Search Results

Search found 48853 results on 1955 pages for 'web ui'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 548/1955 | < Previous Page | 544 545 546 547 548 549 550 551 552 553 554 555  | Next Page >

  • Preventing dictionary attacks on a web application

    - by Kevin Pang
    What's the best way to prevent a dictionary attack? I've thought up several implementations but they all seem to have some flaw in them: Lock out a user after X failed login attempts. Problem: easy to turn into a denial of service attack, locking out many users in a short amount of time. Incrementally increase response time per failed login attempt on a username. Problem: dictionary attacks might use the same password but different usernames. Incrementally increase response time per failed login attempt from an IP address. Problem: easy to get around by spoofing IP address. Incrementally increase response time per failed login attempt within a session. Problem: easy to get around by creating a dictionary attack that fires up a new session on each attempt.

    Read the article

  • Securing a REST API

    - by Christopher McCann
    I am in the middle of developing a REST API - the first one I ever have. The data being passed through the API is not of such a critical nature that there will be loss of life, economics etc if it was intercepted but at the same time I would like it to be secure. The data being transferred is simply like the data that would be transferred on Twitter or Facebook - not overly confidential but still should be kept private. What is the best way to secure this data? Am I best to use HTTP Basic Auth over SSL or should I be looking into something like OAuth. I have never really used REST much before so bit of a first for me. Thanks

    Read the article

  • Getting the responseText from XMLHttpRequest-Object

    - by Sammy46
    I wrote a cgi-script with c++ to return the query-string back to the requesting ajax object. I also write the query-string in a file in order to see if the cgi script works correctly. But when I ask in the html document for the response Text to be shown in a messagebox i get a blank message. here is my code: js: <script type = "text/javascript"> var XMLHttp; if(navigator.appName == "Microsoft Internet Explorer") { XMLHttp = new ActiveXObject("Microsoft.XMLHTTP"); } else { XMLHttp = new XMLHttpRequest(); } function getresponse () { XMLHttp.open ("GET", "http://localhost/cgi-bin/AJAXTest?" + "fname=" + document.getElementById('fname').value + "&sname=" + document.getElementById('sname').value,true); XMLHttp.send(null); } XMLHttp.onreadystatechange=function(){ if(XMLHttp.readyState == 4) { document.getElementById('response_area').innerHTML += XMLHttp.readyState; var x= XMLHttp.responseText alert(x) } } </script> First Names(s)<input onkeydown = "javascript: getresponse ()" id="fname" name="name"> <br> Surname<input onkeydown = "javascript: getresponse();" id="sname"> <div id = "response_area"> </div> C++: int main() { QFile log("log.txt"); if(!log.open(QIODevice::WriteOnly | QIODevice::Text)) { return 1; } QTextStream outLog(&log); QString QUERY_STRING= getenv("QUERY_STRING"); //if(QUERY_STRING!=NULL) //{ cout<<"Content-type: text/plain\n\n" <<"The Query String is: " << QUERY_STRING.toStdString()<< "\n"; outLog<<"Content-type: text/plain\n\n" <<"The Query String is: " <<QUERY_STRING<<endl; //} return 0; } I'm happy about every advice what to do! EDIT: the output to my logfile works just fine: Content-type: text/plain The Query String is: fname=hello&sname=world I just noticed that if i open it with IE8 i get the query-string. But only on the first "keydown" after that IE does nothing.

    Read the article

  • Listen to HTML/CSS events of web page

    - by David Metcalfe
    I'm looking for a way to listen for an event in the HTML/CSS of a webpage. Basically, a website I use at work lists queues and appointments, which flag as yellow/red based on the amount of time late on taking said appointment. Other than this visual aide, there is no alert of any kind, which is a failing point if one is juggling multiple windows and doesn't notice. What I would like to do is put together a simple way to watch for the tag ID or perhaps the flag hex color, and then alert me in a way of my choosing. The work environment is on OS X, so I presume I'm looking at an Objective-C centric solution unless Applescript is capable of doing this. Any help would be greatly appreciated.

    Read the article

  • Cheapest SSL certificates

    - by Aaron Maenpaa
    I'm looking for cheap SSL certs for running a personal website over https without triggering Firefox's "you may be facing a man-in-the-middle-attack" response that self signed certs provoke. Nothing particularly fancy, no EV, etc. Any recommendations/where do you get your certificates from?

    Read the article

  • JSP Component Creation

    - by jboyd
    When creating JSP pages one thing that I'd often like is the ability to do something like this: <jsp:include page="fancystoryrenderer.jsp" value="${aStoryObjectInMyModel}/> ... fancystoryrenderer.jsp <div id="fancymainbody"> ... ${theStory.title} ... </div> The main important characteristics of this is that I can reuse the same component on the same JSP page in different places without having to copy paste the component and give the story variables different names, notice that the story is called "theStory" in the JSP and not "aStoryObjectInMyModel", the linkage between our model has been broken by the view, which is a good thing in this case How do you do this?

    Read the article

  • How do I upload a file, process it and return a result file in a single request to a REST WCF service?

    - by sharptooth
    I need to implement the following scenario in a REST service implemented in WCF: the user submits a binary file and a set of parameters the server consumes the file, does some clever work and generates a binary output file the user retrieves that binary result file and all that is done in a single operation from the client perspective. It's pretty easy in a non-REST service. How do I do that in a REST service? Where do I get started?

    Read the article

  • Is there a good in-browser code editor?

    - by levik
    We've all seen in-browser rich text editors, which allow you to edit colored/styled text in a WYSIWYG manner. But what about code editors, which automatically highlight code based on language rules as you type? Think Eclipse in a textarea (but without the refactoring support). Do such things exist? I imagine scaling would be a problem - larger files would be difficult to edit efficiently.

    Read the article

  • Infinite queue for build while TFS Preview publishing on Azure Cloud Service

    - by dygo
    I've created Cloud Service and linked TFS Preview Project for CI deployments. I've chosen Manual mode for triggering the builds. The previously queued builds were successfully completed and deployed. And the website based on this Cloud Service was running fine. Waiting in the queue was no more than 3-5 seconds. Now when I click - "Queue New Build" - the new build item is created in the queue but it never runs. I can successfully Publish project onto Azure Cloud service from VS2012 though. What could be the most common reasons for this?

    Read the article

  • Does Apache allow to authorize an HTTP request based on a result of a subrequest?

    - by Jan Wrobel
    I'm looking for an equivalent of nginx http auth request module but for Apache. For each incoming HTTP requests, the module sends a subrequests to authentication/authorization back-end. Th auth request carries a path and all headers of the original request. Based on the result of the auth request, the original requests is allowed (HTTP code 200), denied (HTTP code 403) or login is requested (HTTP code 401). Such a generic mechanism allows to build really flexible authentication and authorization schemes. Is something like this possible in Apache (likely with a help of some third party module)?

    Read the article

  • Get Highest Res Favicon

    - by Jeremy
    I'm making a website that needs to dynamically obtain the favicon of sites upon request. I've found a few api's that can accomplish this fairly well, and so far I'm liking http://www.fvicon.com/. The final image for my website will be 64x64px, and some websites such as Google and Wordpress have nice images of this size that are easily retrieved via this api. Though, of course, most websites only have a 16x16 favicon image and scaling that image to 64x64 has very bad quality loss. Examples: (high res) http://a.fvicon.com/wordpress.com?format=png&width=64&height=64 (low res) http://a.fvicon.com/yahoo.com?format=png&width=64&height=64 Keeping this in mind, I'm planning on somehow determining whether a high-res image is available and, if so, the website will use this image. If not, I want to use a pre-made 64x64 icon with the smaller icon layered over it. What I'm having trouble with is determining if there is a high res favicon available or not. Also, I'm curious if there's a better approach to this situation. I'd rather not use smaller images (64x64 works out really well for this project). The lowest res I'm willing to drop to is 48x48 but even then there will be a significant quality loss for scaling up 16x16 favicons. Any ideas? If you need any more information I will gladly provide it. Thank you!

    Read the article

  • The Wheel Invention - Beneficial For Learning?

    - by Sarfraz
    Hello, Chris Coyier of css-tricks.com has written a good article titled Regarding Wheel Invention. In a paragraph he says: On the “reinventing” side, you benefit from complete control and learning from the process. And on the very next line he says: On the other side, you benefit from speed, reliability, and familiarity. Also often at odds are time spent and cost. He is right in both statements I think. I really like his first statement. I do actually sometimes re-invent the wheel to learn more and gain complete control over what I am inventing. I wonder why people are so much against that or rather biased. Isn't there the benefit of learning and getting complete control or probably some other benefits too. I would love to see what you have to say about this.

    Read the article

  • Data Web Controls

    - by Nani
    Hi In a repeater control can we achive both sorting and grouping together, If possiple plz guide me the way. If not, what is the best control to obtain just sorting and grouping. Thank You

    Read the article

  • Converting WAR to EAR and other Glassfish stories

    - by Random
    Hello! I am really new in this so I hopefully don't make any terrible mistake. I apologize before hand if I have. In my project I was using tomcat and deploying WAR files. But now some bosses wants to deploy EAR files. So there we go. I first downloaded Glassfish (don't know if it's the apropiate application server for a newbie like me), instaled it and all (I even deployed the hello.war in the autodeploy _< ). Then prepared an EAR file. From what I know, I just need to create an Enterprise Application Project in Eclipse and add to the module my war file. This changes the application.xml file automatically (thanks eclipse project!). So I exported it to an EAR file and uploaded it to the glassfish server. Wonders of wonders, it doesn't work. I also tried deploying the old WAR file in this new shiny glassfish but it goes on http-404 not found error. The glassfish seems to say that my project is not in ~/domains/domain1/docroot. By the way I am using windows and I am aware of some problems between glassfish and windows due to some updating open files or such. So I have to questions: First, Am I doing the EAR package correctly? Second, Do I need to do some especial configuration to the glassfish server to deploy EAR and WAR files? Thanks!

    Read the article

  • SimpleDB direct client access

    - by AlexJReid
    One of the useful things about S3 for content storage is that a client can directly make a direct HTTP request to download the object. For instance, this is how Twitter serve up avatar images. SimpleDB provides an HTTP interface to data. Rather than having to write a proxy that sits inbetween SimpleDB and the client, is it possible for client software (i.e. desktop, mobile) to make calls to read values from a SimpleDB domain, without sharing credentials that shouldn't be shared? Or is a proxy in-between the only way to go?

    Read the article

  • SKOS Vocabulary

    - by n0oB
    Hi all, I am searching for an example of SKOS Vocabulary. Is there anybody who knows a site, a link for a SKOS voc? Thank you in advance!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 544 545 546 547 548 549 550 551 552 553 554 555  | Next Page >