered_pw If (Err.Number <> 0) Then workbooks.open filename This works for unprotected and protected file. However if the user enters a wrong password it runs into the second line and pops up the "enter password" prompt, which I do not want. How to get around this?

    Read the article

  • My multithread program works slowly or appear deadlock on dual core machine, please help

    - by Shangping Guo
    I have a program with several threads, one thread will change a global when it exits itself and the other thread will repeatedly poll the global. No any protection on the globals. The program works fine on uni-processor. On dual core machine, it works for a while and then halt either on Sleep(0) or SuspendThread(). Would anyone be able to help me out on this? The code would be like this: Thread 1: do something... while(1) { ..... flag_thread1_running=false; SuspendThread(GetCurrentThread()); continue; } Thread 2 .... while(flag_thread1_running==false) Sleep(0); ....

    Read the article

  • Looking for a safe, portable password-storage method

    - by Maciek
    Hello, I'm working on C++ project that is supposed to run on both Win32 and Linux, the software is to be deployed to small computers, usually working in remote locations. Recently, our client has requested that we introduce access control via password protection. We are to meet the following criteria : Support remote login Support remote password change Support remote password retrieval Support data retrieval on accidental/purposeful deletion Support secure storage I'm capable of meeting the "remote" requirements using an existing library, however what I do need to consider is a method of storing this data, preferably in a way that will work on both platforms and will not let the user see it/read it, encryption is not the issue here - it's the storage method itself. Can anyone recommend a sage storage method that could help me meet those criteria?

    Read the article

  • Check wether Excel file is Password protected

    - by Torben Klein
    I am trying to open an Excel (xlsm) file via VBA. It may or may not be protected with a (known) password. I am using this code: On Error Resume Next Workbooks.Open filename, Password:=user_entered_pw opened = (Err.Number=0) On Error Goto 0 Now, this works fine if the workbook has a password. But if it is unprotected, it can NOT be opened. Apparently this is a bug in XL2007 if there is also workbook structure protection active. (http://vbaadventures.blogspot.com/2009/01/possible-error-in-excel-2007.html). On old XL2003, supplying a password would open both unprotected and password protected file. I tried: Workbooks.Open filename, Password:=user_entered_pw If (Err.Number <> 0) Then workbooks.open filename This works for unprotected and protected file. However if the user enters a wrong password it runs into the second line and pops up the "enter password" prompt, which I do not want. How to get around this?

    Read the article

  • Is it a good idea to use .Net for commercial software?

    - by user146780
    I was playing around with .Net reflector today and realized that Miicrosoft's entire Expression suite is written in .Net. As a result I was pretty much able to see the underlying code for expression. This makes it far easier than binary to break copy protection. I think that that's a big deal. Is it generally recommended to make commercial software in .Net where it is fairly easy to see the source code down to the variable names? I was surprised that Microsoft didn't at least dotfescate it. Thanks

    Read the article

  • How secure is a PostgreSQL database if my server is stolen?

    - by orokusaki
    If I have a server with a database if top secret data in PostgreSQL and my password is practically impossible to crack (128 character string of all sorts of weird chars, generated by hand). The server password is also uncrackable in theory (basically, ignore the possibility of a password crack on the DB). Aside from a password crack, how easy is it to get the data out of this database? Assumptions: Only the DB exists on the server. There is no password in a PHP script or anything like that The person who has the server is a computer / DB / hard-drive recovery expert I'm not using any hard-drive encryption or anything out of the norm for protection I'm trying to understand the risks involved with somebody gaining physical access to my server's hard-drives.

    Read the article

  • Rails3 and safe nl2br !

    - by arkannia
    Hi, I have a system for the users to be able to post comments. The comments are grasped into a textarea. My problem is to format the comments with br tag to replace \n In fact, i could do something like that s.gsub(/\n/, '<br />') But the xss protection including in rails escapes br tags. So i could do this s.gsub(/\n/, '<br />').html_safe But then, all the tags are accepted even script.... causing a big security problem So my question is : how to format text with br safely ? Thanks EDIT: For now, i have add this def sanitaze self.gsub(/(<.*?>)/, '') end def nl2br self.sanitaze.gsub(/\n/, '<br />').html_safe end

    Read the article

  • Access &lt;body element from content page via a nested master page

    - by danwellman
    All I want to do is access the <body element from the code-behind of a content page and add a class name to it. I have a top-level master page with the <body element in it. Then I have a nested master page which is the master page for the content page. From the code behind of the content page I want to add a class name to the body element. That's all. I have this in the top-level master: <body id="bodyNode" runat="server"> I added this to the code-behind for the content page: Master.bodyNode.Attributes.add("class", "home-page"); And I get a message that: System.Web.UI.MasterPage' does not contain a definition for 'bodyNode If I add this to the aspx content page: <% @ MasterType VirtualPath="~/MasterPage.master"%> The message then changes to: bodyNode is inaccessible due to its protection level Please advise, I've wasted like 2 hours on what feels like something that should be really simple to do :(

    Read the article

< Previous Page | 30 31 32 33 34 35 36 37 38 39 40 41  | Next Page >