Search Results

Search found 25503 results on 1021 pages for 'browser security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 406/1021 | < Previous Page | 402 403 404 405 406 407 408 409 410 411 412 413  | Next Page >

  • HTTP Digest Authentication Fails With URL Parameters (CakePHP)

    - by NathanGaskin
    I have a RESTful API set up and working with CakePHP using mapResources() and parseExtensions(). Authentication is handled by CakePHP's security component using HTTP Digest Authentication. Everything works fine, unless I add parameters to the url, in the form: http://example.com/locations.xml?distance=4 Which causes the authentication to always fail. Any ideas? Edit: This seems to be an issue with the regex in parseDigestAuthData(). There's a semi-fix here: http://old.nabble.com/paginator-conflicts-with-Security-%3ErequireLogin---td16301573.html which now allows me to use the format: http://example.com/locations/index/distance:4/.xml But that's not RESTful and doesn't look all that pretty. Still, getting closer!

    Read the article

  • Dealing with missing messages in JavaScript when using BOSH

    - by JamieD
    We recently went into private beta on our flagship product and had a small launch event. Unfortunately the venue had a terrible wireless connection and packets were being dropped left right and centre causing havoc with out system, basically it wasn't able to work at all! Luckily we were able to switch to a different network and rescue the demo. This highlighted something that I knew was already an issue but hadn't appreciated quite how much of an issue it could be. Our system relies heavily on BOSH and has a rather large JavaScript code base which now works rather well under good network conditions. However we need to make it work well under bad network conditions as well. Due to the way that XMPP works, a fire and forget system, it's not easy to tell if a message you sent, or were supposed to receive, was actually sent or received. For instance, we have an offer system, one user will send an offer to another over BOSH. When this message is received by the server a message is published to the offering users offers_sent PEP node and a similar message to the receiving users offers_received PEP node. While the sending user is able to tell if their offer was send (relatively) easily, if the notification to the receiving user is never received that user will never know it missed a message. A little about out JavaScript setup, it has 4 main layers: StropheJS An MVC framework for dealing with low level tasks and to build on top of An application layer which contains the app logic routes, controllers models etc. as well as a browser cache of the model data A UI layer that receives events and publishes events to and from the application layer One way to solve the missing messages issue would be to periodically check the PEP nodes for new data that the browser doesn't know about. If a new message was discovered the browsers cache would be invalidated and all new data would be requested from the server. I'm not sure this is the best way to go and it also doesn't cover all situations. We certainly don't want to get into the situation where we are sending messages to confirm the previous message was received at it's destination as this would double the network traffic. With the number of real time websites growing daily this is an issue that must have been encountered by other developers, it would be interesting to see how it's been solved by others. As far as I can see there are two situations in which messages go missing: On poor connections messages are not sent or received due to the packets being dropped Involving navigating between pages, a message is received by the browser but is not fully processed and stored in the local cache before the page is unloaded. Or a message is added to the send queue but never sent before the page is unloaded I suspect the hardest issue to solve will be number 2. Any thoughts on the subject would be much appreciated.

    Read the article

  • How to -> Visual Studio 2010 Add In Manager

    - by Jeremy Thompson
    Hi, Sorry for such a simple question, but how do I use the Add-In Manager in VS2010? I want to add this "SmartPaster" addin: http://inedo.com/Downloads/SmartPaster.aspx or http://www.mediafire.com/?mzyjamytnlq What do I do with these 3 files to get them listed in the Add-In Manager dialog? SmartPaster2010.AddIn, SmartPaster2010.dll, SmartPaster2010.xml Edit: http://msdn.microsoft.com/en-us/library/19dax6cz.aspx says: "To install the add-in on another computer, the .addin file must be placed in a location where Visual Studio checks for add-ins. These locations are listed in the Options dialog box, in the Environment node, on the Add-in/Macros Security page." I went to Tools Options Environment Add-In/Macro Security, checked some paths put the AddIn files in a couple of these directoryies, restart VS2010 but still no luck!

    Read the article

  • telling java to accept self-signed ssl certificate

    - by Nikita Rybak
    It looks like a standard question, but I couldn't find clear directions anywhere. I have java code trying to connect server with probably self-signed (or expired) certificate. It gives something like this [HttpMethodDirector] I/O exception (javax.net.ssl.SSLHandshakeException) caught when processing request: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target As I understand, I have to play around with keytool and tell java that it's ok to allow this connection. But all comments I've found assume I'm fully proficient with keytool, like "generate private key for server and import it into keystore". And I'm not. Is there anybody who could post detailed instructions? I'm running unix, so bash script would be best. Not sure if it's important, but code executed in jboss. Thanks a lot!

    Read the article

  • Prototype Library use of !! operator

    - by Rajat
    Here is a snippet from Prototype Javascript Library : Browser: (function(){ var ua = navigator.userAgent; var isOpera = Object.prototype.toString.call(window.opera) == '[object Opera]'; return { IE: !!window.attachEvent && !isOpera, Opera: isOpera, WebKit: ua.indexOf('AppleWebKit/') > -1, Gecko: ua.indexOf('Gecko') > -1 && ua.indexOf('KHTML') === -1, MobileSafari: /Apple.*Mobile/.test(ua) } })(), This is all good and i understand the objective of creating a browser object. One thing that caught my eye and I haven't been able to figure out is the use of double not operator !! in the IE property. If you read through the code you will find it at many other places. I dont understand whats the difference between !!window.attachEvent and using just window.attachEvent. Is it just a convention or is there more to it that's not obvious?

    Read the article

  • How would you adblock using Python?

    - by regomodo
    I'm slowly building a web browser in PyQt4 and like the speed i'm getting out of it. However, I want to combine easylist.txt with it. I believe adblock uses this to block http requests by the browser. How would you go about it using python/PyQt4? [edit1] Ok. I think i've setup Privoxy. I haven't setup any additional filters and it seems to work. The PyQt4 i've tried to use looks like this self.proxyIP = "127.0.0.1" self.proxyPORT= 8118 proxy = QNetworkProxy() proxy.setType(QNetworkProxy.HttpProxy) proxy.setHostName(self.proxyIP) proxy.setPort(self.proxyPORT) QNetworkProxy.setApplicationProxy(proxy) However, this does absolutely nothing and I cannot make sense of the docs and can not find any examples. [edit2] I've just noticed that i'f I change self.proxyIP to my actual local IP rather than 127.0.0.1 the page doesn't load. So something is happening.

    Read the article

  • Running log operation in Http Modules?

    - by Niranjan
    Hi, I have a simple requirement in which I want to execute a long running application program on server (e.g. DTSX) I want to make an HTTP module for this, But I have a question whether the DTSX will run even if the user closes the page and browser. In my case user hits the handler with a query string but what if the user closes the browser immediately? How is the behavior different from simple linear page processing? I want my DTSX package to finish once its started no matter how much time it takes and also dont want to halt the user that is why I am using http modules in place of linear asp page processing. Reagrds, Niranjan

    Read the article

  • Chrome Extension: how to capture selected text and send to a web service

    - by phil swenson
    For the Google Chrome extension, I need to capture selected text in a web page and send to a web service. I'm stuck! First I tried a bookmarklet, but Chrome on Mac seems to have some bookmarklet bugs so I decided to write an extension. I use this code in my ext: function getSelText(){ var txt = 'nothing'; if (window.getSelection){ txt = "1" + window.getSelection(); } else if (document.getSelection) { txt = "2" + document.getSelection(); } else if (document.selection) { txt = "3" + document.selection.createRange().text; } else txt = "wtf"; return txt; } var selection = getSelText(); alert("selection = " + selection); When I click on my extension icon, I get a "1". So I think the act of selecting outside the browser window is causing the text to not be seen by the browser as "selected" any more. Just a theory.... thoughts?

    Read the article

  • Is my form password being passed in clear text?

    - by liinkas
    This is what my browser sent, when logging into some site: POST http://www.some.site/login.php HTTP/1.0 User-Agent: Opera/8.26 (X2000; Linux i686; Z; en) Host: www.some.site Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: en-US,en;q=0.9 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 Referer: http://www.some.site/ Proxy-Connection: close Content-Length: 123 Content-Type: application/x-www-form-urlencoded lots_of_stuff=here&e2ad811=my_login_name&e327696=my_password&lots_of_stuff=here Can I state that anyone can sniff my login name and password for that site? Maybe just on my LAN? If so (even only on LAN ) then I'm shocked. I thought using <input type="password"> did something more than make all characters look like ' * ' p.s. If it matters I played with netcat (on linux) and made connection browser <= netcat (loged here) <= proxy <= remote_site

    Read the article

  • Impersonation in asp.net, confused about implmentation when used with Active Directory & Sql Server

    - by AWC
    I have an internal website that is using integrated windows authentication and this website uses sql server & active directory queries via the System.Directory.Services namespace. To use the System.Directory.Services namespace in ASP.NET I have to run IIS under an account that has the correct privileges and importantly have impersonation set to true in the web config. If this is done then when I make a query against AD then the credentials of the wroker process (IIS) are used instead of the ASPNET account and therefore the queries will now succeed. Now if I am also using Sql Server with a connection string configured for integrated security ('Integrated Security=SSPI') then this interprets the ASP.NET impersonation to mean that I want to access the database as the windows credentials of the request no the worker process. I hope I'm wrong and that I've got the config wrong, but I don't think I have and this seems not to be inconsistent? It should be noted I'm using IIS 5.1 for development and obivously this doesn't have the concept of app-pools which I believe would resolve the problem.

    Read the article

  • Android: Enable selection in webkit

    - by tacone
    Hello, I'am looking for a way to have a webview content selectable in the very same way as the stock browser does. user long presses the text the whole word is selected two pins appear at the word's boundary allowing the user to stretch/shrink the selection. I should note that Dolphin HD shows exactly the same text select functionality as the default browser (same icons, animation, etc), so it really should be possible. But I can't figure out how. Until now, all i found was this function, which kind of work, but doesn't allow the user to expand/shrink the selection. public void selectAndCopyText() { try { KeyEvent shiftPressEvent = new KeyEvent(0,0,KeyEvent.ACTION_DOWN,KeyEvent.KEYCODE_SHIFT_LEFT,0,0); shiftPressEvent.dispatch(mWebView); } catch (Exception e) { throw new AssertionError(e); } }

    Read the article

  • Returning a DOM element with Webdriver in Javascript

    - by ehmicky
    How do I return a DOM Element with Webdriver in Javascript? I am using the wd.js Javascript bindings: require("wd") .remote("promiseChain") .init() .get("http://www.google.com") .elementById("mngb") .then(function(element) { console.log(element); }); I am getting this weird object that is not a standard DOM Element (for example I cannot get the HTML code out of it): { value: '0', browser: { domain: null, _events: {}, _maxListeners: 10, configUrl: { protocol: 'http:', slashes: true, auth: null, host: '127.0.0.1:4444', port: '4444', hostname: '127.0.0.1', hash: null, search: '', query: {}, pathname: '/wd/hub', path: '/wd/hub', href: 'http://127.0.0.1:4444/wd/hub' }, sauceRestRoot: 'https://saucelabs.com/rest/v1', noAuthConfigUrl: { protocol: 'http:', slashes: true, host: '127.0.0.1:4444', port: '4444', hostname: '127.0.0.1', hash: null, search: null, query: null, pathname: '/wd/hub', path: '/wd/hub', href: 'http://127.0.0.1:4444/wd/hub' }, defaultCapabilities: { browserName: 'firefox', version: '', javascriptEnabled: true, platform: 'ANY' }, _httpConfig: { timeout: undefined, retries: 3, retryDelay: 15, baseUrl: undefined }, sampleElement: { value: 1, browser: [Circular] }, sessionID: '238c9837-3d82-4d90-9594-cefb4ba8e6b9' } }

    Read the article

  • How to find the mime type of a file in python?

    - by Daren Thomas
    Let's say you want to save a bunch of files somewhere, for instance in BLOBs. Let's say you want to dish these files out via a web page and have the client automatically open the correct application/viewer. Assumption: The browser figures out which application/viewer to use by the mime-type (content-type?) header in the HTTP response. Based on that assumption, in addition to the bytes of the file, you also want to save the MIME type. How would you find the MIME type of a file? I'm currently on a Mac, but this should also work on Windows. Does the browser add this information when posting the file to the web page? Is there a neat python library for finding this information? A WebService or (even better) a downloadable database? Edit: Thank you, Dave Webb.

    Read the article

  • How return 304 status with FileResult in ASP.NET MVC RC1

    - by Maysam
    As you may know we have got a new ActionResult called FileResult in RC1 version of ASP.NET MVC. Using that, your action methods can return image to browser dynamically. Something like this: public ActionResult DisplayPhoto(int id) { Photo photo = GetPhotoFromDatabase(id); return File(photo.Content, photo.ContentType); } In the HTML code, we can use something like this: <img src="http://mysite.com/controller/DisplayPhoto/657"> Since the image is returned dynamically, we need a way to cache the returned stream so that we don't need to read the image again from database. I guess we can do it with something like this, I'm not sure: Response.StatusCode = 304; This tells the browser that you already have the image in your cache. I just don't know what to return in my action method after setting StatusCode to 304. Should I return null or something?

    Read the article

  • GWT vertical layout

    - by skrat
    I need a vertical layout, which would fill browser's viewport top to bottom, with on overflow (scrollbars). I need to layout widgets on the top, and on the bottom, and have one widget in the center which would stretch to fill the remaining space. There seems to be DockLayoutPanel for this purpose, the problem with it is that it forces me to specify widget sizes, and I don't know the sizes of the top/bottom widgets before the browser does it's layouting job, which is tricky (buggy) to track. I cannot find the right moment when to measure my widgets, and I don't want to do this kind of layouting code anyway.

    Read the article

  • Tracking Viewing Habits of Website Visitors

    - by Leland
    Hello everyone! First time using this service for a question. I hope I am not asking something that has already been answered. I attempted to find an answer to my question with the search engine but i was unable to. My question is as follows: Using php, javascript, or anything actually, is it possible for me to track how my users are viewing the pages on my blog/website? Specifically, I want to track the time the user's browser spends reading specific sections of my content on the same page. For example, it would answer questions such as: How much time did someone spend reading the introduction to my article vs the conclusion? (located on the same page) Basically, tracking the "eyes" of a web visitor by looking at where the browser is currently scrolled down the page too. I'm sorry if i'm a bit noob! Thanks for any help with my problem you can provide to me! ^_^

    Read the article

  • How to set timeout with python-mechanize?

    - by Michal Cihar
    I'm using python-mechanize to scrape some web sites, which sometime simply don't respond to requests and these requests stay open too long, so I need to limit timeout for these requests. While using urlopen method, the timeout can be set using timeout parameter, but I have not found easy way for doing it with high level API such as submit or click methods. Ideally the timeout would be set just once for whole browser class and all calls would honor that. It would be probably possible to customize this by passing custom request_class to every click and submit call, but this would just pollute the code, so I'm looking for nicer solution for setting timeout for mechanize's browser class (and no, I don't want to change default socket timeout using socket.setdefaulttimeout).

    Read the article

  • 500 error for long url iis7

    - by Chris Porter
    I was getting 404 errors for some long URLs on a website I'm developing. After a bit of digging I discovered that this occurs when the length of certain aspects of the URL exceed configurable limits in IIS7. In this case the maxQueryString attribute of the requestLimits property needed to be increased in the web.config <system.webServer> <security> <requestFiltering> <requestLimits maxQueryString="4096" maxAllowedContentLength="4096" maxUrl="8192" > </requestLimits> </requestFiltering> </security> This fixed the problem instantly on my development server but on the remote server I now get: 500 - Internal server error. There is a problem with the resource you are looking for, and it cannot be displayed. And that's all the information it gives me.

    Read the article

  • PrincipalPermission - roles seperate from permissions

    - by Leblanc Meneses
    I've been using PrincipalPermission for a while in wcf services. [PrincipalPermission(SecurityAction.Demand, Role = SecurityRoles.CanManageUsers)] although now i have a requirement to simplify roles by business unit. - currently aspnet_roles has fine grained can* permissions. Here is my approach and wanted to see if anyone can provide feedback, code review before i implement my suggestion. 1) aspnet_roles - business unit role 2) create permission table and Role_Permission table and User_Permission table (many to many) 3) create custom CodeAccessSecurityAttribute + that looks at new tables [CustomPermissionCheck(Security.Demand, HasPermission="can*")] first iteration i'll statically new the dependent repository.. ideally i would like an aop style attribute that has repository injected IPermissionRepository.HasPermission(...); If i approach new aop way i probably will stop inheriting from CodeAccessSecurityAttribute -- what do the security guys have to say about this? has anyone else solved this, is there something in the framework that i've missed?

    Read the article

  • Tomcat blankpage for default error page

    - by praspa
    First off, I'm using Tomcat 5.5 and my .jsp's live in /webapps/foo/bar/*.jsp. I followed the directions here to set up a default 404 error page. In my TOMCAT_HOME/conf/web.xml I entered: <error-page> <error-code>404</error-code> <location>/error.html</location> </error-page> I dropped copies of a test error.html file into each of the dirs (I wasn't sure where /error.html was referring to): /webapps/ /webapps/foo/ /webapps/foo/bar/ Whenever I attempt to access a non-existent page in a browser at url's /foo/missingpage.html or /foo/bar/missingpage.html I'm redirected to my error page that exists in /foo/error.html. However, attempting to access a non-existent page in a browser at url /missingpage.html yields a blankpage. Or any permutation of /missingDir/missingfile.html will also yield a blank page. Any suggestions? Am I missing some extra configuration? Thanks PR

    Read the article

  • How to configure tomahawk and trinidad to work together

    - by ashtaganesh
    Hi, I am new to JSF. I want to use inputListOfValues component from Trinidad in my application which also uses Tomahawk. I have added the required jars for Trinidad and before getting inputListOfValues I tried one simple inputText to be printed on browser using Trinidad. I was not getting any configuration errors but it was not printing the corresponding text on browser. So I wonder if I can use tomahawk and trinidad together ? If yes, is there any configuration setting we need to do for this ? Any help will be greatly appreciated. Thanks, Ganesh.

    Read the article

  • Is there anyway of making json data readable by a Google spider?

    - by leeand00
    Is it possible to make JSON data readable by a Google spider? Say for instance that I have a JSON feed that contains the data for an e-commerce site. This JSON data is used to populate a human-readable page in the users browser. (I.E. The translation from JSON data to human displayed page is done inside the users browser; not my choice, just what I've been given to work with, its an old legacy CGI application and not an actual server-side scripting language.) My concern here is that, the google spiders will not be able to pickup/directly link to the item in question when a user clicks on it in google, being presented with an index page full of all the items, rather than being linked directly to the item they clicked on. Is there anyway of "informing" the google spider in the JSON that what they should feed the user a different link?

    Read the article

  • Page Rendering occurs blank page because of Old Cookie

    - by user333177
    Hi! I am developing application using J2EE (JSF,RichFaces, Jetty/Glashfish). Sometimes when I click on some link I get nothing returned to the browser at all (blank page). But when i refresh the page all contents appears in page. After some trail and error i found that it is cookies problem: It happens bez some old cookie not deleted by browser so this problem occurs. We also change web.xml file: but it creates more problem it doesn't maintain the session in application. Please friends if you have any suggestion on this problem help us.

    Read the article

  • NServiceBus is blocking when hosted in ASP.NET web application

    - by Dale Niemeyer
    Hello, I created a simple web application where a search form is filled out, submit button clicked, and a message is sent with the search parameters via nServiceBus. I also have a handler in the same project that picks up the message (from the same queue). For some reason, the web server process blocks until after the message is picked up, is there any reason for this? I set a breakpoint in the message handler and it breaks before the request finishes... locking the browser until I allow the code to continue. I would expect control to return to the browser regardless of when the handler gets fired... Thanks, D.Niemeyer

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 402 403 404 405 406 407 408 409 410 411 412 413  | Next Page >