Search Results

Search found 12720 results on 509 pages for 'moss2007 security'.

Page 389/509 | < Previous Page | 385 386 387 388 389 390 391 392 393 394 395 396  | Next Page >

• File Encrypt/Decrypt under load?

  - by chopps

  I found an interesting article about encrypting and decrypting files but since it uses a file.dat to store the key this will run into problems when theres alot of users on the site dealing with alot of files. http://www.codeproject.com/KB/security/VernamEncryption.aspx?display=Print Should a new file be created every time a file needs decrypting or would there be a better way to do this? UPDATE: Here is what im using to avoid the locking problems. using (Mutex FileLock = new Mutex(true, System.Guid.NewGuid().ToString())) { try { FileLock.WaitOne(); using (FileStream fs = new FileStream(keyFile, FileMode.Open)) { keyBytes = new byte[fs.Length]; fs.Read(keyBytes, 0, keyBytes.Length); } } catch (Exception ex) { EventLog.LogEvent(ex); } finally { FileLock.ReleaseMutex(); } } I tested it on 1000 TIFFs doing both encryption and decryption without any errors.

  Read the article

• Custom URL protocol in Windows to serve HTML content

  - by Jen

  This question addresses how to register a custom URL protocol to launch an application in response to a link, but I want my handler to serve dynamic content. Essentially, I'm looking to create a web application that runs on the user's machine instead of a web server. I could set up a localhost, but I want to use a "friendly" URL format that the user can reference elsewhere, e.g. a hypothetical cats protocol: cats:fluffy/cheeseburger-consumption-stats How can I accomplish this? Also, do you see any pitfalls with this approach, such as security warnings from browsers? Thanks!

  Read the article

• Sanitize HTML before storing in the DB or before rendering? (AntiXSS library in ASP.NET)

  - by user102533

  I have an editor that lets users add HTML that is stored in the database and rendered on a web page. Since this is untrusted input, I plan to use Microsoft.Security.Application.AntiXsSS.GetSafeHtmlFragment to sanitize the HTML. Should I santiize before saving to the database or before rendering the untrusted input into the webpage? Is there an advantage in including the AntiXSS source code in my project instead of just the DLL? (Maybe I can customize the white list?) Which class file should I look in for actual implementation of the GetSafeHtmlFragment

  Read the article

• How to connect to a SQLite database in iphone

  - by Lee

  I am attempting converting an application from VB6 to an iphone app. In the VB version, the database is in Access. But, I have read that I need to convert it to SQLite. How I amend the following code to switch from Access to SQLite? cnList = new ADODB.Connection(); rsList = new ADODB.Recordset(); cnList.Provider = "Microsoft.Jet.OLEDB.4.0;"; cnList.ConnectionString = "Persist Security Info=False;"+CString("Data Source=cbe.mdb"); cnList.Open();

  Read the article

• Are there built-in issue tracking and task management in IDEs that integrate into SourceForge, Googl

  - by Kai Sellgren

  Hi, This question may not be exactly programming related, but this is about development. I have been trying to find IDEs that support JIRA/Bugzilla so that I could simply integrate the IDE with SourceForge. I do not like to refresh my browser to see issues, bug reports, security problems, etc. I would like to send issues, resolve issues, right from the IDE. I am currently developing with NetBeans, but I see no ways of integrating into any of the services provided by SourceForge. Am I missing something?

  Read the article

• How to preload local javascript everytime a new tab or page is opened?

  - by Klerk

  I would like to autoload a local javascript file, everytime a new page/tab is opened in a browser. I tried the bookmarklet approach, but it gets tiresome as the button needs to be pressed everytime a new page/tab is opened. Chrome extensions also seem to work along the same lines (where you have to press an icon to run the js). Googling for javascript and preload seems to return everything except what I am looking for. Is there a browser indepent way of autoloading (no user action required) a local js file? If not, any browser specific info to do this would be appreciated (even if they mean reducing security by turning off required options). Thanks!

  Read the article

• Non-string role names in ASP.NET MVC?

  - by MikeWyatt

  ASP.NET MVC has good support for role-based security, but the usage of strings as role names is maddening, simply because they cannot be strongly-typed as enumerations. For example, I have an "Admin" role in my app. The "Admin" string will now exist in the Authorize attribute of my action, in my master page (for hiding a tab), in my database (for defining the roles available to each user), and any other place in my code or view files where I need to perform special logic for admin or non-admin users. Is there a better solution, short of writing my own authorization attribute and filter, that would perhaps deal with a collection of enumeration values?

  Read the article

• Cannot read app.config, why???

  - by user46503

  Hello, I'm trying to get data from app.config and I always get zero. The App.config is here: <?xml version="1.0" encoding="utf-8"?> <configuration> <connectionStrings> <add name="ExplorerContext" connectionString="metadata=res://*/ExplorerData.csdl|res://*/ExplorerData.ssdl|res://*/ExplorerData.msl;provider=System.Data.SqlClient;provider connection string=&quot;Data Source=MYT\SQLEXPRESS;Initial Catalog=Explorer;Integrated Security=True;MultipleActiveResultSets=True&quot;" providerName="System.Data.EntityClient" /> </connectionStrings> </configuration> Could someone explain what is wrong, why I cannot get the values, System.Configuration.ConfigurationManager.AppSettings.Count is always 0 Thanks

  Read the article

• How do I make a hyperlink to a local executable?

  - by Scott Ferguson

  We have an Intranet website, and a WPF windows executable installed on every workstation. How can we create a hyperlink on the intranet website that will launch the locally installed executable? Ideally we want the launch to be seamless. Is there a way of setting the browsers trust settings so that it won't display a security warning dialog for this executable? We have full admin capabilities on each workstation, and each user only uses Internet Explorer. We also know the correct local path for the exe.

  Read the article

• Applet problem with IPlanet and Firefox (class not found)

  - by JB Hurteaux

  I have an applet which loads nicely when accessed locally (both IE and Firefox). However, when I put my webpage in a webserver (local IPlanet), it refuses to load on Firefox (but still fine on IE). I get the following error in the java console: load: class XXX.localprinting.LocalPrintingApplet.class not found. java.lang.ClassNotFoundException: XXX.localprinting.LocalPrintingApplet.class at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source) at sun.plugin2.applet.Plugin2Manager.createApplet(Unknown Source) at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.io.IOException: open HTTP connection failed:https://XXX/test/XXX/localprinting/LocalPrintingApplet/class.class at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source) at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source) at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) ... 7 more Exception: java.lang.ClassNotFoundException: XXX.localprinting.LocalPrintingApplet.class Any idea what could explain the different behavior in the webserver? I researched the issue of "class not found" already but without finding something relevant.

  Read the article

• Aes key length significance/implications

  - by cppdev

  Hi, I am using a AES algorithm in my application for encrypting plain text. I am trying to use a key which is a six digit number. But as per the AES spec, the key should be minimum sixteen bytes in length. I am planning to append leading zeros to my six digit number to make it a 16 byte and then use this as a key. Would it have any security implications ? I mean will it make my ciphertext more prone to attacks. Please help.

  Read the article

• How can I receive messages using C# over http without MSMQ

  - by pduncan

  I need a reliable messaging framework that runs over http/https (due to client security requirements) and that doesn't use MSMQ (because some clients will use Windows XP Home). The clients only need to be able to receive messages, not send them. We already have a message queue on the server for each user, and the receivers have been getting messages by connecting to an HttpHandler on the server and getting a Stream from WebResponse.GetResponseStream() We keep this stream open, and pull messages off of it using Stream.Read(). This MOSTLY works, but Stream.Read() is a blocking call, and we can't reliably interrupt it. We need to be able to stop and start the receiver without losing messages, but the old stream often hangs around, even after we call Thread.Abort on its thread. Any suggestions?

  Read the article

• Help: My SSL Certificate expired but I can't renew it until Monday, is there any way I can disable SSL through IIS?

  - by Ryan

  Or perhaps force redirect to HTTP when they request HTTPS? I tried removing the SSL port settings under 'Advanced' but it broke the login page. I don't want to do a deploy/recompile right now but I am able to edit the VIEWS. However I am thinking there may be a way for IIS to do this, but then again I think the .NET code tries to force SSL. And yes, the key is that more support tickets will be caused by the browser giving a security error than if SSL was removed entirely for one day. Becaues they wouldn't very very likely not notice it being gone.

  Read the article

• can I prohibit users from loading swf files by AS3 / Flash Loader.load() and only allow loading imag

  - by EndangeringSpecies

  I want to have an AS3 app load images from url supplied by the user. But I don't want a malicious user to be able to load an SWF file in place of the image, such as with an altered extension "maliciousSwf.png". Well, not sure how big a security threat that is above and beyond the ability of the hacker to decompile swf, but I think that ideally such behavior should not be allowed. So, is there any way to prevent this? When people allow users to load images in their Flash apps, do they somehow guard against loading of SWF? Or is this really absolutely no big deal?

  Read the article

• Django or Drupal, which one should I use that suits best my needs ?

  - by HJ-INCPP

  Hello, I want to learn and use Drupal or Django for the following: dynamic web sites, medium database, multi-level users, paypal integration, content managment, speed (developing), security I like MVC, ORM and object-oriented prg. Which is better to jump into ? Which one is more mature, powerful, understandable, object-oriented and easier to use by the time ? What about Python Spring ... Also, which of these 3 are better documented, are better for a cv and have more extensions? Known languages: php, java, mysql Thank you !

  Read the article

• Why to store username and password in Keychain in iPhone app

  - by Suriya

  I have worked with NSUserDefault but this keychain concept is totally new for me. I have tried looking for similar Questions but couldn't find the exact reason to do so. What I have done: I already know how to store data in NSUserDefault. and also the reason why do we need to store it. Regarding Keychain I just know that storing in keychain stores the data with some extra security by encoding the original text while NSUserDefault stores the data as plain text. Is this the only reason for storing the data in keychain?

  Read the article

• PHP CHECKBOX Array Issue

  - by Val

  I have a list of checkboxes like you would see in most email clients (You tick a box press delete then it deletes an email). <input type="checkbox" value="yes" name="box[]" /> The problem stands here ... print_r($_POST['box']);//Returns nothing at all ... var_dump($_POST['box']);// returns null... I was reading something about register globals that php5 has turned it off for security reason. Does anyone know what my options are ?

  Read the article

• building a website

  - by Ant

  Not sure if this is the right place to post this, or if it should be under programmers.stackexchange... Anywho, a couple of my friends run a business and they asked me to build them a public website. It will only be used for information about the company with soe pictures. No transactions will be involved. Right now I work for a company where I build internal websites, and do alot of backend programming in C#. I understand html, css, jquery, etc. so I feel like I am completely capable of building a website for them. However, I do not know all the basic knowledge to building one. For example, where should we host the files, what type of security issues do I need to be aware of, what's the best software to use for developing websites (I use visual studio at work), where can I find some design techniques, etc. Any help is appreciated.

  Read the article

• Chrome starts to load image then show broken link icon

  - by Clare A Keith Ward

  Chrome (21.0.1180.79 m) On several random pages it has started to load an image and then suddenly the image disappears and there's only the broken image icon. If I right click the icon and choose to open the image in another window then the image opens, so it seems to me that it isn't a problem with the page? Here's one of the pages that it does it on; http://welshjournals.llgc.org.uk/browse/viewpage/llgc-id:1048090/llgc-id:1048951/llgc-id:1048969/get650 I'm running Kaspersky Internet Security 2012 Any help would be appreciated. Thanks Clare

  Read the article

• Browser application & local file system access

  - by Beyond HTML

  I want to enhance my browser-based web application with functionality that enables management of local files and folders. E.g. folder tree structures should be synchronized between local workstation and server via HTTP(S). I am aware of security-related limitations in browser-based applications. However, there are some techniques that "work around" these issues: Signed Java applets (full trust) .NET Windows Forms browser controls (no joke, that works. Just the configuration is horrible) ActiveX My question is: What do you use/suggest, both technology and implementation practice? Key requirement is that the installation process is as simple as possible. Thanks for your opinions!

  Read the article

• Rails3 and safe nl2br !

  - by arkannia

  Hi, I have a system for the users to be able to post comments. The comments are grasped into a textarea. My problem is to format the comments with br tag to replace \n In fact, i could do something like that s.gsub(/\n/, '<br />') But the xss protection including in rails escapes br tags. So i could do this s.gsub(/\n/, '<br />').html_safe But then, all the tags are accepted even script.... causing a big security problem So my question is : how to format text with br safely ? Thanks EDIT: For now, i have add this def sanitaze self.gsub(/(<.*?>)/, '') end def nl2br self.sanitaze.gsub(/\n/, '<br />').html_safe end

  Read the article

• PHP and MySQLi close()

  - by Theopile

  Hello all. I am new to mysql and php, but am attempting to make my own cms to help make managing my websites easier. Can someone explain the mysqli's close() function. 1)Is it nesseccary? 2)What exactly does it do? 3)I heard that after php runs its script that it closes the connection, is that true? 4)Lastly, is there a security issue when not closing your connection to the database? Thanks

  Read the article

• How to retrieve all errors and messages from a query using ADO

  - by Johan Levin

  When a SQL batch returns more than one message from e.g. print statements, then I can only retrieve the first one using the ADO connection's Errors collection. How do I get the rest of the messages? If I run this script: Option Explicit Dim conn Set conn = CreateObject("ADODB.Connection") conn.Provider = "SQLOLEDB" conn.ConnectionString = "Data Source=(local);Integrated Security=SSPI;Initial Catalog=Master" conn.Open conn.Execute("print 'Foo'" & vbCrLf & "print 'Bar'" & vbCrLf & "raiserror ('xyz', 10, 127)") Dim error For Each error in conn.Errors MsgBox error.Description Next Then I only get "Foo" back, never "Bar" or "xyz". Is there a way to get the remaining messages?

  Read the article

• "SQL Server does not exist or access denied." upon VB.Net Deployment

  - by JasonMHirst

  Have built a small VB.Net app in VS2010. The connection string to the SQL Server is as follows: <connectionStrings> <add name="IWSR_DataDownloadWizard.My.MySettings.sqlConnection" connectionString="Provider=SQLOLEDB.1;Data Source=SQLServer;Integrated Security=SSPI;Initial Catalog=IWSROL" providerName="System.Data.OleDb" /> </connectionStrings> Within the VS2010 environment AND on my machine, the connection works perfectly, however when I deploy to clients I get an error message of: [DBNETLIB][ConnectionOpen (Connect()).]SQL Server does not exist or access denied. I've tried to search the net for solutions, have seen a few instances of people saying to NOT use the Server Name but the IP Address instead (this doesn't work) and some saying to remove the "Provider=SQLOLEDB.1", again this doesn't work. Can anyone suggest a solution please? Further information: Development System is Windows7 using VS2010 Deployment systems are a combination of Windows XP, Windows 2000 and Windows 7 SQL Server is SQL2000 (soon to be SQL2005). TIA

  Read the article

• How do you handle passwords or credentials for standalone applications?

  - by Abel Morelos

  Let's say that you have a standalone application (a Java application in my case) and that this application has a configuration file (a XML file in my case) where you store the credentials (user and password) for a bunch of databases you need to connect. Everything works great, but now you discover (or your are given a new requirement like me) that you have to put this application in a different server and that you can't have these credentials in the configuration files because of security and/or compliance considerations. I'm considering to use data sources hosted in the application server (a WAS server), but I think this could have poor performance and maybe it's not the best approach since I'm connecting from a standalone application. I was also considering to use some sort of encryption, but I would like to keep things as simple as possible. How would you handle this case? Where would you put these credentials or protect them from being compromised? Or how would you connect to your databases in this scenario?

  Read the article

< Previous Page | 385 386 387 388 389 390 391 392 393 394 395 396  | Next Page >