Search Results

Search found 68155 results on 2727 pages for 'data security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 417/2727 | < Previous Page | 413 414 415 416 417 418 419 420 421 422 423 424  | Next Page >

  • How do API Keys and Secret Keys work?

    - by viatropos
    I am just starting to think about how api keys and secret keys work. Just 2 days ago I signed up for Amazon S3 and installed the S3Fox Plugin. They asked me for both my Access Key and Secret Access Key, both of which require me to login to access. So I'm wondering, if they're asking me for my secret key, they must be storing it somewhere right? Isn't that basically the same thing as asking me for my credit card numbers or password and storing that in their own database? How are secret keys and api keys supposed to work? How secret do they need to be? Are these applications that use the secret keys storing it somehow? Thanks for the insight.

    Read the article

  • Encrypt URL in asp.net

    - by Zerotoinfinite
    Hi All, My site is in asp.net 3.5 and C#. I am sending link to my user through mail, now I want to send each user a specific URL. so instead of sending the clear text I want to send link with encrypted string URL, which I will decrypt on my home page. Like instead of www.mysite.aspx\mypage?userId=12 i'll send www.mysite.aspx\mypage?UserId=)@kasd12 and the same i'll decrypt on my page so that I'll get the userId = 12. Please let me know if my approach is correct and not and how can I encrypt & decrypt the string in simplest and easier manner. Thanks in advance.

    Read the article

  • ASP.NET: Unable to validate data.

    - by SoloBold
    What is the cause of this exception in ASP.NET? Obviously it is a viewstate exception, but I can't reproduce the error on the page that is throwing the exception (a simple two TextBox form with a button and navigation links). FWIW, I'm not running a web farm. Exception Error Message: Unable to validate data. Error Source: System.Web Error Target Site: Byte[] GetDecodedData(Byte[], Byte[], Int32, Int32, Int32 ByRef) Post Data VIEWSTATE: /wEPDwULLTE4NTUyODcyMTFkZF96FHxDUAHIY3NOAMRJYZ+CKsnB EVENTVALIDATION: /wEWBAK+8ZzHAgKOhZRcApDF79ECAoLch4YMeQ2ayv/Gi76znHooiRyBFrWtwyg= Exception Stack Trace at System.Web.UI.ViewStateException.ThrowError(Exception inner, String persistedState, String errorPageMessage, Boolean macValidationError) at System.Web.UI.ObjectStateFormatter.Deserialize(String inputString) at System.Web.UI.ObjectStateFormatter.System.Web.UI.IStateFormatter.Deserialize(String serializedState) at System.Web.UI.Util.DeserializeWithAssert(IStateFormatter formatter, String serializedState) at System.Web.UI.HiddenFieldPageStatePersister.Load() at System.Web.UI.Page.LoadPageStateFromPersistenceMedium() at System.Web.UI.Page.LoadAllState() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) at System.Web.UI.Page.ProcessRequest(HttpContext context) at ASP.default_aspx.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) ~ William Riley-Land

    Read the article

  • How can I find out if an data- attribute is set to an empty value?

    - by Stephan Wagner
    Is there a way to find out if an data- attribute is set to an empty value or if it is not set at all? See this fiddle example (Check the console when clicking on the elements): http://jsfiddle.net/StephanWagner/yy8qvwfp/ <div onclick="console.log($(this).attr('data-test'))">undefined</div> <div data-test="" onclick="console.log($(this).attr('data-test'))">empty</div> <!-- this one will also return an empty value --> <div data-test onclick="console.log($(this).attr('data-test'))">null</div> <div data-test="value" onclick="console.log($(this).attr('data-test'))">value</div> Im having the issue with the third example. I need to know if the attribute actually is set to an empty value or if it is not set at all. Is that actually possible? EDIT: The reason I'm asking is that I'm updating content with the attributes value, so data-test="" should update the content to an empty value, but data-test should do nothing at all

    Read the article

  • Best way to bundles photos with app: files or in sqlite database?

    - by Bryan Denny
    Lets say that I have an app that lets you browse through a listing of cars found in a Sqlite database. When you click on a car in the listing, it'll open up a view with the description of the car and a photo of the car. My question is: should I keep the photo in the database as a binary data column in the row for this specific car, or should I have the photo somewhere in the resources directory? Which is better to do? Are there any limitations of Sqlite in terms of how big a binary data column can be? The database will be pretty much be read only and bundled with the app (so the user wouldn't be inserting any cars and their photos).

    Read the article

  • IIS7 integrated mode closing token between requests

    - by user607287
    We are migrating to IIS7 integrated mode and have come across an issue. We authenticate using WindowsAuthentication but then store a reference to the WindowsPrincipal so that on future requests we can authorize as needed against AD. In IIS 7 Integrated mode, the token is being closed (between requests) so that when we try to run IsInRole it generates a disposed exception. Is there a way to cache this token or change our use of WindowsPrincipal so that we don't need to make successive AD requests to get it for each authorization request? Here is the exception being thrown from WindowsPrincipal.IsInRole("") - System.ObjectDisposedException: {"Safe handle has been closed"} Thanks.

    Read the article

  • Correct way to safely store token/secret/etc from OAuth?

    - by viatropos
    I just started looking into OAuth and it looks really nice. I have oauth with twitter working in ruby right now. Now I'm wondering, what is the recommended safe way to store the responses in my local database and session? What should I store? Where should I store it? This example twitter-oauth-with-rails app stores a user.id in the session, and the user table has the token and secret. But that seems like it'd be really easy to hack and get the secret by just passing in a slew of test user ids, no?

    Read the article

  • SQL Injection When Using MySQLi Prepared Statements

    - by Sev
    If all that is used to do any and all database queries is MySQLi prepared statements with bound parameters in a web-app, is sql injection still possible? Notes I know that there are other forms of attack other than sql-injection, but my question is specific to sql-injection attacks on that particular web application only.

    Read the article

  • Can this be improved? Scrubing of dangerous html tags.

    - by chobo2
    I been finding that for something that I consider pretty import there is very little information or libraries on how to deal with this problem. I found this while searching. I really don't know all the million ways that a hacker could try to insert the dangerous tags. I have a rich html editor so I need to keep non dangerous tags but strip out bad ones. So is this script missing anything? It uses html agility pack. public string ScrubHTML(string html) { HtmlDocument doc = new HtmlDocument(); doc.LoadHtml(html); //Remove potentially harmful elements HtmlNodeCollection nc = doc.DocumentNode.SelectNodes("//script|//link|//iframe|//frameset|//frame|//applet|//object|//embed"); if (nc != null) { foreach (HtmlNode node in nc) { node.ParentNode.RemoveChild(node, false); } } //remove hrefs to java/j/vbscript URLs nc = doc.DocumentNode.SelectNodes("//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'javascript')]|//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'jscript')]|//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'vbscript')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.SetAttributeValue("href", "#"); } } //remove img with refs to java/j/vbscript URLs nc = doc.DocumentNode.SelectNodes("//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'javascript')]|//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'jscript')]|//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'vbscript')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.SetAttributeValue("src", "#"); } } //remove on<Event> handlers from all tags nc = doc.DocumentNode.SelectNodes("//*[@onclick or @onmouseover or @onfocus or @onblur or @onmouseout or @ondoubleclick or @onload or @onunload]"); if (nc != null) { foreach (HtmlNode node in nc) { node.Attributes.Remove("onFocus"); node.Attributes.Remove("onBlur"); node.Attributes.Remove("onClick"); node.Attributes.Remove("onMouseOver"); node.Attributes.Remove("onMouseOut"); node.Attributes.Remove("onDoubleClick"); node.Attributes.Remove("onLoad"); node.Attributes.Remove("onUnload"); } } // remove any style attributes that contain the word expression (IE evaluates this as script) nc = doc.DocumentNode.SelectNodes("//*[contains(translate(@style, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'expression')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.Attributes.Remove("stYle"); } } return doc.DocumentNode.WriteTo(); }

    Read the article

  • How can I sign a Windows Mobile application for internal use?

    - by AR
    I'm developing a Windows Mobile application for internal company use, using the Windows Mobile 6 Professional SDK. Same old story: I've developed and tested on the emulator and all is well, but as soon as I deploy to advice I get an UnauthorizedAccessException when writing files or creating directories. I'm aware that an application installed to a device needs to be signed but I'm running into roadblocks at every turn: Using the project properties 'Devices' window I select 'Sign the project output with this certificate, and choose one of the sample certificates from the SDK. This results in a build error: "The signer's certificate is not valid for signing" when running SignTool. If I try to run SignTool.exe from the commandline, I get an error telling me to run SignTool.exe from a location in the system's PATH. I can't use the 'Signing' tab in the Project Properties to create a test certificate - this is greyed out (presumably for WinMobile projects?). If at all possible, I would like to avoid having to go through Versign or the like to get a Mobile2Market certificate. If I have to go this route for a final version that's fine, but I need to at least be able to test the app on real devices. Any advice would be most welcome!

    Read the article

  • How to isolate data per customer, Django powered website

    - by Sawwy
    I have recently started learning python and django and working on a project that includes building a website for collecting information from customers. I am currently trying to figure out best way to isolate the customer data (collected information is sensitive and should only be accessible by customer and the service provider). I found this post Postgresql - one database for everyone, or one-database per customer and my question is that can I automate the model inheritance with customer creation via admin? To be specific, when save() is called for adding customer via django admin, this should create the customer specific tables (create a new set of tables with 'company_name' -prefix). For more information of the environment, I have extended the basic user registration with custom UserProfile adding 'company' and 'role' fields for each user. Upon login, the 'company' of the user will be checked to filter out tables without the 'company_name' prefix. 'Role' will further filter the which company-specific tables and set rights (view, edit). will appreciate any suggestions if more elegant methods could be used to solve the data isolation problem than model inheritance.

    Read the article

  • Is it safe to read regular expressions from a file?

    - by Zilk
    Assuming a Perl script that allows users to specify several text filter expressions in a config file, is there a safe way to let them enter regular expressions as well, without the possibility of unintended side effects or code execution? Without actually parsing the regexes and checking them for problematic constructs, that is. There won't be any substitution, only matching. As an aside, is there a way to test if the specified regex is valid before actually using it? I'd like to issue warnings if something like /foo (bar/ was entered. Thanks, Z. EDIT: Thanks for the very interesting answers. I've since found out that the following dangerous constructs will only be evaluated in regexes if the use re 'eval' pragma is used: (?{code}) (??{code}) ${code} @{code} The default is no re 'eval'; so unless I'm missing something, it should be safe to read regular expressions from a file, with the only check being the eval/catch posted by Axeman. At least I haven't been able to hide anything evil in them in my tests. Thanks again. Z.

    Read the article

  • passing data from a client form via jquery ajax dinamicly

    - by quantum62
    i wanna insert specification of members that enter in textboxs of form in the database .i do this operation with jquery ajax when i call webmetod with static value the operation do successfully.for example this code is ok. $.ajax({ type: "POST", url:"MethodInvokeWithJQuery.aspx/executeinsert", data: '{ "username": "user1", "name":"john","family":"michael","password":"123456","email": "[email protected]", "tel": "123456", "codemeli": "123" }', contentType: "application/json; charset=utf-8", dataType: "json", async: true, cache: false, success: function (msg) { $('#myDiv2').text(msg.d); }, error: function (x, e) { alert("The call to the server side failed. " + x.responseText); } } ); but when i wanna use of values that enter in textboxes dynamically error occur.whats problem?i try this two code <script type="text/javascript"> $(document).ready( function () { $("#Button1").click( function () { var username, family, name, email, tel, codemeli, password; username = $('#<%=TextBox1.ClientID%>').val(); name = $('#<%=TextBox2.ClientID%>').val(); family = $('#<%=TextBox3.ClientID%>').val(); password = $('#<%=TextBox4.ClientID%>').val(); email = $('#<%=TextBox5.ClientID%>').val(); tel = $('#<%=TextBox6.ClientID%>').val(); codemeli = $('#<%=TextBox7.ClientID%>').val(); $.ajax( { type: "POST", url: "WebApplication20.aspx/executeinsert", data: "{'username':'username','name':name, 'family':family,'password':password, 'email':email,'tel':tel, 'codemeli':codemeli}", contentType: "application/json;charset=utf-8", dataType: "json", async: true, cache: false, success: function(msg) { alert(msg); }, error: function (x, e) { alert("The call to the server side failed. " + x.responseText); } } ); } ) }) </script> or $(document).ready( function () { $("#Button1").click( function () { var username, family, name, email, tel, codemeli, password; username = $('#<%=TextBox1.ClientID%>').val(); name = $('#<%=TextBox2.ClientID%>').val(); family = $('#<%=TextBox3.ClientID%>').val(); password = $('#<%=TextBox4.ClientID%>').val(); email = $('#<%=TextBox5.ClientID%>').val(); tel = $('#<%=TextBox6.ClientID%>').val(); codemeli = $('#<%=TextBox7.ClientID%>').val(); $.ajax( { type: "POST", url: "WebApplication20.aspx/executeinsert", data: '{"username" : '+username+', "name": '+name+', "family": '+family+', "password": '+password+', "email": '+email+', "tel": '+tel+' , "codemeli": '+codemeli+'}', contentType: "application/json;charset=utf-8", dataType: "json", async: true, cache: false, success: function(msg) { alert(msg); }, error: function (x, e) { alert("The call to the server side failed. " + x.responseText); } } ); } ) })

    Read the article

  • To join or not to join - database structure

    - by Industrial
    Hi! We're drawing up the database structure with the help of mySQL Workbench for a new app and the number of joins required to make a listing of the data is increasing drastically as the many-to-many relationships increases. The questions: Is it really that bad to merge tables where needed and thereby reducing joins? Is there a better way then pivot tables to take care of many-to-many relationships? We discussed about instead storing all data in serialized text columns and having the application make the sorting instead of the database, but this seems like a very bad idea, even though that the database will be heavily cached. What do you think? Thanks!

    Read the article

  • Large tables of static data with DBGhost

    - by Paulo Manuel Santos
    We are thinking of restructuring our database development and deployment processes by using DBGhost, we want to move away from the central development database and bring the database to the source control. One of the problems we have is a big table with static data (containing translated language strings), it has close to 200K rows. I know that our best solution is to move these stings into resource files, but until we implement that, will DbGhost be able to maintain all this static data and generate our development and deployment databases in a short time? And if not is there a good alternative to filling up this table whenever we need to?

    Read the article

  • firefox object height ignored when data

    - by John Rygielski
    I have a flash video loading in a modal window. It works in others browsers but not Firefox. Firefox opens the modal window to the correct width of the object, but with no height. I have come to learn that Firefox does not recognize <param> and instead uses the data attribute. However, when I remove this attribute, the modal opens with correct height. What is going on? Here is the code the modal window loads: <object width="720" height="520" type="application/x-shockwave-flash" data="proxymovie.SWF?file=proxymovie.MP4"> <param name="movie" value="proxymovie.SWF?file=proxymovie.MP4" /> <img src="images/poster.png" width="720" height="480" alt="" title="Download the video below" /> </object>

    Read the article

  • Posting data using AJAX

    - by ognjenb
    public ActionResult Create() { return View(); } // // POST: /Partial/Create [HttpPost] public ActionResult Create(last_name ln) { try { // TODO: Add insert logic here proba.AddTolast_name(ln); proba.SaveChanges(); return View(); } catch { return View(); } } Part of index View: <div id="Div1"> <% using (Ajax.BeginForm("Create", new AjaxOptions { UpdateTargetId = "Div1" })) { %> <%= Html.Action("Create")%> <% } %> </div> In this solutions data from from View Create not post to database. In this solutions data posted to database <div id="Div1"> <%= Html.Action("Create")%> </div> View "Create" is strongly typed view. Why is this happening ie why the first solution does not work?

    Read the article

  • Self-signed ceritificates for many users/browsers/sites

    - by Demiurg
    Here is my problem - I have a lot of users using different browsers accessing many internal web sites using https. I can create my own Certificate Authority, than create a certificate for each server and after that have all the users import it. Obviously, it cannot work in reality - there are too many users and too many sites, and some sites will be added in the future. I'm looking for a way to automate this. Is there a way to create a certificate so that all major browsers (IE, FF, Opera, Chrome and Safari) would trust it for all servers ? If so, what is the best way to install it automatically in all major browsers ?

    Read the article

  • Prevent strings stored in memory from being read by other programs

    - by Roy
    Some programs like ProcessExplorer are able to read strings in memory (for example, my error message written in the code could be displayed easily, even though it is compiled already). Imagine if I have a password string "123456" allocated sequentially in memory. What if hackers are able to get hold of the password typed by the user? Is there anyway to prevent strings from being seen so clearly? Oh yes, also, if I hash the password and sent it from client to server to compare the stored database hash value, won't the hacker be able to store the same hash and replay it to gain access to the user account? Is there anyway to prevent replaying? Thank You!

    Read the article

  • mysqli_stmt_bind_param SQL Injection

    - by profitphp
    Is there still an injection risk when using prepared statements and mysqli_stmt_bind_param? For example: $malicious_input = 'bob"; drop table users'; mysqli_stmt_bind_param($stmt, 's', $malicious_input); Behind the scenes does mysqli_stmt_bind_param pass this query string to mysql: SET @username = "bob"; drop table users"; Or does it perform the SET command through the API, or use some type of protection to keep this from happening?

    Read the article

  • Data scheme question

    - by Matt
    I am designing a data model for a local city page, more like requirements for it. So 4 tables: Country, State, City, neighbourhood. Real life relationships is: Country owns multiple State which owns multiple cities which ows multiple neighbourhoods. In the data model: Do we link these with FK the same way or link each with each? Like in each table there will even be a Country ID, State ID, CityID and NeighbourhoodID so each connected with each? Other wise to reach neighbourhood from country we need to join 2 other tables in between? There are more tables I need to maintain for IP addess of cities, latitude/longitude, etc.

    Read the article

  • Posting Static & Variable length data to the Server with JQUERY & Coldfusion

    - by nobosh
    I'm looking to post the following type of data to a server using JQUERY & Coldfusion: foodID - int foodDESC - text html text from a WYSIWYG (CKEDITOR) --there will always be just 1 foodID and foodDESC per POST to the server but there can be a variable number of: locationID - int LocationDesc - text --There can be 0-8+ of these. Should I send this in one post or multiple posts? If one post, what's the smartest way to do this? I'm never had to deal with this much data before. Thank you

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 413 414 415 416 417 418 419 420 421 422 423 424  | Next Page >