Search Results

Search found 1054 results on 43 pages for 'the secret imbecile'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 35/43 | < Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >

  • How to get rid of the GUI access from shared library.

    - by Inso Reiges
    Hello, In my project i have a shared library with cross-platform code that provides a very convenient abstraction for a number of its clients. To be more specific, this library provides data access to encrypted files generated by main application on a number of platforms. There is a great deal of complicated code there that implements cryptographic protocols and as such is very error-prone and should be shared as much as possible across clients and platforms. However parsing all this encrypted stuff requires asking user for a number of different secrets ones in a while. The secret can be either a password, a number of shared passwords or a public key file and this list is a hot target for extension in the future. I can't really ask the user for any of those secrets beforehand from main application, because i really don't know what i need to ask for until i start working with the encrypted data directly in the library code. So i will have to create dialogs and call them from the library code. However i really see this as a bad idea, because (among other things) there is a possibility of a windows service using it and services can't have GUI access. The question is, are there any known ways or patterns to get rid of the GUI calls that are suitable for my case? Thank you.

    Read the article

  • Error getting twitter request token using OAuth and PEAR Services_Twitter

    - by Onema
    Hello, I am moving from the basic authentication method using username and password to the OAuth based authentication. I was using an old version of the pear package Services_Twitter, that did not support OAuth. The latest version of this package supports OAuth authentications, it has a few dependencies (HTTP_Request2, HTTP_OAuth). It was very simple to install them and upgrade the package. I did all this my local machine and had no trouble getting the authentication up and running. I committed this code to the test site, but every time the code request a "request token" I get the following error message "Unable to connect to ssl://api.twitter.com:443. Error #0" I have spend 6 hours making sure that all the pear packages where up to date, checking the customer token and token secret, making sure port 443 is not closed... in addition to various other test. I have exhausted my resources and I come to you in hope to find some answers. Thank you PD: One of the things I do not understand is why does the message says that the url is ssl://api.twitter.com:443 rather than https://api.twitter.com/request_token? the former one is the one I am using to get the request token.

    Read the article

  • Facebook Connect for simple authentication?

    - by Starnzy
    Hi I have an ASP.net website which I want to introduce 'Facebook Connect' functionality into, purely for account login/creation purposes. I want a user to be able to click the 'Login using Facebook' type button, and to then log that user into my website based on a userid lookup from the Facebook response. I have a couple of questions surrounding this: Presumeably I can do all of this using the Facebook API - without the need for an actual pretty public facing 'application' on Facebook? I simply want to utilise the Facebook API for authenticating an account. I'm not interested in creating some app for doing something 'within' facebook itself. I have located some code snippets online and tried using the Facebook Developer Toolkit, calling the getInfo method, and whilst it does come back to my website with a uid, none of the other user information is present within the response, like Email, Name etc. The uid is the only populated field in the response. Here is the code I use: if (ConnectAuthentication.isConnected()) { API api = new API(); api.ApplicationKey = ConnectAuthentication.ApiKey; api.SessionKey = ConnectAuthentication.SessionKey; api.Secret = ConnectAuthentication.SecretKey; api.uid = ConnectAuthentication.UserID; //Display user data captured from the Facebook API. facebook.Schema.user facebookUser = null; try { facebookUser = api.users.getInfo(); User user = new User(); user.FacebookUser = facebookUser; user.IsFacebookUser = true; return user; } catch { return null; } } else { return null; } Can anyone please help with either/both of these queries? Thanks in advance...

    Read the article

  • Help needed in grokking password hashes and salts

    - by javafueled
    I've read a number of SO questions on this topic, but grokking the applied practice of storing a salted hash of a password eludes me. Let's start with some ground rules: a password, "foobar12" (we are not discussing the strength of the password). a language, Java 1.6 for this discussion a database, postgreSQL, MySQL, SQL Server, Oracle Several options are available to storing the password, but I want to think about one (1): Store the password hashed with random salt in the DB, one column Found on SO and elsewhere is the automatic fail of plaintext, MD5/SHA1, and dual-columns. The latter have pros and cons MD5/SHA1 is simple. MessageDigest in Java provides MD5, SHA1 (through SHA512 in modern implementations, certainly 1.6). Additionally, most RDBMSs listed provide methods for MD5 encryption functions on inserts, updates, etc. The problems become evident once one groks "rainbow tables" and MD5 collisions (and I've grokked these concepts). Dual-column solutions rest on the idea that the salt does not need to be secret (grok it). However, a second column introduces a complexity that might not be a luxury if you have a legacy system with one (1) column for the password and the cost of updating the table and the code could be too high. But it is storing the password hashed with a random salt in single DB column that I need to understand better, with practical application. I like this solution for a couple of reasons: a salt is expected and considers legacy boundaries. Here's where I get lost: if the salt is random and hashed with the password, how can the system ever match the password? I have theory on this, and as I type I might be grokking the concept: Given a random salt of 128 bytes and a password of 8 bytes ('foobar12'), it could be programmatically possible to remove the part of the hash that was the salt, by hashing a random 128 byte salt and getting the substring of the original hash that is the hashed password. Then re hashing to match using the hash algorithm...??? So... any takers on helping. :) Am I close?

    Read the article

  • Music meta missing from Facebook /home

    - by Peter Watts
    When somebody shares a Spotify playlist, the attachment is missing from the Graph API. What is shown in Facebook: What is returned by the Graph API: { "id": "********_******", "from": { "name": "*****", "id": "*****" }, "message": "Refused's setlist from last night's secret show in Sweden...", "icon": "http://photos-c.ak.fbcdn.net/photos-ak-snc1/v85005/74/174829003346/app_2_174829003346_5511.gif", "actions": [ { "name": "Comment", "link": "http://www.facebook.com/*****/posts/*****" }, { "name": "Like", "link": "http://www.facebook.com/*****/posts/*****" }, { "name": "Get Spotify", "link": "http://www.spotify.com/redirect/download-social" } ], "type": "link", "application": { "name": "Spotify", "canvas_name": "get-spotify", "namespace": "get-spotify", "id": "174829003346" }, "created_time": "2012-03-01T22:24:28+0000", "updated_time": "2012-03-01T22:24:28+0000", "likes": { "data": [ { "name": "***** *****", "id": "*****" } ], "count": 1 }, "comments": { "count": 0 }, "is_published": true } There's absolutely no reference to an attachment, other than the fact the type is 'link' and the application is Spotify. If you want to test, Spotify's page (http://graph.facebook.com/spotify/feed) usually has a playlist or two embedded (and missing from Graph API). Also if you filter your home feed to just Spotify stories (http://graph.facebook.com/me/home?filter=app_174829003346), you'll get a bunch of useless stories without attachments (assuming your friends shared music recently) Anyone have any ideas how to access the playlist details, or is it unavailable to third party developers (if so, this is a very a bad user experience, because the story makes no sense without the attachment). I am able to fetch scrobbles without any trouble using the user_actions.listens. Also, if there is a recent activity story, e.g. "Peter listened to The Shins", I am able to get information about the band. The problem only happens on attachments.

    Read the article

  • Django Testing: Faking User Creation

    - by Ygam
    I want to better write this test: def test_profile_created(self): self.client.post(reverse('registration_register'), data={ 'username':'ygam', 'email':'[email protected]', 'password1':'ygam', 'password2':'ygam' }) """ Test if a profile is created on save """ user = User.objects.get(username='ygam') self.assertTrue(UserProfile.objects.filter(user=user).exists()) and I just came upon this code on django-registration tests that does not actually "create" the user: def test_registration_signal(self): def receiver(sender, **kwargs): self.failUnless('user' in kwargs) self.assertEqual(kwargs['user'].username, 'bob') self.failUnless('request' in kwargs) self.failUnless(isinstance(kwargs['request'], WSGIRequest)) received_signals.append(kwargs.get('signal')) received_signals = [] signals.user_registered.connect(receiver, sender=self.backend.__class__) self.backend.register(_mock_request(), username='bob', email='[email protected]', password1='secret') self.assertEqual(len(received_signals), 1) self.assertEqual(received_signals, [signals.user_registered]) However he used a custom function for this "_mock_request": class _MockRequestClient(Client): def request(self, **request): environ = { 'HTTP_COOKIE': self.cookies, 'PATH_INFO': '/', 'QUERY_STRING': '', 'REMOTE_ADDR': '127.0.0.1', 'REQUEST_METHOD': 'GET', 'SCRIPT_NAME': '', 'SERVER_NAME': 'testserver', 'SERVER_PORT': '80', 'SERVER_PROTOCOL': 'HTTP/1.1', 'wsgi.version': (1,0), 'wsgi.url_scheme': 'http', 'wsgi.errors': self.errors, 'wsgi.multiprocess':True, 'wsgi.multithread': False, 'wsgi.run_once': False, 'wsgi.input': None, } environ.update(self.defaults) environ.update(request) request = WSGIRequest(environ) # We have to manually add a session since we'll be bypassing # the middleware chain. session_middleware = SessionMiddleware() session_middleware.process_request(request) return request def _mock_request(): return _MockRequestClient().request() However, it may be too long of a function for my needs. I want to be able to somehow "fake" the account creation. I have not much experience on mocks and stubs so any help would do. Thanks!

    Read the article

  • How can I validate/secure/authenticate a JavaScript-based POST request?

    - by Bungle
    A product I'm helping to develop will basically work like this: A Web publisher creates a new page on their site that includes a <script> from our server. When a visitor reaches that new page, that <script> gathers the text content of the page and sends it to our server via a POST request (cross-domain, using a <form> inside of an <iframe>). Our server processes the text content and returns a response (via JSONP) that includes an HTML fragment listing links to related content around the Web. This response is cached and served to subsequent visitors until we receive another POST request with text content from the same URL, at which point we regenerate a "fresh" response. These POSTs only happen when our cached TTL expires, at which point the server signifies that and prompts the <script> on the page to gather and POST the text content again. The problem is that this system seems inherently insecure. In theory, anyone could spoof the HTTP POST request (including the referer header, so we couldn't just check for that) that sends a page's content to our server. This could include any text content, which we would then use to generate the related content links for that page. The primary difficulty in making this secure is that our JavaScript is publicly visible. We can't use any kind of private key or other cryptic identifier or pattern because that won't be secret. Ideally, we need a method that somehow verifies that a POST request corresponding to a particular Web page is authentic. We can't just scrape the Web page and compare the content with what's been POSTed, since the purpose of having JavaScript submit the content is that it may be behind a login system. Any ideas? I hope I've explained the problem well enough. Thanks in advance for any suggestions.

    Read the article

  • Fast CGI, Lighttpd, Ubuntu

    - by Gosh
    Is this log file familiar to someone of UBUNTU users? Lighttpd log file: > 2009-08-30 21:37:45: (log.c.75) server started > 2009-08-30 21:37:45: (mod_fastcgi.c.1029) the fastcgi-backend php5-cgi *failed* to start: > 2009-08-30 21:37:45: (mod_fastcgi.c.1033) *child exited with status 9 php5-cgi* > 2009-08-30 21:37:45: (mod_fastcgi.c.1036) If you're trying to run PHP as a FastCGI backend, make sure you're using the FastCGI-enabled version. > You can find out if it is the right one by executing 'php -v' and it should display '(cgi-fcgi)' in the output, NOT '(cgi)' NOR '(cli)'. > For more information, check http://trac.lighttpd.net/trac/wiki/Docs%3AModFastCGI#preparing-php-as-a-fastcgi-programIf this is PHP on Gentoo, add 'fastcgi' to the USE flags. > 2009-08-30 21:37:45: (mod_fastcgi.c.1340) [ERROR]: *spawning fcgi failed*. > 2009-08-30 21:37:45: (server.c.908) Configuration of plugins failed. Going down. Please open a secret how did you solved fcgi problem and made lighttpd to start, if you did. Thx, Gosh.

    Read the article

  • Dealing with Try/Catch Exceptions in Java bytecode? ("stack height inconsistent")

    - by Cogwirrel
    I am trying to do some error handling in java bytecode. I first tried to implement some catch-like subroutines, where I would check for the error condition, and jump to the appropriate subroutine, a little like: iconst_1 iconst_0 dup ifeq calldiverr goto enddivtest calldiverr: jsr divError enddivtest: idiv ...More instructions... divError: getstatic java/lang/System/out Ljava/io/PrintStream; ldc "Oh dear you divided by 0!" invokevirtual java/io/PrintStream/print(Ljava/lang/String;)V The problem with the above is that when I have multiple instructions that jump to this subroutine, I get an error message when running the bytecode, saying that the stack height is inconsistent. Perhaps using exceptions is the best way to get around this? From some googling I have found that you can create instances of Exception classes and initialise them with something like: new java/lang/Exception dup ldc "exception message!" invokespecial java/lang/Exception/<init>(Ljava/lang/String;)V I have also found that you can throw them with athrow and this seems ok. What is confusing me however is exactly how exceptions are caught. There seems to be a magical "Exception table" which glues the throwing and catching of exceptions together, but I do not know how to define one of these when writing bytecode from scratch (and assembling using Jasmin). Can somebody tell me the secret of creating an exception table? And possibly give me an example of exception handling that will assemble with jasmin?

    Read the article

  • Facebook Application with PHP running loosing session

    - by ArneRie
    Iam trying to build an Facebook Application based on PHP. The Application is running under php on my own Webhost inside an Canvas as iFrame. I have included the newest Client Library for PHP from Facebook: facebook-php-sdk-94fcb13 To Authorize the user inside my application iam trying to use Facebook Connect, like the example shipped with the Client. Everything works fine the 1st Login, but when i hit the F5 Key to reload the page, the session is lost and i have to login again. When i call my application outside of the Facebook Canvas everything is fine. Iam not sure, but i think my Browser (Chrome/FireFox - Ubuntu) is not allowing to store an cookie inside an iFrame. Does someone knows an solution for this Problem? Here are some Parts of the Sourcecode: $facebook = new Facebook(array( 'appId' => 'x', 'secret' => 'x', 'cookie' => 'true', )); $session = $facebook->getSession(); $facebook->setSession($session); $me = null; // Session based API call. if ($session) { try { $uid = $facebook->getUser(); $me = $facebook->api('/me'); } catch (FacebookApiException $e) { error_log($e); } } // login or logout url will be needed depending on current user state. if ($me) { $logoutUrl = $facebook->getLogoutUrl(); } else { $loginUrl = $facebook->getLoginUrl(); }

    Read the article

  • facebook: why I can't send email from app to user?

    - by flybywire
    I can't send email to my app users, even though I have the permissions. I am working with the java library, although I don't think it is related to that. long uid = ...; Collection<Long> uids = new ArrayList<Long>(); uids.add(uid); FacebookXmlRestClient client = new FacebookXmlRestClient(api, secret); boolean sendEmailPerm = client.users_hasAppPermission(Permission.EMAIL,uid); System.out.println("Can send email: "+ sendEmailPerm); Collection<String> sent = client.notifications_sendTextEmail(uids, "subject", "body"); System.out.println("Succesfully sent email to: "+sent); sent = client.notifications_sendFbmlEmail(uids, "subject", "body"); System.out.println("Succesfully sent email to: "+sent); I am trying both with fbml and text email. I can also obtain the user's proxied_email property but when I send email to that address with my regular mail client is doesn't arrive. The output is: Can send email: true Succesfully sent email to: [] Succesfully sent email to: []

    Read the article

  • Automated testing for Facebook SDK wrapper

    - by Andree
    Hi there! In my Facebook application, I have one Facebook wrapper class to encapsulates some call to Facebook API. I want to to write a unit test for this wrapper class, but since it depends on a so called "access token", which we should get from Facebook dynamically, I'm not sure if it's possible to write one. But apparently the Facebook SDK itself has a PHPUnit test class. After studying the test code for a while, I know that involves a creation of dummy cookie-based session key. private static $VALID_EXPIRED_SESSION = array( 'access_token' => '254752073152|2.I_eTFkcTKSzX5no3jI4r1Q__.3600.1273359600-1677846385|uI7GwrmBUed8seZZ05JbdzGFUpk.', 'expires' => '1273359600', 'secret' => '0d9F7pxWjM_QakY_51VZqw__', 'session_key' => '2.I_eTFkcTKSzX5no3jI4r1Q__.3600.1273359600-1677846385', 'sig' => '9f6ae89510b30dddb3f864f3caf32fb3', 'uid' => '1677846385' ); . . . $cookieName = 'fbs_' . self::APP_ID; $session = self::$VALID_EXPIRED_SESSION; $_COOKIE[$cookieName] = '"' . http_build_query($session) . '"'; What I don't understand is, how do I get the "access_token", "sig", "session_key" etc? As far as I'm concerned, it should be dynamically exchanged from Facebook and involves user action (logging in).

    Read the article

  • HTML5 Shiv not parsing quick enough

    - by Mikey Hogarth
    One of our web designers is working on a site at the moment and is using HTML5 elements, which she styles up in older browsers using the well documented Html5Shiv; http://css-tricks.com/html5-innershiv/ She reported some pretty weird behavior today and it looks like this is the cause. Initially it was very confusing, and went something along the lines of; "The page looks fine, I refresh it looks fine, refresh several times and occasionally it will not apply my styles to the HTML5 elements" Current best theory is that the shiv is not kicking in quick enough, and the page loads before the new elements have been registered. I was wondering if anyone could suggest a surefire way of including the shiv and making sure it's loaded and been parsed BEFORE the rest of the elements, so they will definitely get styled. EDIT (more info) Shiv is being included in the head, directly below the title/meta tags; <!--[if IE]> <script type="text/javascript" src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script> <![endif]--> The bit that is being styled is in the footer and is cross-site. Many of the pages will change in size as they're being powered by a CMS that our marketing team will use so I am unable to give an exact page size. All I would say is that if page size is an issue and there is no workaround, can someone let me know as this will mean we basically can't use HTML5 on this project (or at the very least we'll need to add superflous markup such as divs to ensure that the layout doesn't go crazy) EDIT 2 There is no chance of me posting the code unfortunately - it's only re-creatable under really obscure circumstances and the project is marked "top secret" at the moment :( If nobody knows then I'm guessing it's either a case of "everyone knows it happens but kinda ignores it" or just that it's something else other than the shiv.

    Read the article

  • What is the optimum way to secure a company wide wiki?

    - by Mark Robinson
    We have a wiki which is used by over half our company. Generally it has been very positively received. However, there is a concern over security - not letting confidential information fall into the wrong hands (i.e. competitors). The default answer is to create a complicated security matrix defining who can read what document (wiki page) based on who created it. Personally I think this mainly solves the wrong problem because it creates barriers within the company instead of a barrier to the external world. But some are concerned that people at a customer site might share information with a customer which then goes to the competitor. The administration of such a matrix is a nightmare because (1) the matrix is based on department and not projects (this is a matrix organisation), and (2) because in a wiki all pages are by definition dynamic so what is confidential today might not be confidential tomorrow (but the history is always readable!). Apart from the security matrix, we've considered restricting content on the wiki to non super secret stuff, but off course that needs to be monitored. Another solution (the current) is to monitor views and report anything suspicious (e.g. one person at a customer site having 2000 views in two days was reported). Again - this is not ideal because this does not directly imply a wrong motive. Does anyone have a better solution? How can a company wide wiki be made secure and yet keep its low threshold USP? BTW we use MediaWiki with Lockdown to exclude some administrative staff.

    Read the article

  • jQuery $.getJSON - How do I parse a flickr.photos.search REST API call?

    - by Chad
    Trying to adapt the $.getJSON Flickr example: $.getJSON("http://api.flickr.com/services/feeds/photos_public.gne?tags=cat&tagmode=any&format=json&jsoncallback=?", function(data){ $.each(data.items, function(i,item){ $("<img/>").attr("src", item.media.m).appendTo("#images"); if ( i == 3 ) return false; }); }); to read from the flickr.photos.search REST API method, but the JSON response is different for this call. Click here to see the JSON response. This is what I've done so far: var url = "http://api.flickr.com/services/rest/?method=flickr.photos.search&api_key=9322c53dde3b36bda33f79c16bb99104&tags=yokota+air+base&safe_search=1&per_page=20"; var src; $.getJSON(url + "&format=json&jsoncallback=?", function(data){ $.each(data.photos, function(i,item){ src = "http://farm"+ item.photo.farm +".static.flickr.com/"+ item.photo.server +"/"+ item.photo.id +"_"+ item.photo.secret +"_m.jpg"; $("<img/>").attr("src", src).appendTo("#images"); if ( i == 3 ) return false; }); }); I guess I'm not building the image src correctly. Couldn't find any documentation on how to build the image src, based on what the JSON response is. How do you parse a flickr.photos.search REST API call?

    Read the article

  • 401 Unauthorized returned on GET request (https) with correct credentials

    - by Johnny Grass
    I am trying to login to my web app using HttpWebRequest but I keep getting the following error: System.Net.WebException: The remote server returned an error: (401) Unauthorized. Fiddler has the following output: Result Protocol Host URL 200 HTTP CONNECT mysite.com:443 302 HTTPS mysite.com /auth 401 HTTP mysite.com /auth This is what I'm doing: // to ignore SSL certificate errors public bool AcceptAllCertifications(object sender, System.Security.Cryptography.X509Certificates.X509Certificate certification, System.Security.Cryptography.X509Certificates.X509Chain chain, System.Net.Security.SslPolicyErrors sslPolicyErrors) { return true; } try { // request Uri uri = new Uri("https://mysite.com/auth"); HttpWebRequest request = (HttpWebRequest)WebRequest.Create(uri) as HttpWebRequest; request.Accept = "application/xml"; // authentication string user = "user"; string pwd = "secret"; string auth = "Basic " + Convert.ToBase64String(System.Text.Encoding.Default.GetBytes(user + ":" + pwd)); request.Headers.Add("Authorization", auth); ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(AcceptAllCertifications); // response. HttpWebResponse response = (HttpWebResponse)request.GetResponse(); // Display Stream dataStream = response.GetResponseStream(); StreamReader reader = new StreamReader(dataStream); string responseFromServer = reader.ReadToEnd(); Console.WriteLine(responseFromServer); // Cleanup reader.Close(); dataStream.Close(); response.Close(); } catch (WebException webEx) { Console.Write(webEx.ToString()); } I am able to log in to the same site with no problem using ASIHTTPRequest in a Mac app like this: NSURL *login_url = [NSURL URLWithString:@"https://mysite.com/auth"]; ASIHTTPRequest *request = [ASIHTTPRequest requestWithURL:login_url]; [request setDelegate:self]; [request setUsername:name]; [request setPassword:pwd]; [request setRequestMethod:@"GET"]; [request addRequestHeader:@"Accept" value:@"application/xml"]; [request startAsynchronous];

    Read the article

  • Did anyone have this issue with a simple Facebook app or know how to solve it?

    - by Jian Lin
    I have a really simple few lines of Facebook app, using the new Facebook API: <pre> <?php require 'facebook.php'; // Create our Application instance. $facebook = new Facebook(array( 'appId' => '117676584930569', 'secret' => '**********', // hidden here on the post... 'cookie' => true, )); var_dump($facebook); ?> but it is giving me the following output: http://apps.facebook.com/woolaladev/i2.php would give out object(Facebook)#1 (6) { ["appId:protected"]=> string(15) "117676584930569" ["apiSecret:protected"]=> string(32) "**********" <--- just hidden on this post ["session:protected"]=> NULL ["sessionLoaded:protected"]=> bool(false) ["cookieSupport:protected"]=> bool(true) ["baseDomain:protected"]=> string(0) "" } Session is NULL for some reason, but I am logged in and can access my home and profile and run other apps on Facebook (to see that I am logged on). I am following the sample on: http://github.com/facebook/php-sdk/blob/master/examples/example.php http://github.com/facebook/php-sdk/blob/master/src/facebook.php (download using raw URL: wget http://github.com/facebook/php-sdk/raw/master/src/facebook.php ) Trying on both hosting companies at dreamhost.com and netfirms.com, and the results are the same.

    Read the article

  • Facebook Application with PHP running losing session

    - by ArneRie
    Iam trying to build an Facebook Application based on PHP. The Application is running under php on my own Webhost inside an Canvas as iFrame. I have included the newest Client Library for PHP from Facebook: facebook-php-sdk-94fcb13 To Authorize the user inside my application iam trying to use Facebook Connect, like the example shipped with the Client. Everything works fine the 1st Login, but when i hit the F5 Key to reload the page, the session is lost and i have to login again. When i call my application outside of the Facebook Canvas everything is fine. Iam not sure, but i think my Browser (Chrome/FireFox - Ubuntu) is not allowing to store an cookie inside an iFrame. Does someone knows an solution for this Problem? Here are some Parts of the Sourcecode: $facebook = new Facebook(array( 'appId' => 'x', 'secret' => 'x', 'cookie' => 'true', )); $session = $facebook->getSession(); $facebook->setSession($session); $me = null; // Session based API call. if ($session) { try { $uid = $facebook->getUser(); $me = $facebook->api('/me'); } catch (FacebookApiException $e) { error_log($e); } } // login or logout url will be needed depending on current user state. if ($me) { $logoutUrl = $facebook->getLogoutUrl(); } else { $loginUrl = $facebook->getLoginUrl(); }

    Read the article

  • Android AES and init vector

    - by Donald_W
    I have an issue with AES encryptio and decryption: I can change my IV entirely and still I'm able to decode my data. public static final byte[] IV = { 65, 1, 2, 23, 4, 5, 6, 7, 32, 21, 10, 11, 12, 13, 84, 45 }; public static final byte[] IV2 = { 65, 1, 2, 23, 45, 54, 61, 81, 32, 21, 10, 121, 12, 13, 84, 45 }; public static final byte[] KEY = { 0, 42, 2, 54, 4, 45, 6, 7, 65, 9, 54, 11, 12, 13, 60, 15 }; public static final byte[] KEY2 = { 0, 42, 2, 54, 43, 45, 16, 17, 65, 9, 54, 11, 12, 13, 60, 15 }; //public static final int BITS = 256; public static void test() { try { // encryption Cipher c = Cipher.getInstance("AES"); SecretKeySpec keySpec = new SecretKeySpec(KEY, "AES"); c.init(Cipher.ENCRYPT_MODE, keySpec, new IvParameterSpec(IV)); String s = "Secret message"; byte[] data = s.getBytes(); byte[] encrypted = c.doFinal(data); String encryptedStr = ""; for (int i = 0; i < encrypted.length; i++) encryptedStr += (char) encrypted[i]; //decryoption Cipher d_c = Cipher.getInstance("AES"); SecretKeySpec d_keySpec = new SecretKeySpec(KEY, "AES"); d_c.init(Cipher.DECRYPT_MODE, d_keySpec, new IvParameterSpec(IV2)); byte[] decrypted = d_c.doFinal(encrypted); String decryptedStr = ""; for (int i = 0; i < decrypted.length; i++) decryptedStr += (char) decrypted[i]; Log.d("", decryptedStr); } catch (Exception ex) { Log.d("", ex.getMessage()); } } Any ideas what I'm doing wrong? How can I get 256 bit AES encryption (only change key to 32-byte long array?) Encryption is a new topic for me so please for newbie friendly answers.

    Read the article

  • Did we always have to register to download the Java 5 JDK, or is this new Oracle fun?

    - by Ukko
    I could swear that just a couple of months ago I downloaded a copy of the Java 1.5 SE JDK and I did not have to give them information on my first born. Today, I had to go through the register-and-we-will-send-you-a-link-someday dance. I have not received the link yet, so I thought I would ask about it here. What is special about the Java 5 JDK? I can get 6 just by clicking, is this a stick to get us to migrate to Java 6? Am I just not remembering doing this before? What marketing genius thought this would be a value add for Java? "If we make them sweat for the JDK they won't just delete it willy-nilly the next time?" Does everyone picture the people designing systems like this as mustache twirling Snidely Whiplash clones like I do? Did I just miss the link for the Secret Squirrel route to the download page? Finally, I am in the U.S. so I should not have to worry about export restrictions. Any thoughts?

    Read the article

  • How to (kindly) ask your users to upgrade from IE6?

    - by nickf
    It's no secret at all that IE6 has been a major roadblock to the advancement of the web over the last few years. I couldn't count the number of hours I've spent bashing my head against a wall trying to fix or debug IE6 issues. The way I see it, there are two types of IE6 user. a) the poor corporate schmoe whose IT department doesn't want to upgrade in case something breaks, and b) the mums and dads of the world who think the internet is the blue E on their desktop (and I don't mean that in a nasty way). There's probably a couple of people who know about all the other browsers, but still choose to run IE6. They get what they deserve, IMO. Anyway, getting to the point, I'd say that 90% of my IE6-using visitors are in the the mums and dads category - they're not stupid, they just don't know WHY they should upgrade to IE7 or Firefox or whatever. How do I educate these people without pissing them off? Is there a nice and friendly website I can direct these people to, which explains the reasons for upgrading in plain language? Any mention of "security" or "web standards" I think would just come across as scary. I've just seen http://www.whatbrowser.org which seems to fit the bill nicely. It explains in very basic terms: what a web browser is why you'd want to upgrade it how old your current browser is (subtle hint to those with a 9 year old browser) ..aaaand it's in 22 languages. It's from Google but displays no bias (it links to Firefox, Chrome, Opera, Safari, Internet Explorer displayed in a random order).

    Read the article

  • Rate Limit Calls To Api Using Cache

    - by namtax
    Hi I am using coldfusion to call the last.fm api, using a cfc bundle sourced from here I am concerned about going over the request limit, which is 5 requests per originating IP address per second, averaged over a 5 minute period. The cfc bundle has a central component which calls all the other components, which are split up into sections like "artist", "track" etc...This central component "lastFmApi.cfc." is initiated in my application, and persisted for the lifespan of the application // Application.cfc example <cffunction name="onApplicationStart"> <cfset var apiKey = '[your api key here]' /> <cfset var apiSecret = '[your api secret here]' /> <cfset application.lastFm = CreateObject('component', 'org.FrankFusion.lastFm.lastFmApi').init(apiKey, apiSecret) /> </cffunction> Now if I want to call the api through a handler/controller, for example my artist handler...I can do this <cffunction name="artistPage" cache="5 mins"> <cfset qAlbums = application.lastFm.user.getArtist(url.artistName) /> </cffunction> I am a bit confused towards caching, but am caching each call to the api in this handler for 5 mins, but does this make any difference, because each time someone hits a new artist page wont this still count as a fresh hit against the api? Wondering how best to tackle this Thanks

    Read the article

  • Trying to create a .NET DLL to be used with Non-.NET Application

    - by Changeling
    I am trying to create a .NET DLL so I can use the cryptographic functions with my non .NET application. I have created a class library so far with this code: namespace AESEncryption { public class EncryptDecrypt { private static readonly byte[] optionalEntropy = { 0x21, 0x05, 0x07, 0x08, 0x27, 0x02, 0x23, 0x36, 0x45, 0x50 }; public interface IEncrypt { string Encrypt(string data, string filePath); }; public class EncryptDecryptInt:IEncrypt { public string Encrypt(string data, string filePath) { byte[] plainKey; try { // Read in the secret key from our cipher key store byte[] cipher = File.ReadAllBytes(filePath); plainKey = ProtectedData.Unprotect(cipher, optionalEntropy, DataProtectionScope.CurrentUser); // Convert our plaintext data into a byte array byte[] plainTextBytes = Encoding.ASCII.GetBytes(data); MemoryStream ms = new MemoryStream(); Rijndael alg = Rijndael.Create(); alg.Mode = CipherMode.CBC; alg.Key = plainKey; alg.IV = optionalEntropy; CryptoStream cs = new CryptoStream(ms, alg.CreateEncryptor(), CryptoStreamMode.Write); cs.Write(plainTextBytes, 0, plainTextBytes.Length); cs.Close(); byte[] encryptedData = ms.ToArray(); return Convert.ToString(encryptedData); } catch (Exception ex) { return ex.Message; } } } } } In my VC++ application, I am using the #import directive to import the TLB file created from the DLL, but the only available functions are _AESEncryption and LIB_AES etc I don't see the interface or the function Encrypt. When I try to instantiate so I can call the functions in my VC++ program, I use this code and get the following error: HRESULT hr = CoInitialize(NULL); IEncryptPtr pIEncrypt(__uuidof(EncryptDecryptInt)); error C2065: 'IEncryptPtr': undeclared identifier error C2146: syntax error : missing ';' before identifier 'pIEncrypt'

    Read the article

  • Error creating Google Calendar

    - by Don
    Hi, I'm trying to use the Google Calendar Java API to create a secondary calendar for a Google apps user. The relevant code is: // Initialise the API client CalendarService googleCalendar = new GCalendarService("canimo.ca"); googleCalendar.setUserCredentials("[email protected]", "secret"); // Create the calendar CalendarEntry cal = new CalendarEntry(); cal.title = new PlainTextConstruct(user.email); cal.summary = new PlainTextConstruct("Collection calendar"); cal.timeZone = new TimeZoneProperty("America/Montreal"); cal.hidden = HiddenProperty.FALSE; googleCalendar.insert(CALENDAR_URL, calendar); The call to insert() above results in com.google.gdata.util.ServiceException: Internal Server Error and no calendar is created. If I try and perform the same operation through the Google calendar website, it also fails with the error message: We could not save changes. Please try again in a few minutes. An obvious conclusion is that there's some problem on Google's side, but this has been going on for several days now. Strangely, if I create a new user, everything works fine for a while. I can create calendars via the website, and download them via the API. But as soon as I try and create a new calendar using the API, I get the exception above, and thereafter can't create new calendars using either the website or the API. Thanks, Don

    Read the article

  • How to store session values with Node.js and mongodb?

    - by Tirithen
    How do I get sessions working with Node.js, [email protected] and mongodb? I'm now trying to use connect-mongo like this: var config = require('../config'), express = require('express'), MongoStore = require('connect-mongo'), server = express.createServer(); server.configure(function() { server.use(express.logger()); server.use(express.methodOverride()); server.use(express.static(config.staticPath)); server.use(express.bodyParser()); server.use(express.cookieParser()); server.use(express.session({ store: new MongoStore({ db: config.db }), secret: config.salt })); }); server.configure('development', function() { server.use(express.errorHandler({ dumpExceptions: true, showStack: true })); }); server.configure('production', function() { server.use(express.errorHandler()); }); server.set('views', __dirname + '/../views'); server.set('view engine', 'jade'); server.listen(config.port); I'm then, in a server.get callback trying to use req.session.test = 'hello'; to store that value in the session, but it's not stored between the requests. It probobly takes something more that this to store session values, how? Is there a better documented module than connect-mongo?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >