Search Results

Search found 13222 results on 529 pages for 'security gate'.

Page 414/529 | < Previous Page | 410 411 412 413 414 415 416 417 418 419 420 421  | Next Page >

• Validating/Allowing YouTube Embed Code

  - by mellowsoon

  Hi, hopefully this is a simple question. I have a simple custom forum on my site written in PHP. For security reasons I don't allow any HTML in the forum posts. I only allow certain BBCode tags. I would however like to allow embedded YouTube videos. So my question is this: What's the best (most secure) way to validate the YouTube embed code? YouTube is currently using iframes to embed videos, but obviously I can't just allow the iframe tag. I also need to ensure the src of the iframe is a YouTube URL, and ensure there's no other malicious bits of code in the iframe code.

  Read the article

• Problem with commit in sharpsvn

  - by zhangxiaoning

  Hi,I'm a programmer in china. I want to commit the changes of a working copy in my computer to the repository. The repository is in an URL and i´m doing this now: using (SvnClient client = new SvnClient()){ string path = @"C:\testdelete\test.java"; client.Delete(path); client.Authentication.Clear(); // Clear predefined handlers client.Authentication.UserNamePasswordHandlers += delegate(object obj, SharpSvn.Security.SvnUserNamePasswordEventArgs args) { args.UserName = "username"; args.Password = "password"; }; var uri = client.GetUriFromWorkingCopy(path); if (uri != null) { SvnCommitArgs args = new SvnCommitArgs(); args.ThrowOnError = true; args.ThrowOnCancel = true; client.Commit(path, args);//here throw a SvnOperationCanceledException } } But it doesn´t work,Why?Thanks!

  Read the article

• Is SHA sufficient for checking file duplication? (sha1_file in PHP)

  - by wag2639

  Suppose you wanted to make a file hosting site for people to upload their files and send a link to their friends to retrieve it later and you want to insure files are duplicated where we store them, is PHP's sha1_file good enough for the task? Is there any reason to not use md5_file instead? For the frontend, it'll be obscured using the original file name store in a database but some additional concerns would be if this would reveal anything about the original poster. Does a file inherit any meta information with it like last modified or who posted it or is this stuff based in the file system? Also, is using a salt frivolous since security in regards of rainbow table attack mean nothing to this and the hash could later be used as a checksum? One last thing, scalability? initially, it's only going to be used for small files a couple of megs big but eventually... Edit 1: The point of the hash is primarily to avoid file duplication, not to create obscurity.

  Read the article

• Best language to develop medical software

  - by Grace

  I need to write medical program to manage medical practices (patient records, appointments, prescription, etc). Note that this is not for US practices so US EMRs will not work. What is the best platform to develop the software in ie. language and database? Considerations include: - Integration with the web - will need to have Doctors download updates to the software from the web. Will also post reports from the software unto webpages - The software will include a mobile application - probably for Blackberry - Cost is a big factor - need to minimize the license cost to the users - Need tight security on the program

  Read the article

• NoSQL for concurrent reads/writes

  - by Mickael Marrache

  After getting some performance issues for an application using a MySQL database, I'm thinking of using NoSQL solutions. My architecture is as follows: One application receives messages from the network at a high throughput (i.e. 50000 messages/sec). Each message is stored in the DB, so it's important for the write rate to be as fast as the arrival rate. Then, I also have some PHP pages that accesses the DB to get the data stored by the other application. It's important for me that the retrieved data is as relevant as possible (i.e. not old data, let's say not more than 5 seconds old). Also, the data is not critical, so I don't need any security mechanism to avoid losing the data. I see there are a lot of NoSQL solutions, but I don't know if they are all relevant. Could you please provide me some directions. Thanks

  Read the article

• What is the most suitable for writing a high speed server C, C++ or C# ?

  - by wniroshan

  I'm goint to write a server which does lots of image processing. Server-end processsing is expected to be very tedious. Server will maily have mobile phones as its clients. I am really concerend about speed and effciency. Security is pretty important too. Server will be running on a windows platform. Can anyone tell me what should I use as the language C, C++ or C#? or at least what are the ares that I should be looking at when selecting one of them Thank you.

  Read the article

• How to? - part of the site over ssl, other part not

  - by spirytus

  What is common practice for coding web applications where part of the site has to be secured (e.g. checkout section) and part not necessarily, lets say homepage. As far as I know sharing sessions in between http and https parts of the site is not easily possible (or is it?). What would be common approach if I wanted to display on http page like homepage, shopping cart data (items) that users ordered on https pages? How those two parts of the site would communicate if necessary? Also isn't it security flaw in popular shopping carts as it seems that many of these have only checkout pages secured (ssl) and the rest not? I'm using php if it makes any difference.

  Read the article

• CouchDB read authorization

  - by mdikici

  In couchdb website - technical overview - security and validation - http://couchdb.apache.org/docs/overview.html - it writes that (on reader access part) "To protect document contents, CouchDB documents can have a reader list. This is an optional list of reader-names allowed to read the document. When a reader list is used, protected documents are only viewable by listed users." I searched about how to use it but i found nothing. So is it actually used and if it is how? Thanks. -- Mustafa

  Read the article

• Hooking a synchronous event handler on a form submit button in JS

  - by Xzhsh

  Hi, I'm working on a security project in javascript (something I honestly have not used), and I'm having some trouble with EventListeners. My code looks something like this: function prevclick(evt) { evt.preventDefault(); document.loginform.submitbtn.removeEventListener('click',prevclick,false); var req = new XMLHttpRequest(); req.open("GET","testlog.php?submission=complete",false); req.send(); document.loginform.submitbtn.click(); //tried this and loginform.submit() } document.loginform.submitbtn.addEventListener('click',prevclick,false); But the problem is, the submit button doesn't submit the form on the first click (it does, however, send the http request on the first click), and on the second click of the submit button, it works as normal. I think there is a problem with the synchronization, but I do need to have the request processed before forwarding the user to the next page. Any ideas on this would be great. Thanks in advance.

  Read the article

• Authenticating a user for a single app with multiple domains

  - by hofnarwillie

  I have one asp.net web application, but two different domains point to this web app. For instance: www.one.com and www.two.com both point to the same web app. I have an issue where I need certain pages to be on a specific domain (due to some security requirements from our online payment provider - a third party website). So let's say page1.aspx needs to be called on www.two.com The process is as follows: A user logs into www.one.com The authentication cookie is saved to the browser The user then navigates to page1.aspx and, if on the wrong domain, gets redirected to the correct domain. (this redirection happens on page1.aspx in the page_load event) Then asp.net redirects the user to the login screen, because the authentication cookie is not sent to www.two.com. How can I track the user and keep him/her logged in between the two domains?

  Read the article

• Execute python code inside browser without Jython

  - by proportional

  Is there a way to execute python code in a browser, other than using Jython and an applet? The execution does not have to deal with anything related to graphics. For example, just sum all the digits of a binary 1Gb file (chosen by the browser user) and then return the result to the server. I am aware that python can be executed remotely outside a browser, but my requirement is to be done inside a browser. For sure, I take for granted the user will keep the right to execute or not, and will be asked to do so, and all this security stuff... but that is not my question.

  Read the article

• Firefox window.parent.location

  - by Mustafa Magdy

  I've a Html page index.htm which has an iframe to page search.htm the search.htm has code like this function executeSearch() { window.parent.location = "/SearchResults.aspx?t=" + txt_Search.value; } this code executed now from index.htm page and it works great on IE and Chrome, but not FireFox ... is there any work around ?? I tried window.parent.location.href, window.opener.location, window.parent.document.location ... but nothing of those worked. after searching the web i found some one with similar prob he said that this is a security settings in Firefox ... is this true?? and if so is there any workaround ?

  Read the article

• Html how to make a part on iframe, unvisible and unclickable externally? (my idea)

  - by ozan

  I have a page (A) including a BUTTON with a function close_window() , however when I embed A to my main page (B) using iframe, the close_window() can't work as expected since there is no more window anymore, and I am not able to remove the button from the iframe since A is on another domain (Security issues prevents). What I want to do is make this button label invisible. And the only way I think is to put a white image just to the place where that button exists on my iframe, externally. is Smthing like that possible? I want the image to be on the top of iframe? Or do you have any other idea ? Thanks for helps.

  Read the article

• Problem with bluetooth service in J2ME don't discoverable

  - by Fran

  Hi! I try to create a service with: LocalDevice localDevice = LocalDevice.getLocalDevice(); localDevice.setDiscoverable(DiscoveryAgent.GIAC); String url = "btl2cap://localhost:"+uuid.toString()+";name="+name+";authorize=true;authenticate=true;encrypt=true"; L2CAPConnectionNotifier notifier = (L2CAPConnectionNotifier)Connector.open(url); ServiceRecord = localDevice.getRecord(notifier); // Set some attributes // ... conn = notifier.acceptAndOpen(); //... I run this code on a Nokia 5800 and Nokia 2760, with 5800 I can see 2760, but not vice versa, I don't know what is the problem, I have think security problems... Any ideas? Thanks!

  Read the article

• how to add connection string for a windows form applicaton in asp.net

  - by manoj chalode

  i am working on windows form application and i want to add connection string of a database in. Right now, though i can access database i don't know the proper reasoning behind it. I have created a database and added it in a "Database" folder. The code for it is given below. i also want to know how can I make a connection string which can work on different PCs without changing it (I'm talking about relative path given in the "AttachDbFilename" attribute in the connection string). Reply... Conn = new SqlConnection(@"Data Source=.\SQLEXPRESS;AttachDbFilename="+ Application.StartupPath + "\\Database\\Database.mdf;Integrated Security=True;User Instance=True");

  Read the article

• Is it safe to develop for older versions of Zend Framework?

  - by RenderIn

  Our vendor-supported server's O/S only supports PHP 5.1.6, which limits us to ZF 1.6. The current version of Zend Framework requires a higher version of PHP. We're struggling to decide whether to adopt ZF because of this incompatibility. Is it feasible to develop (indefinitely) in these older versions of ZF or should we hold off? Features, security, bugs, etc. Is this a path we don't want to go down or are these older versions perfectly usable in a production environment?

  Read the article

• javascript button click casuing Internet Explorer secuirty exception...

  - by hp

  Hello, I have a application that allows a user to choose some parameters for a powerpoint report, run the report, then allow the user to "save" or "open" the powerpoint file. I got all of that working OK. When you click on "run" report, it pops open a window which generates the report, stores it in session, then closes the window. I have a button on the main page that will export the report. So, now, when the pop up window that generates the report is finished, i use "window.opener" to call a javascript method on the main page, that will do a javascript click of the button. when this button is pressed, Internet Explorer gives me the following message : "To help protect your security, Internet Explorer blocked this site from downloading files to your computer.." Do you guys know of any tricks around this?

  Read the article

• Asp.net 3.5 Deployment issue

  - by peter

  For deploying my website in server by using IIS 5.1,,i created virtual directory,,i browsed in to my application and selected asp.net 2.0 tab(application is framework3.5)..I reset framwork configuratio 2,0 Runtime security Policy Enterprise,Machine,User tab,,What ever things i can do i did Still also application is working properly,,but i am not able to deploy it in IIS i am getting this error If i browse Login.aspx i am getting ** Server Application Unavailable The web application you are attempting to access on this web server is currently unavailable. Please hit the "Refresh" button in your web browser to retry your request. Administrator Note: An error message detailing the cause of this specific request failure can be found in the application event log of the web server. Please review this log entry to discover what caused this error to occur. ** Is it with IIS 5.1?? Here my machine is acting as server ,It has xp professional 2002 service pack 2 and IIS 5.1

  Read the article

• Pros and Cons of Proprietary Software

  - by Jon Purdy

  Proprietary software is about as good as open-source software. There are so many problems with proprietary technologies, however, that I'm beginning to think it's best to avoid them: The software will only be maintained as long as the company exists (and profits). The level of security of the application is as unknowable as the source code. Alterations and derivative works, however necessary and beneficial, are disallowed. I simply don't see any point in even learning to use such systems as those created by Microsoft and Apple. Of course I don't pretend that ignorance is the superior option: one has to have a certain working knowledge simply because of the ubiquity of these things. I just don't see any reason why, as an independent developer, I should ever consider it a remotely good idea to actually use them. So that's the question, or discussion topic, or what have you: In what ways do developers benefit at all from using closed-source development software?

  Read the article

• How can I clean up this SELECT query?

  - by Cruachan

  I'm running PHP 5 and MySQL 5 on a dedicated server (Ubuntu Server 8.10) with full root access. I'm cleaning up some LAMP code I've inherited and I've a large number of SQL selects with this type of construct: SELECT ... FROM table WHERE LCASE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE( strSomeField, ' ', '-'), ',', ''), '/', '-'), '&', ''), '+', '') ) = $somevalue Ignoring the fact that the database should never have been constructed to require such a select in the first place, and the $somevalue field will need to be parameterised to plug the gaping security hole, what is my best option for fixing the WHERE condition into something less offensive? If I was using MSSQL or Oracle I'd simply put together a user-defined function, but my experience with MySQL is more limited and I've not constructed a UDF with it before, although I'm happy coding C. Update: For all those who've already raised their eyebrows at this in the original code, $somevalue is actually something like $GET['product']—there are a few variations on the theme. In this case the select is pulling the product back from the database by product name—after stripping out characters so it matches what could be previously passed as a URI parameter.

  Read the article

• whatz wrong in this SELECt query of MSSQL... ?

  - by user522211

  Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load Dim SQLData As New System.Data.SqlClient.SqlConnection("Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database.mdf;Integrated Security=True;User Instance=True") Dim cmdSelect As New System.Data.SqlClient.SqlCommand("SELECT * FROM Table1 WHERE Date =" & TextBox1.Text & "'", SQLData) SQLData.Open() Dim dtrReader As System.Data.SqlClient.SqlDataReader = cmdSelect.ExecuteReader() While dtrReader.Read() For j As Integer = 1 To 31 Dim s As String = "s" & j If dtrReader(s.ToString()).ToString() = "b" Then Dim img As ImageButton = DirectCast(Panel1.FindControl(s.ToString()), ImageButton) img.ImageUrl = "~/Images/booked.gif" img.Enabled = False End If Next End While dtrReader.Close() SQLData.Close() End Sub SHOWS AN ERROR : Unclosed quotation mark after the character string ''.

  Read the article

• Organizing PHP includes in your development environment

  - by Andrew Heath

  I'm auditing my site design based on the excellent Essential PHP Security by Chris Shiflett. One of the recommendations I'd like to adopt is moving all possible files out of webroot, this includes includes. Doing so on my shared host is simple enough, but I'm wondering how people handle this on their development testbeds? Currently I've got an XAMPP installation configured so that localhost/mysite/ matches up with D:\mysite\ in which includes are stored at D:\mysite\includes\ In order to keep include paths accurate, I'm guess I need to replicate the server's path on my local disk? Something like D:\mysite\public_html\ Is there a better way?

  Read the article

• Accessing FILESTREAM from an SQL CLR assembly

  - by superware

  I'm trying to stream FILESTREAM data from an unsafe SQL CLR assembly. The connection string is Data Source=LAPTOP2\SQLEXPRESS;Initial Catalog=test;Integrated Security=True;Enlist=False When creating a new SqlFileStream (inside a SqlTransaction, of course), I'm getting: The request is not supported at OpenSqlFilestream. So I decided to try native OpenSqlFilestream, but then I'm getting an invalid handle (-1) while GetLastWin32Error returns that same: The request is not supported (ERROR_NOT_SUPPORTED). I have also tried SqlContext.WindowsIdentity.Impersonate() with no apparent effect. I couldn't find any documentation referencing this restriction. Is it really unsupported? If it is unsupported, is there a good reason? Does anyone know of a workaround?

  Read the article

• Web Form based login in Java

  - by BrunoLM

  How can I block access to the site if a user is not logged in? Under web.xml Security I checked Form authentication then I selected Login and Error page, but I don't know how to block the access and redirect the user to the login page. Do I need a filter? If so, how can I get the login url I specified? And how should I call the validation method? I saw in some examples this code <form method=post action="j_security_check"> <input type="text" name="j_username" /> <input type="password" name="j_password" /> </form> What does it do?

  Read the article

• How to copy files from local machine to server using SSH file transfer protocol?

  - by morpheous

  I have an Ubuntu 9.10 desktop machine which I use locally. I am setting up a server on a hosting provider. The server will run a very minimal version of Ubuntu server LTS (only LAMP and email server no GUI). I want to write a script (scheduled as a cron job) that will allow me to upload local files onto the server. I want to use [SFTP][1], for security reasons. I am new to shell scripting - but I guess shell scripting is the way to do this (unless I am mistaken). Can anyone provide me with the initial pointers on how to go about writing such a script, in order to SECURELY upload local files to the server? Ideally, I would like to compress the files before the transfer (to save on bandwidth) [1]: http://SSH file transfer protocol

  Read the article

< Previous Page | 410 411 412 413 414 415 416 417 418 419 420 421  | Next Page >