Search Results

Search found 42090 results on 1684 pages for 'mean square method'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 529/1684 | < Previous Page | 525 526 527 528 529 530 531 532 533 534 535 536  | Next Page >

  • What am I missing in this ASP.NET XSS Security Helper class?

    - by smartcaveman
    I need a generic method for preventing XSS attacks in ASP.NET. The approach I came up with is a ValidateRequest method that evaluates the HttpRequest for any potential issues, and if issues are found, redirect the user to the same page, but in a away that is not threatening to the application. (Source code below) While I know this method will prevent most XSS attacks, I am not certain that I am adequately preventing all possible attacks while also minimizing false positives. So, what is the most effective way to adequately prevent all possible attacks, while minimizing false positives? Are there changes I should make to the helper class below, or is there an alternative approach or third party library that offers something more convincing? public static class XssSecurity { public const string PotentialXssAttackExpression = "(http(s)*(%3a|:))|(ftp(s)*(%3a|:))|(javascript)|(alert)|(((\\%3C) <)[^\n]+((\\%3E) >))"; private static readonly Regex PotentialXssAttackRegex = new Regex(PotentialXssAttackExpression, RegexOptions.IgnoreCase); public static bool IsPotentialXssAttack(this HttpRequest request) { if(request != null) { string query = request.QueryString.ToString(); if(!string.IsNullOrEmpty(query) && PotentialXssAttackRegex.IsMatch(query)) return true; if(request.HttpMethod.Equals("post", StringComparison.InvariantCultureIgnoreCase)) { string form = request.Form.ToString(); if (!string.IsNullOrEmpty(form) && PotentialXssAttackRegex.IsMatch(form)) return true; } if(request.Cookies.Count > 0) { foreach(HttpCookie cookie in request.Cookies) { if(PotentialXssAttackRegex.IsMatch(cookie.Value)) { return true; } } } } return false; } public static void ValidateRequest(this HttpContext context, string redirectToPath = null) { if(context == null || !context.Request.IsPotentialXssAttack()) return; // expire all cookies foreach(HttpCookie cookie in context.Request.Cookies) { cookie.Expires = DateTime.Now.Subtract(TimeSpan.FromDays(1)); context.Response.Cookies.Set(cookie); } // redirect to safe path bool redirected = false; if(redirectToPath != null) { try { context.Response.Redirect(redirectToPath,true); redirected = true; } catch { redirected = false; } } if (redirected) return; string safeUrl = context.Request.Url.AbsolutePath.Replace(context.Request.Url.Query, string.Empty); context.Response.Redirect(safeUrl,true); } }

    Read the article

  • Changing UINavigationBar font in Swift

    - by dcgoss
    I have a UINavigationBar with a title in the middle. I have added a custom font ("Comic_Andy.ttf") to my app (I have checked info.plist to make sure it's listed, and I have checked the Copy Bundle Resources to make sure it has been added), and I would like the title of the UINavigationBar to be displayed in that font. From what I can gather it seems as though I'm supposed to use this in my ViewController: myNavigationBar.titleTextAttributes = [NSFontAttributeName: UIFont(name: "Comic_Andy", size: 22)] I placed that method in the viewDidLoad function of the ViewController. I have also tried this in the didFinishLaunchingWithOptions function of the AppDelegate: UINavigationBar.appearance().titleTextAttributes = [NSFontAttributeName: UIFont(name: "Comic_Andy", size: 22)] I am programming in Swift, in XCode 6 Beta 6. Many resources regarding this task have mentioned using a method called setTitleTextAttributes, which is nowhere to be seen. I can't figure it out for the life of me - I've probably spent close to 3 hours on it by now - I have checked every StackOverflow answer, every website, so please do not mark this as a duplicate. Many thanks in advance!

    Read the article

  • PHP: Combine Two 16-bit Integers into a 32-bit integer

    - by Goro
    Hello, I am trying to combine two integers in my application. By combine I mean stick one byte stream at the end of the other, not concatenate the strings. The two integers are passed from hardware that can't pass a 32 bit value directly, but passes two consecutive 16-bit values separately. Thanks,

    Read the article

  • What exactly is REST architecture and how is it implemented in Rails?

    - by Jagira
    This is what I think of REST architecture. For every resource, there is an unique URI. We can manipulate that object using its URI and HTTP actions [POST, GET, PUT and DELETE]. The HTTP request transfers the representation of the state of that object. In all the texts I have read, REST is explained in a weird and confusing manner. One more thing, RESTFUL implementation in rails produces different urls for different purposes. Like /teams - for 'index' method... /teams/new - for 'new' method and so on. Ain't this moving away from rest, which defines that each resource has one unique URI???

    Read the article

  • Create class instance in assembly from string name

    - by Arcadian
    I'm not sure if this is possible, and I'm quite new to using assemblies in C#.NET. What I would like to do is to create an instance of a class when supplied the string name of that class. Something like this: using MyAssembly; namespace MyNameSpace { Class MyClass { int MyValue1; int MyValue2; public MyClass(string myTypeName) { foreach(Type type in MyAssembly) { if((string)type == myTypeName) { //create a new instance of the type } } AssignInitialValues(//the type created above) } //Here I use an abstract type which the type above inherits from private void AssignInitialValues(AbstractType myClass) { this.value1 = myClass.value1; this.value2 = myClass.value2; } } } Obviously you cannot compare strings to types but it illustrates what I'm trying to do: create a type from a supplied string. Any thoughts? EDIT: After attempting: var myObject = (AbstractType) Activator.CreateInstance(null, myTypeName); AssignInitialValues(myObject); I get a number of errors: Inconsistent accessibility: parameter type 'MyAssembly.AbstractType' is less accessible than method 'MyNameSpace.MyClass.AssignInitialValues(MyAssembly.AstractType)' 'MyAssembly.AstractType' is inaccessible due to it's protection level The type or namespace name 'MyAssembly' could not be found (are you missing a using directive or an assembly reference?) The type or namespace name 'AbstractType' could not be found (are you missing a using directive or an assembly reference?) Not exactly sure why it can't find the assembly; I've added a reference to the assembly and I use a Using Directive for the namespace in the assembly. As for the protection level, it's calling classes (or rather the constructors of classes) which can only be public. Any clues on where the problem is? UPDATE: After looking through several articles on SO I came across this: http://stackoverflow.com/a/1632609/360627 Making the AbstractTypeclass public solved the issue of inconsistent accessibility. The new compiler error is this: Cannot convert type 'System.Runtime.Remoting.ObjectHandle' to 'MyAssembly.AbstractType' The line it references is this one: var myObject = (AbstractType) Activator.CreateInstance(null, myTypeName); Using .Unwrap() get's me past this error and I think it's the right way to do it (uncertain). However, when running the program I then get a TypeLoadException when this code is called. TypeLoadException: Could not load type ‘AbstractType’ from assembly ‘MyNameSpace'... Right away I can spot that the type its looking for is correct but the assembly it's looking in is wrong. Looking up the Activator.CreateInstance(String, String) method revealed that the null as the first argument means that the method will look in the executing assembly. This is contrary to the required behavior as in the original post. I've tried using MyAssembly as the first argument but this produces the error: 'MyAssembly' is a 'namespace' but is used like a 'variable' Any thoughts on how to fix this?

    Read the article

  • How to get multiple selected values of select box in php?

    - by Param-Ganak
    Hi Friends! I have a html form which have a select list box from which you can select multiple values because its multiple property is set to multiple. Consider form method is get method. The html code for form is as follows. <html> <head> <title>Untitled Document</title> </head> <body> <form id="form1" name="form1" method="get" action="display.php"> <table width="300" border="1"> <tr> <td><label>Multiple Selection </label>&nbsp;</td> <td><select name="select2" size="3" multiple="multiple" tabindex="1"> <option value="11">eleven</option> <option value="12">twelve</option> <option value="13">thirette</option> <option value="14">fourteen</option> <option value="15">fifteen</option> <option value="16">sixteen</option> <option value="17">seventeen</option> <option value="18">eighteen</option> <option value="19">nineteen</option> <option value="20">twenty</option> </select> </td> </tr> <tr> <td>&nbsp;</td> <td><input type="submit" name="Submit" value="Submit" tabindex="2" /></td> </tr> </table> </form> </body> </html> I want to display the selected values in select list box on display.php page. So how the selected values are accessed on display.php page using $_GET[] array. Please reply Friends. Bye. Thank You.

    Read the article

  • Doubts in ada language involving procedures

    - by maddy
    Hi All, I am a beginner in ada and i had come across a piece of code which is shown below: procedure Null_Proc is begin null; end; Now as per my knowledge the procedure in ada doesn't return anything.My doubt is what does this procedure Null_proc do?I mean i am not clear with the definition of the procedure. Thanks and regards Maddy

    Read the article

  • Are TestContext.Properties read only ?

    - by DBJDBJ
    Using Visual Studio generate Test Unit class. Then comment out class initialization method. Inside it add your property, using the testContext argument. //Use ClassInitialize to run code before running the first test in the class [ClassInitialize()] public static void MyClassInitialize(TestContext testContext) { /* * Any user defined testContext.Properties * added here will be erased upon this method exit */ testContext.Properties.Add("key", 1 ) ; // above works but is lost } After leaving MyClassInitialize, properties defined by user are lost. Only the 10 "official" ones are left. This effectively means TestContext.Properties is read only, for users. Which is not clearly documented in MSDN. Please discuss. --DBJ

    Read the article

  • How to get parent node in Stanford's JavaNLP?

    - by roddik
    Hello. Suppose I have such chunk of a sentence: (NP (NP (DT A) (JJ single) (NN page)) (PP (IN in) (NP (DT a) (NN wiki) (NN website)))) At a certain moment of time I have a reference to (JJ single) and I want to get the NP node binding A single page. If I get it right, that NP is the parent of the node, A and page are its siblings and it has no children (?). When I try to use the .parent() method of a tree, I always get null. The API says that's because the implementation doesn't know how to determine the parent node. Another method of interest is .ancestor(int height, Tree root), but I don't know how to get the root of the node. In both cases, since the parser knows how to indent and group trees, it must know the "parent" tree, right? How can I get it? Thanks

    Read the article

  • Updating Android Home Screen TextView

    - by jmontex2
    Hi, How can we update the View of a Home Screen Widget on the onReceive method of AppWidgetProvider?. I am trying to update the TextView of my Home screen widget but it seems that I cant access the TextView of my AppWidgetProvider on onReceive method. Here is a sample code of my onReceive public void onReceive(Context context,Intent intent) { final String action = intent.getAction(); if (AppWidgetManager.ACTION_APPWIDGET_DELETED.equals(action)) { final int appWidgetId = intent.getExtras().getInt( AppWidgetManager.EXTRA_APPWIDGET_ID, AppWidgetManager.INVALID_APPWIDGET_ID); if (appWidgetId != AppWidgetManager.INVALID_APPWIDGET_ID) { this.onDeleted(context, new int[] { appWidgetId }); } } else { if (intent.getAction().equals(ACTION_WIDGET_RECEIVER)) { String msg = "null"; try { msg = intent.getStringExtra("msg"); } catch (NullPointerException e) { } Toast.makeText(context, msg, Toast.LENGTH_SHORT).show(); // code for gathering the text to update the TextView } } super.onReceive(context, intent); }

    Read the article

  • Access violation exception from Delphi's Supports -> QueryInterface

    - by Sharon
    Hi, I have the following piece of code: for i := 0 to FControlList.Count - 1 do if Supports(IMyControl(FControlList[i]), IMyControlEx) then begin MyControlEx := IMyControl(FControlList[i]) as IMyControlEx; MyControlEx.DoYourMagic(Self, SomeData); end; This code is called many times during my application execution, but in some specific cases it fails inside the Supports() method. And more specifically - it seems to fall inside the QueryInterface() call within the Supports() method. I checked that FControlList is not nil and FControlList[i] is not nil and it still happens. Any idea will be appreciated!!!

    Read the article

  • System.XML or Regex.Replace?

    - by cam
    I'm generating a large amount of XML documents from a set of values in an Excel file. The only thing that changes for each XML document is the values. I figured the best way to generate these documents was to make a "XML skeleton" (since the XML format never changes) and then plug in symbols like "&%blahNameblahTest", so then I could just preform a Regex.Replace on each value. I will be handing over this project to another developer and I'm wondering if I should convert the project to generate the XML file manually everytime through the System.XML namespace. The only advantages I see to this is ensuring that the XML document is valid. The current method would be more readable than that method, and way faster since I'm generating around 1500 documents.

    Read the article

  • How can I use Perl's s/// in an expression?

    - by mikeY
    I got a headache looking for this: How do you use s/// in an expression as opposed to an assignment. To clarify what I mean, I'm looking for a perl equivalent of python's re.sub(...) when used in the following context: newstring = re.sub('ab', 'cd', oldstring) The only way I know how to do this in perl so far is: $oldstring =~ s/ab/cd/; $newstring = $oldstring; Note the extra assignment.

    Read the article

  • Guidelines of when to use locking

    - by miguel
    I would like to know if there are any guidelineswhich a developer should follow as to when (and where) to place locks. For instance: I understand that code such as this should be locked, to avoid the possibility of another thread changing the value of SomeHeapValue unexpectedly. class Foo { public SomeHeapObject myObject; public void DoSummat(object inputValue_) { myObject.SomeHeapValue = inputValue_; } } My question is, however, how deep does one go with the locking? For instance, if we have this code: class Foo { public SomeHeapObject myObject; public void DoSummat(object inputValue_) { myObject.SomeHeapValue = GetSomeHeapValue(); } } Should we lock in the DoSummat(...) method, or should we lock in the GetSomeHeapValue() method? Are there any guidelines that you all keep in mind when strcturing multi-threaded code?

    Read the article

  • Converting an array to JSON and passing that to asmx

    - by user96403
    Hi. I am trying to use JSON.stringify() (from json2.js of json[dot]org ) to convert a JavaScript array to JSON string and to pass it to an asmx web method. I use jQuery AJAX. The call reaches the web method where I take a List <Object> as parameter but I get an empty list there in debug mode. My JSON string looks like well formed with all data , I even tried having single-quotes and double-quotes(escaped) around the 'names' of the JSON string. Please help.

    Read the article

  • iPhone CALayer Stacking Order

    - by Brian
    I'm using CALayers to draw to a UITableViewCell. I'm trying to figure out how layers are ordered with the content of the UITableViewCell. For instance: I add labels to the UITableViewCell in my cellForRow:atIndexPath method In the drawRect method of UITableViewCell I draw some content using the current context Also, in drawRect I add a few sublayers So what would be the order of these elements. I know I have zPosition on the CALayers but I'm not sure if they are always on top of any subviews of the UITableViewCell. And I'm not sure where the content that is drawn in drawRect comes in the order. Any help or links to documentation would be great. I have read through the Core Animation Programming Guide and didn't see anywhere where this would be answered.

    Read the article

  • How to properly document programming languages?

    - by roydukkey
    Where can I find information on how to properly document a programming language? What I mean is that there seems to be a standard way to document code. php.net and api.jquery.com seem to document there code the a similar way. For example, the trim() description on php.net. string trim ( string $str [, string $charlist ] ) And likewise on jquery.com .animate( properties, [ duration ], [ easing ], [ callback ] ) Does anyone even know what this syntax is called?

    Read the article

  • Code equivalence between Javascript and PHP

    - by xdevel2000
    I'm trying to learn PHP and I wish to know if there are some function equivalence constructs: In JS I can do: var t = function() {}; t(); myObj.DoStuff = function() {} // here I add a method at run-time myObj.DoStuff(); myObj["DoStuff"](); var j = myObj.DoStuff; j(); and so other things with function evaluation. In Js objects are associative arrays so every properties is accessible with the subscript notation... Can I add a method at run-time to a class template so next its object instances can have it? In JS I can do that via a prototype function property.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 525 526 527 528 529 530 531 532 533 534 535 536  | Next Page >