Search Results

Search found 5433 results on 218 pages for 'escaped characters'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 43/218 | < Previous Page | 39 40 41 42 43 44 45 46 47 48 49 50  | Next Page >

  • Understanding 400 Bad Request Exception

    - by imran_ku07
        Introduction:          Why I am getting this exception? What is the cause of this error. Developers are always curious to know the root cause of an exception, even though they found the solution from elsewhere. So what is the reason of this exception (400 Bad Request).The answer is security. Security is an important feature for any application. ASP.NET try to his best to give you more secure application environment as possible. One important security feature is related to URLs. Because there are various ways a hacker can try to access server resource. Therefore it is important to make your application as secure as possible. Fortunately, ASP.NET provides this security by throwing an exception of Bad Request whenever he feels. In this Article I am try to present when ASP.NET feels to throw this exception. You will also see some new ASP.NET 4 features which gives developers some control on this situation.   Description:   http.sys Restrictions:           It is interesting to note that after deploying your application on windows server that runs IIS 6 or higher, the first receptionist of HTTP request is the kernel mode HTTP driver: http.sys. Therefore for completing your request successfully you need to present your validity to http.sys and must pass the http.sys restriction.           Every http request URL must not contain any character from ASCII range of 0x00 to 0x1F, because they are not printable. These characters are invalid because these are invalid URL characters as defined in RFC 2396 of the IETF. But a question may arise that how it is possible to send unprintable character. The answer is that when you send your request from your application in binary format.           Another restriction is on the size of the request. A request containg protocal, server name, headers, query string information and individual headers sent along with the request must not exceed 16KB. Also individual header should not exceed 16KB.           Any individual path segment (the portion of the URL that does not include protocol, server name, and query string, for example, http://a/b/c?d=e,  here the b and c are individual path) must not contain more than 260 characters. Also http.sys disallows URLs that have more than 255 path segments.           If any of the above rules are not follow then you will get 400 Bad Request Exception. The reason for this restriction is due to hack attacks against web servers involve encoding the URL with different character representations.           You can change the default behavior enforced by http.sys using some Registry switches present at HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters    ASP.NET Restrictions:           After passing the restrictions enforced by the kernel mode http.sys then the request is handed off to IIS and then to ASP.NET engine and then again request has to pass some restriction from ASP.NET in order to complete it successfully.           ASP.NET only allows URL path lengths to 260 characters(only paths, for example http://a/b/c/d, here path is from a to d). This means that if you have long paths containing 261 characters then you will get the Bad Request exception. This is due to NTFS file-path limit.           Another restriction is that which characters can be used in URL path portion.You can use any characters except some characters because they are called invalid characters in path. Here are some of these invalid character in the path portion of a URL, <,>,*,%,&,:,\,?. For confirming this just right click on your Solution Explorer and Add New Folder and name this File to any of the above character, you will get the message. Files or folders cannot be empty strings nor they contain only '.' or have any of the following characters.....            For checking the above situation i have created a Web Application and put Default.aspx inside A%A folder (created from windows explorer), then navigate to, http://localhost:1234/A%25A/Default.aspx, what i get response from server is the Bad Request exception. The reason is that %25 is the % character which is invalid URL path character in ASP.NET. However you can use these characters in query string.           The reason for these restrictions are due to security, for example with the help of % you can double encode the URL path portion and : is used to get some specific resource from server.   New ASP.NET 4 Features:           It is worth to discuss the new ASP.NET 4 features that provides some control in the hand of developer. Previously we are restricted to 260 characters path length and restricted to not use some of characters, means these characters cannot become the part of the URL path segment.           You can configure maxRequestPathLength and maxQueryStringLength to allow longer or shorter paths and query strings. You can also customize set of invalid character using requestPathInvalidChars, under httpruntime element. This may be the good news for someone who needs to use some above character in their application which was invalid in previous versions. You can find further detail about new ASP.NET features about URL at here           Note that the above new ASP.NET settings will not effect http.sys. This means that you have pass the restriction of http.sys before ASP.NET ever come in to the action. Note also that previous restriction of http.sys is applied on individual path and maxRequestPathLength is applied on the complete path (the portion of the URL that does not include protocol, server name, and query string). For example, if URL is http://a/b/c/d?e=f, then maxRequestPathLength will takes, a/b/c/d, into account while http.sys will take a, b, c individually.   Summary:           Hopefully this will helps you to know how some of initial security features comes in to play, but i also recommend that you should read (at least first chapter called Initial Phases of a Web Request of) Professional ASP.NET 2.0 Security, Membership, and Role Management by Stefan Schackow. This is really a nice book.

    Read the article

  • What characters are NOT escaped with a mysqli prepared statement?

    - by barfoon
    Hey everyone, I'm trying to harden some of my PHP code and use mysqli prepared statements to better validate user input and prevent injection attacks. I switched away from mysqli_real_escape_string as it does not escape % and _. However, when I create my query as a mysqli prepared statement, the same flaw is still present. The query pulls a users salt value based on their username. I'd do something similar for passwords and other lookups. Code: $db = new sitedatalayer(); if ($stmt = $db->_conn->prepare("SELECT `salt` FROM admins WHERE `username` LIKE ? LIMIT 1")) { $stmt->bind_param('s', $username); $stmt->execute(); $stmt->bind_result($salt); while ($stmt->fetch()) { printf("%s\n", $salt); } $stmt->close(); } else return false; Am I composing the statement correctly? If I am what other characters need to be examined? What other flaws are there? What is best practice for doing these types of selects? Thanks,

    Read the article

  • Shouldn't we count characters of code and comments instead of lines of code and comments? [closed]

    - by Gabriel
    Counting lines of code and comments is sometimes bogus, since most of what we write may be written in one or more lines, depending column count limitations, screen size, style and so forth. Since the commonly used languages (say C, C++, C# and Java) are free-form, wouldn't it be more clever to count characters instead? Edit: I'm not considering LOC-oriented programming where coders try to artificially match requirements by adding irrelevant comments or using multiple lines where less would be enough (or the opposite). I'm interested in better metrics that would be independent of coding style, to be used by honest programmers.

    Read the article

  • How do I best remove the unicode characters that XHTML regards as non-valid using php?

    - by Andrew Stacey
    I run a forum designed to support an international mathematics group. I've recently switched it to unicode for better support of international characters. In debugging this conversion, I've discovered that not all unicode characters are considered as valid XHTML (the relevant website appears to be http://www.w3.org/TR/unicode-xml/). One of the steps that the forum software goes through before presenting the posts to the browser is an XHTML validation/sanitisation step. It seems a reasonable idea that at that stage it should remove any unicode characters that XHTML doesn't like. So my question is: Is there a standard (or best) way of doing this in PHP? (The forum is written in PHP, by the way.) I guess that the failsafe would be a simple str_replace (if that's also the best, do I need to do anything extra to make sure it works properly with unicode?) but that would involve me having to go through the XHTML DTD (or the above-referenced W3 page) carefully to figure out what characters to list in the search part of str_replace, so if this is the best way, has someone already done that so that I can steal, err, copy, it? (Incidentally, the character that caused the problem was U+000C, the 'formfeed', which (according to the W3 page) is valid HTML but invalid XHTML!)

    Read the article

  • how to generate unique numbers less than 8 characters long.

    - by loudiyimo
    hi I want to generate unique id's everytime i call methode generateCustumerId(). The generated id must be 8 characters long or less than 8 characters. This requirement is necessary because I need to store it in a data file and schema is determined to be 8 characters long for this id. Option 1 works fine. Instead of option 1, I want to use UUID. The problem is that UUID generates an id which has to many characters. Does someone know how to generate a unique id which is less then 99999999? option 1 import java.util.HashSet; import java.util.Random; import java.util.Set; public class CustomerIdGenerator { private static Set<String> customerIds = new HashSet<String>(); private static Random random = new Random(); // XXX: replace with java.util.UUID public static String generateCustumerId() { String customerId = null; while (customerId == null || customerIds.contains(customerId)) { customerId = String.valueOf(random.nextInt(89999999) + 10000000); } customerIds.add(customerId); return customerId; } } option2 generates an unique id which is too long public static String generateCustumerId() { String ownerId = UUID.randomUUID().toString(); System.out.println("ownerId " + ownerId); return ownerId }

    Read the article

  • How to search for newline or linebreak characters in Excel?

    - by Highly Irregular
    I've imported some data into Excel (from a text file) and it contains some sort of newline characters. It looks like this initially: If I hit F2 (to edit) then Enter (to save changes) on each of the cells with a newline (without actually editing anything), Excel automatically changes the layout to look like this: I don't want these newlines characters here, as it messes up data processing further down the track. How can I do a search for these to detect more of them? The usual search function doesn't accept an enter character as a search character.

    Read the article

  • Why do funky characters show up in these Microsoft Word equations?

    - by mipadi
    A colleague sent me a document created with Microsoft Office 2007 that contains equations. On her end, the document looks fine; however, on my end, the equations show up with these funky characters overlaid on them: Why do these weird characters show up, and how do I fix it? The equations appear like this in both .doc and .docx documents. Additionally, when I double-click on the equations to edit them, I get a warning that the equations were created with a newer version of the equation editor, and when I close the editing window, the equations are gone completely. I think this might indicate a compatibility problem, but I am not sure of a solution.

    Read the article

  • How can I practice with a full set of characters in KTouch?

    - by Josh
    I originally used KTouch to learn Qwerty touch typing, but found it too stressful on the hands. Hearing about Dvorak, I decided I'd switch to that (still using a Qwerty keyboard, but with the keys mapped differently). Since the keyboard is physically displaying a Qwerty layout, I cannot look at the keyboard for hints, making it very hard to type characters that I am unfamiliar with. Unfortunately, KTouch only covers letters, not punctuation and other symbols. Where can I find a lecture that covers all, or most of, the characters on a keyboard?

    Read the article

  • bash starts replacing the characters on the current line insead of moving over to the next line

    - by Lazer
    I use bash shell $ bash --version GNU bash, version 3.2.25(1)-release (x86_64-redhat-linux-gnu) Copyright (C) 2005 Free Software Foundation, Inc. $ Sometimes, when typing a command on the prompt that is pretty lengthy and does not fit in the current line, instead of displaying the extra characters on the next line, bash starts again on the current line.. replacing the characters that were there and making a mess. what should happen : |---------------------------------------------| | $ my big long command takes a lot of argumen| | s and does not fit in a single line | | | |---------------------------------------------| what happens instead : |---------------------------------------------| | s and does not fit in a single linef argumen| | | | | |---------------------------------------------| The issue is intemittent If I resize my shell window to really small width, normal behaviour is restored Does anyone have any idea what is happening here? $ echo $TERM xterm $ echo $PS1 \[\e[30m\][\t]\[\e[0m\]\[\e]0;\w\a\]\[\e[30m\][\W]$ $

    Read the article

  • Mac OS X: How to change word separator characters?

    - by avetis.kazarian
    Depending on your system, the word separator characters change the way you can select/delete a word (e.g. by double clicking on it or using a key combination with your keyboard). The fact is that I hate the default behavior of OSX. For example: Take the following line of code: obj.attr1.innerAttr. If my cursor is at the end of the line and I press alt + backspace, it will delete everything and not just innerAttr. I only found some apps (like iTerm) which let you change the word separator characters. Is there a way to change it for the whole system?

    Read the article

  • Can PuTTY be configured to display the following UTF-8 characters?

    - by Stuart Powers
    I'd like to be able to render the characters as seen in this tweet: I saved the tweet's JSON data and wrote a one-liner python script for testing. python -c 'import json,urllib; print json.load(urllib.urlopen("http://c.sente.cc/BUCq/tweet.json"))["text"]' This next image shows the output of this command on two different putty sessions, one with Bitstream Vera Sans Mono font and the other is using Courier New: Next is an example of correct output (I wasn't using PuTTY): The original JSON is at this link using Twitter's API. How can I get PuTTY to display those characters?

    Read the article

  • Convert shell logs (incl. escape characters) to HTML?

    - by dehmann
    Is there tool or a regexp that can convert shell escape characters to HTML code? As an example, here is a logfile from GNU screen: ^MESC[K$ ^MESC[K$ exit Executing .bashrc ESC[00;31;31mserver.xyz.com: ESC[00;34;34m~ which I would like to convert to something like this: $ exit Executing .bashrc <font color=red>server.xyz.com</font>: <font color=blue>~</font> and send as HTML e-mail to an e-mail address, to archive my work. Here is a related question, which shows how to convert it to regular text, but it would be nice to convert to HTML and not just throw the escape characters away.

    Read the article

  • Using Regex, how can I remove certain characters from the inside of tags in a string of html?

    - by Iain Fraser
    Suppose I have a string of html that contains a bunch of control characters and I want to remove the control characters from inside tags only, leaving the characters outside the tags alone. For example Here the control character is the numeral "1". Input The quick 1<strong>orange</strong> lemming <sp11a1n 1class1='jumpe111r'11>jumps over</span> 1the idle 1frog Desired Output The quick 1<strong>orange</strong> lemming <span class='jumper'>jumps over</span> 1the idle 1frog So far I can match tags which contain the control character but I can't remove them in one regex. I guess I could perform another regex on my matches, but I'd really like to know if there's a better way. My regex Bear in mind this one only matches tags which contain the control character. <(([^>])*?`([^>])*?)*?> Thanks very much for your time and consideration. Iain Fraser

    Read the article

  • How long (max characters) can a datastore entity key_name be? Is it bad to haver very long key_names

    - by indiehacker
    What is the maximum number of characters that can be used to define the key_name of a datastore entity? Is it bad to have very long key_names? For example: Lets say we use key_names of a 170 characters, which is the length of a Twitter message 140 plus 10 numeric characters for latitude and 10 for longtitude and 10 for a timestamp. (Reasoning of such a key_name: So by using such a key_name we can easily and quickly be sure of no duplicate postings, since the same message should not come from the same place and time more than once.)

    Read the article

  • How to draw Wingdings 2 characters outside of the 0..255 range in .NET?

    - by romkyns
    The standard windows Charmap utility shows quite a few characters in the "Wingdings 2" font whose character codes are greater than 255 - for example, 0xE4E shows a hand. However, if I try to draw these characters as follows: g.DrawString(new string((char) 0xE4E, 1), new Font("Wingdings 2", 20), brush, x, y); then all I get is a standard "box" replacement character. This is weird, because the above code works for Wingdings 2 symbols between 0x21 and 0xFF, and also works for ALL symbols in, say, Arial Unicode MS. How can I draw those characters from this particular font? Is there a separate API? (Win7; .NET 3.5 SP1) P.S. Here's the weird Character Map font with the duplicated character ranges:

    Read the article

  • How would you create a string of all UTF-8 characters? [PHP]

    - by Xeoncross
    There are many ways to represent the +1 million UTF-8 characters. Take the latin capital "A" with macron (A). This is unicode code point U+0100, hex number 0xc4 0x80, decimal number 196 128, and binary 11000100 10000000. I would like to create a collection of the first 65,535 UTF-8 characters for use in testing applications. These are all unicode characters up to code point U+FFFF (byte3). Is it possible to do something like a for($x=0) loop and then convert the resulting decimal to another base (like hex) which would allow the creation of the matching unicode character? I can create the value A using something like this: $char = "\xc4\x80"; // or $char = chr(196).chr(128); However, I am not sure how to turn this into an automated process. // fail! $char = "\x". dechex($a). "\x". dexhex($$b);

    Read the article

  • How to get rid of "d»z" or "" characters

    - by Cassandra
    I have website based on Umbraco 5. I have installed contact form plugin (http://cultivjupitercontact.codeplex.com/). And on the web page at the end of this contact form there are always characters "d»z". It looks like that: ... <input type="submit" value="Send" /> </fieldset> <input name='uformpostroutevals' type='hidden' value='somevalue' /></form>d»z I suspect there is something wrong with encoding. I have tried to change it(to ANSI or UTF-8 without BOM but it didn't helped. Perhaps I have changed it in wrong file, cause I don't really know where exactly this 'd»z'is coming from. All I know it came with this plugin. On different server those extra characters are "". How can I get rid of those extra characters? Any help much appreciated!

    Read the article

  • Python file input string: how to handle escaped unicode characters?

    - by Michi
    In a text file (test.txt), my string looks like this: Gro\u00DFbritannien Reading it, python escapes the backslash: >>> file = open('test.txt', 'r') >>> input = file.readline() >>> input 'Gro\\u00DFbritannien' How can I have this interpreted as unicode? decode() and unicode() won't do the job. The following code writes Gro\u00DFbritannien back to the file, but I want it to be Großbritannien >>> input.decode('latin-1') u'Gro\\u00DFbritannien' >>> out = codecs.open('out.txt', 'w', 'utf-8') >>> out.write(input)

    Read the article

  • Best way to convert a Unicode URL to ASCII (UTF-8 percent-escaped) in Python?

    - by benhoyt
    I'm wondering what's the best way -- or if there's a simple way with the standard library -- to convert a URL with Unicode chars in the domain name and path to the equivalent ASCII URL, encoded with domain as IDNA and the path %-encoded, as per RFC 3986. I get from the user a URL in UTF-8. So if they've typed in http://?.ws/? I get 'http://\xe2\x9e\xa1.ws/\xe2\x99\xa5' in Python. And what I want out is the ASCII version: 'http://xn--hgi.ws/%E2%99%A5'. What I do at the moment is split the URL up into parts via a regex, and then manually IDNA-encode the domain, and separately encode the path and query string with different urllib.quote() calls. # url is UTF-8 here, eg: url = u'http://?.ws/?'.encode('utf-8') match = re.match(r'([a-z]{3,5})://(.+\.[a-z0-9]{1,6})' r'(:\d{1,5})?(/.*?)(\?.*)?$', url, flags=re.I) if not match: raise BadURLException(url) protocol, domain, port, path, query = match.groups() try: domain = unicode(domain, 'utf-8') except UnicodeDecodeError: return '' # bad UTF-8 chars in domain domain = domain.encode('idna') if port is None: port = '' path = urllib.quote(path) if query is None: query = '' else: query = urllib.quote(query, safe='=&?/') url = protocol + '://' + domain + port + path + query # url is ASCII here, eg: url = 'http://xn--hgi.ws/%E3%89%8C' Is this correct? Any better suggestions? Is there a simple standard-library function to do this?

    Read the article

  • How save JavaScript and HTML in option without it being auto-escaped?

    - by bobsoap
    And there I thought I knew Wordpress well. It now seems that update_option() auto-escapes code. If I want to save some Javascript or HTML code in an option, this behavior renders the code unusable. I refuse to do a str_replace on the returned value to filter out every backslash. There has to be a better way. Here's the PHP for the text box to enter some code: $option = unserialize(get_option('option')); <textarea name="option[box]"><?php echo $option['box']; ?></textarea> This is what happens after submitting the form (in essence): update_option('option', serialize($_POST)); Any ideas?

    Read the article

  • How can I take the first 100 characters of html content ( without stripping the TAGS! )

    - by Atomiton
    There are lots of questions on how to strip html tags, but not many on functions/methods to close them. Here's the situation. I have a 500 character Message summary ( which includes html tags ), but I only want the first 100 characters. Problem is if I truncate the message, it could be in the middle of an html tag... which messes up stuff. Assuming the html is something like this: <div class="bd">"Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. <br/> <br/>Some Dates: April 30 - May 2, 2010 <br/> <p>Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. <em>Duis aute irure dolor in reprehenderit</em> in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. <br/> </p> For more information about Lorem Ipsum doemdloe, visit: <br/> <a href="http://www.somesite.com" title="Some Conference">Some text link</a><br/> </div> How would I take the first ~100 characters or so? ( Although, ideally that would be the first approximately 100 characters of "CONTENT" ( in between the html tags ) I'm assuming the best way to do this would be a recursive algorithm that keeps track of the html tags and appends any tags that would be truncated, but that may not be the best approach. My first thoughts are using recursion to count nested tags, and when we reach 100 characters, look for the next "<" and then use recursion to write the closing html tags needed from there. The reason for doing this is to make a short summary of existing articles without requiring the user to go back and provide summaries for all the articles. I want to keep the html formatting, if possible. NOTE: Please ignore that the html isn't totally semantic. This is what I have to deal with from my WYSIWYG. EDIT: I added a potential solution ( that seems to work ) I figure others will run into this problem as well. I'm not sure it's the best... and it's probably not totally robust ( in fact, I know it isn't ), but I'd appreciate any feedback

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 39 40 41 42 43 44 45 46 47 48 49 50  | Next Page >