Search Results

Search found 14878 results on 596 pages for 'mod security'.

Page 483/596 | < Previous Page | 479 480 481 482 483 484 485 486 487 488 489 490  | Next Page >

• How to prompt for username and password entry in C# / SQL ASP.NET web app?

  - by salvationishere

  How do I prompt for username and password in my C#/SQL web application? This was developed in VS 2008 on a 32-bit XP. The current connection string I'm using in my web.config file is: <add name="AdventureWorksConnectionString2" connectionString="Data Source=SIDEKICK;Initial Catalog=AdventureWorks;Persist Security Info=false; " providerName="System.Data.SqlClient" /> When I select Basic Authentication it pops up the warning: "The authentication option you have chosen results in passwords being sent over the network without data encryption..." How do I choose this authentication method and still send passwords over securely? So essentially I am looking for the most secure authentication method but that still requires users to input password?

  Read the article

• embedded dev. question - how to break free from a faulty serial port opening?

  - by user347266

  Under WindowsCE, C++ project, I'm trying to work with devices connected via both "real" serial ports and/or serial-to-usb wrappers ("virtual" serial ports); my problem is - when I try to open the port, if something goes wrong, the function never returns and the system goes into some non-responsive state and has to be eventually rebooted. I need to open the ports from the main thread. The question is - how can I make it happen in a controlled way?? this is the opening code snippet: std::ostringstream device_name; device_name << "\\.\COM" << port; m_port = ::CreateFile(device_name.str().c_str(), GENERIC_READ | GENERIC_WRITE, 0, // exclusive access NULL, // no security OPEN_EXISTING, FILE_FLAG_OVERLAPPED, // overlapped I/O NULL); // null template any suggestions would be greatly appreciated thanks!

  Read the article

• Post values in PHP Headers

  - by kumar

  Hi.. I want send some data to a remote webpage from my site. Actually it can be achieved through form hidden variables. but for security reason, i want set as post variables in header and then send to that webpage. i use this code $post_data = 'var1=123&var2=456'; $content_length = strlen($post_data); header('POST http://localhost/testing/test.php HTTP/1.1'); header('Host: localhost'); header('Connection: close'); header('Content-type: application/x-www-form-urlencoded'); header('Content-length: ' . $content_length); header($post_data); but my code doesn't work properly. help me...

  Read the article

• how can cookies track users despite same origin policy?

  - by user1763930

  Article here discusses tactics used by political campaigns. http://www.nytimes.com/2012/10/14/us/politics/campaigns-mine-personal-lives-to-get-out-vote.html The part in question is quoted: The campaigns have planted software known as cookies on voters’ computers to see if they frequent evangelical or erotic Web sites for clues to their moral perspectives. Voters who visit religious Web sites might be greeted with religion-friendly messages when they return to mittromney.com or barackobama.com. How is that possible? I thought all modern browsers have same origin policy security where website A doesn't have access to any information about other website B, website C, etc. The article makes it sound like a user browses: 1. presidentialcandidate.com 2. website2.com 3. website3.com 4. website4.com 5. presidentialcandidate.com How can a cookie from visit #1 know track user history and be revealed in visit #5?

  Read the article

• sqlite3.OperationalError

  - by fixxxer

  Hi, The "python manage.py syncdb" command is giving me the following error: sqlite3.OperationalError: unable to open database file I'm following the step by step instructions in Practical Django Projects, so I think this has to do something with the Windows Operating system acting quirky! Things I've checkde: 1.The path is updated in settings.py is absolutely correcto! 2. Path is : C:\Documents and Settings\fixavier\Desktop\Django\Database\cms\cms.txt So the entire folder - Database, has sharing and security permissions. I'm pretty much at the bottom of the ocean for not being able to follow and successfully execute simple instructions, so could you please help me out here!

  Read the article

• Referencing invalid memory locations with C++ Iterators

  - by themoondothshine

  I am a big fan of GCC, but recently I noticed a vague anomaly. Using __gnu_cxx::__normal_iterator (ie, the most common iterator type used in libstdc++, the C++ STL) it is possible to refer to an arbitrary memory location and even change its value without causing an exception! Is this expected behavior? If so, isn't a security loophole? Here's an example: #include <iostream> using namespace std; int main() { basic_string<char> str("Hello world!"); basic_string<char>::iterator iter = str.end(); iter += str.capacity() + 99999; *iter = 'x'; cout << "Value: " << *iter << endl; }

  Read the article

• How to run a command on a remote Windows system as a non-admin user with WMI?

  - by John

  I have a script written in Visual Basic that starts a process (given to the script as an argument) on a remote system (again, given as an argument) using WMI. This script works fine when using an Administrator account on the remote system, but when using a non-administrator account, I get the following error: ConnectServer Failed w/ (-2147024891) Access is denied. I'd like to be able to run processes on remote systems as a non-administrator user with this script, and I'm pretty sure the problem is due to security settings on the remote system, but I've not been able to reset the right ones.

  Read the article

• A PHP Function that verify code language

  - by tymc

  Hi, I have a form with 2 textareas; the first one allows user to send HTML Code, the second allows to send CSS Code. I have to verify with a PHP function, if the language is correct. If the language is correct, for security, i have to check that there is not PHP code or SQL Injection or whatever. What do you think ? Is there a way to do that ? Where can I find this kind of function ? Is "HTML Purifier" http://htmlpurifier.org/ a good solution ?

  Read the article

• PhpMyAdmin; Should I disable root login?

  - by Camran

  I have this setup in Phpmyadmin: USER HOST PASSW PRIVILEGES GRANT debian-sys-maint localhost Yes ALL PRIVILEGES YES phpmyadmin localhost Yes USAGE NO root 127.0.0.1 Yes ALL PRIVILEGES YES root localhost Yes ALL PRIVILEGES YES root my_hostname Yes ALL PRIVILEGES YES username localhost Yes ALL PRIVILEGES YES Where "username" is my username and "my_hostname" is my hostname. I am currently only logging in as the last one (username, localhost). Also, I have php which also uses the last ones login details. Should I disable the other ones? And, what other security measures should I take? BTW: My server is Linux and I have root access. Thanks

  Read the article

• Getting content of a Facebook page in Adobe Flex

  - by cuneyt

  Hi guys, I wrote a Flex application that sends a UrlRequest to Facebook and gets the content of page as a string. The application user clicks a button, and the application connects to Facebook. And no I do not mean using Facebook API. It is like a screen scraper. This application worked locally, but when deployed to server it gives a sandbox security error. I have my crossdomain.xml on the root, but I think the problem is not that. Not only Facebook, but I cannot get any web site when the application is deployed on server. What should I do to get the content of a remote web page?

  Read the article

• java version 1.6 applet requistes

  - by gautam

  Hi, I upgraded my java version 1.5 to 1.6. My applet is not working what are prequesties ? i have changed classid and MIME type to 1.6. Its giving exception: load: class com.timer.AppletGenerator.class not found. java.lang.ClassNotFoundException: com.timer.AppletGenerator.class at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source) at sun.plugin2.applet.Plugin2Manager.createApplet(Unknown Source) at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.io.IOException: open HTTP connection failed:http://localhost:8080/Perfmonitoringgui-000.004.000/com/timer/AppletGenerator/class.class at sun.plugin2.applet.Applet2ClassLoader.getBytes(Unknown Source) at sun.plugin2.applet.Applet2ClassLoader.access$000(Unknown Source) at sun.plugin2.applet.Applet2ClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) ... 7 more Exception: java.lang.ClassNotFoundException: com.timer.AppletGenerator.class Thanks

  Read the article

• can we assign object value to the label?

  - by user334294

  I have a label for that i have to assign object value which is returned by stored procedure.my code as following object returnvalue; SqlConnection con = new SqlConnection("Data Source=vela21; Initial Catalog=MilkDb;Integrated Security=True"); con.Open(); string sa; sa = textBox1.Text; SqlCommand cmd = new SqlCommand("custname", con); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add("Cid", SqlDbType.Int).Value = sa; cmd.Parameters.Add("cname", SqlDbType.NVarChar, 20); cmd.Parameters["cname"].Direction = ParameterDirection.Output; returnvalue = cmd.ExecuteNonQuery(); label3.Text = Convert.ToString(returnvalue); con.Close(); can anyone help me? plz........

  Read the article

• [php + mysql] Save IP in database

  - by Knarf

  When a user logs inn I want to save their IP in the database. How would I do that? What type is best to use for the MySQL field? How would the PHP code to get IP look like? I'm thinking of using it as an extra security feature for the login/session stuff. I'm thinking of checking the IP the user logged in with from the DB with the IP the user have now as addition to checking the session. So that it first check the session, and then check if you have a valid IP. Is that an allright extra feature? And what other things can I do to make it more secure?

  Read the article

• php most memory efficient way to return files

  - by bumperbox

  so i have a bunch of files, some can be up to 30-40mb and i want to use php to handle security of the files, so i can control who has access to them that means i have a script sort of like this rough example $has_permission = check_database_for_permission($user, filename); if ($has_permission) { header('Content-Type: image/jpeg'); readfile ($filename); exit; } else { // return 401 error } i would hate for every request to load the full file into memory, as it would soon chew up all the memory on my server with a few simultaneous requests so a couple of questions is readfile the most memory efficient way of doing this? is there some better method of achieving the same outcome, that i am overlooking? server: apache/php5 thanks

  Read the article

• Runtime Error in asp.net?(online )

  - by Surya sasidhar

  hi, I develop a web application it is working fine in local. When i upload the site in online through CuteFTP it is showing the error like this... Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine. Details: To enable the details of this specific error message to be viewable on remote machines, please create a tag within a "web.config" configuration file located in the root directory of the current web application. This tag should then have its "mode" attribute set to "Off". Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's configuration tag to point to a custom error page URL. please help me i place the but even though it is not working it is giving same error. Thank you

  Read the article

• Windows XP: Have my program run in kernel mode?

  - by Kalamari

  I'm currently learning about the different modes the Windows operating system runs in (kernel mode vs. user mode), device drivers, their respective advantages and disadvantages and computer security in general. I would like to create a practical example of what a faulty device driver that runs in kernel mode can do to the system, by for example corrupting memory used for critical OS-processes. How can I execute my code in kernel mode instead of user mode, directly? Do I have to write a dummy device driver and install it to do this? Where can I read more about kernel and user mode in Windows? I know the dangers of this and will do all of the experiments on a virtual machine running Windows XP only

  Read the article

• How does lock(syncRoot) make sense on a static method?

  - by Rising Star

  The following code is excerpted from the (Windows Identity Foundation SDK) template that MS uses to create a new Security Token Service Web Site. public static CustomSecurityTokenServiceConfiguration Current { get { HttpApplicationState httpAppState = HttpContext.Current.Application; CustomSecurityTokenServiceConfiguration customConfiguration = httpAppState.Get( CustomSecurityTokenServiceConfigurationKey ) as CustomSecurityTokenServiceConfiguration; if ( customConfiguration == null ) { lock ( syncRoot ) { customConfiguration = httpAppState.Get( CustomSecurityTokenServiceConfigurationKey ) as CustomSecurityTokenServiceConfiguration; if ( customConfiguration == null ) { customConfiguration = new CustomSecurityTokenServiceConfiguration(); httpAppState.Add( CustomSecurityTokenServiceConfigurationKey, customConfiguration ); } } } return customConfiguration; } } I'm relatively new to multi-threaded programming. I assume that the reason for the lock statement is to make this code thread-safe in the event that two web requests arrive at the web site at the same time. However, I would have thought that using lock (syncRoot) would not make sense because syncRoot refers to the current instance that this method is operating on... but this is a static method? How does this make sense?

  Read the article

• jQuery model-view-controller vs Spring MVC

  - by user1515968

  my question is what potential problems or difficulties would be with implementing usual web app with somewhat reach user interface (multiple dynamic tabs, accordians and so on) using jQuery MVC approach with Spring REST vs using Spring MVC. Problems what I can think of could be: I will not be able to use Spring security fully, JavaScript coding could become hard to manage, any form verification becomes not easy to manage... what else? and does jQuery MVC with REST make sense at all? On other side jQuery with MVC and REST move all GUI concerns to JavaScript side (whether it is bad or not) and leave all data manipulation to server side.

  Read the article

• Should we develop code on a local machine in a VLAN?

  - by red tiger

  Because of security reasons, we will not be able to use IIS on our local machines. I'm sure that many of you have faced the same problem, so how did you solve it? Here are the options that we're looking at: Create a VLAN that is isolated from the network for development. This will allow us to use any software, including IIS, that we want. A disadvantage is testing Web services with external organizations, which can be overcome by using stubs. Not use a VLAN and use only the ASP.NET Development Server that comes with Visual Studio, and then deploying that code to the development server. This has the disadvantage of not being able to replicate the production environment during local development. In addition, at least one developer needs IIS for GIS development, so he couldn't develop locally. Thank you for comments or suggestions that you may have!

  Read the article

• Xampp error on windows

  - by Deepak Kumar

  My problem is when i use xampp i see many error and when i use my web it has no error Notice: Undefined index: action in C:\xampp\htdocs\xyz\index.php on line 3 Notice: Undefined index: usNick in C:\xampp\htdocs\xyz\config.php on line 11 Notice: Use of undefined constant setname - assumed 'setname' in C:\xampp\htdocs\xyz\config.php on line 31 Notice: Use of undefined constant setname - assumed 'setname' in C:\xampp\htdocs\xyz\config.php on line 31 Notice: Undefined index: usNick in C:\xampp\htdocs\xyz\config.php on line 34 Notice: A session had already been started - ignoring session_start() in C:\xampp\htdocs\xyz\data.php on line 2 Notice: Undefined index: r in C:\xampp\htdocs\xyz\data.php on line 4 Notice: Undefined index: ucNick in C:\xampp\htdocs\xyz\data.php on line 8 I have tried many time changing things in Setting, Security, Privileges etc but nothing changed, I want to know if im missing something out Thanks

  Read the article

• How can I play a flv file that is hosted on a remote website?

  - by pennstatephil

  I'm looking to play a flash video hosted on a remote website. I've tried the following (and profuse google-ing): In source of page on http://fakesite1.com/player.jsp: <embed src = "FlashPlayer.swf?file=http://fakesite2.net/video.flv" /> I can browse to http://fakesite2.net/video.flv and ensure it's there, but the player comes back "movie not loaded" (on right-click) on fakesite1. My initial guess is that this might be some sort of security feature... is it possible to play a video hosted on a remote site?

  Read the article

• Hash passwords before transmitting? (web)

  - by wag2639

  I was reading this Ars article on password security and it mentioned there are sites that "hash the password before transmitting"? Now, assuming this isn't using an SSL connection (HTTPS), a. is this actually secure and b. if it is how would you do this in a secure manor? Edit 1: (some thoughts based on first few answers) c. If you do hash the password before transmission, how do you use that if you only store a salted hash version of the password in your user credentials databas? d. Just to check, if you are using a HTTPS secured connection, is any of this necessary?

  Read the article

• Is it better to store user text (such as a blog entry or private messages) in the database or as flat files?

  - by Fredashay

  I'm building a social networking type site that will be storing large chunks of text that's entered by users, such as blog entries and private messages. As such, these will be entered once, with minimal revisions, but many reads by multiple users over time. I'm using MySQL, by the way. My concerns are: Storing large blocks of text on the database will fill the database to capacity eventually. I read somewhere that storing user text in flat files is a security risk? (The filenames will be generated dynamically by the PHP, not by the user.) Storing them as text files may cause them to become out of sync if I ever have to reinitialize the database and restore it from backups. What are all your thoughts and advice, pros and cons?

  Read the article

• Access is denied trying to access a sMetabasePath on a SMTP Server from a different Web Server

  - by RJ

  I have written a C# dot net application that updates the SMTP relay restriction list in IIS 6. Running the application locally works great and I can add/remove IPs/DNS from the relay restriction list without any problem. Now I need to do the same for a SMTP server that is not running on the same webserver that I have the application running. So I have the web application on webserver A and the SMTP server on webserver/smtp server B. My app pool is running under a domain user and I have given the same user rights to the SMTP server under the security tab in the SMTP Virtual Server property window. I thought I could simply change the sMetabasePath from "IIS://localhost/smtpsvc/1" to "IIS://10.171.243.134/smtpsvc/1" and everything would just work but I get an "Access is denied" error. So I must have to do something else to get this to work. I even gave the domain user full admin rights on the SMTP server to no avail. Any ideas

  Read the article

• SQL Compact 2008 Connection String Problem

  - by Seth

  I have the following code to connect to a sql server compact edition 2008: private SqlConnection sqlConn; public void createConnection() { String connectionString = @"Data Source=C:\Projects\somefile.sdf;Persist Security Info=False"; sqlConn = new SqlConnection(connectionString); sqlConn.Open(); } However, I keep getting the following error when sqlConn.Open() is executed: "A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)" Does anyone have any ideas what the problem might be? I can create a connection to the db in the database explorer but it doesn't seem to work in code.

  Read the article

< Previous Page | 479 480 481 482 483 484 485 486 487 488 489 490  | Next Page >