Search Results

Search found 2838 results on 114 pages for 'considered harmful'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 65/114 | < Previous Page | 61 62 63 64 65 66 67 68 69 70 71 72  | Next Page >

  • Possible to use Javascript to get data from other sites?

    - by Xavier
    Is it possible for a web page using Javascript to get data from another website? In my case I want to get it for calculations and graphing a chart. But I'm not sure if this is possible or not due to security concerns. If it is considered a no no but there is a work around I would appreciate being told the work around. I don't want to have to gather this information on the server side if possible. Any and all help is appreciated.

    Read the article

  • Can this be imporved? Scrubing of dangerous html tags.

    - by chobo2
    Hi I been finding that for something that I consider pretty import there is very little information or libraries on how to deal with this problem. I found this while searching. I really don't know all the million ways that a hacker could try to insert the dangerous tags. I have a rich html editor so I need to keep non dangerous tags but strip out bad ones. So is this script missing anything? It uses html agility pack. public string ScrubHTML(string html) { HtmlDocument doc = new HtmlDocument(); doc.LoadHtml(html); //Remove potentially harmful elements HtmlNodeCollection nc = doc.DocumentNode.SelectNodes("//script|//link|//iframe|//frameset|//frame|//applet|//object|//embed"); if (nc != null) { foreach (HtmlNode node in nc) { node.ParentNode.RemoveChild(node, false); } } //remove hrefs to java/j/vbscript URLs nc = doc.DocumentNode.SelectNodes("//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'javascript')]|//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'jscript')]|//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'vbscript')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.SetAttributeValue("href", "#"); } } //remove img with refs to java/j/vbscript URLs nc = doc.DocumentNode.SelectNodes("//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'javascript')]|//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'jscript')]|//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'vbscript')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.SetAttributeValue("src", "#"); } } //remove on<Event> handlers from all tags nc = doc.DocumentNode.SelectNodes("//*[@onclick or @onmouseover or @onfocus or @onblur or @onmouseout or @ondoubleclick or @onload or @onunload]"); if (nc != null) { foreach (HtmlNode node in nc) { node.Attributes.Remove("onFocus"); node.Attributes.Remove("onBlur"); node.Attributes.Remove("onClick"); node.Attributes.Remove("onMouseOver"); node.Attributes.Remove("onMouseOut"); node.Attributes.Remove("onDoubleClick"); node.Attributes.Remove("onLoad"); node.Attributes.Remove("onUnload"); } } // remove any style attributes that contain the word expression (IE evaluates this as script) nc = doc.DocumentNode.SelectNodes("//*[contains(translate(@style, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'expression')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.Attributes.Remove("stYle"); } } return doc.DocumentNode.WriteTo(); }

    Read the article

  • Use of LOC to determine project size

    - by acidzombie24
    How many lines of code (LOC) does it take to be considered a large project? How about for just one person writing it? I know this metric is questionable, but there is a significant difference, for a single developer, between 1k and 10k LOC. I typically use space for readability, especially for SQL statements, and I try to reduce the amount of LOC for maintenance purpose to follow as many best practice as i can. For example, I created a unified diff of the code I modified today, and it was over 1k LOC (including comments and blank lines). Is "modified LOC" a better metric? I have ~2k LOC, so it's surprising I modified 1k. I guess rewriting counts as both a deletion and addition which doubles the stats.

    Read the article

  • Using protocol buffers for a comprehensive data strategy for Windows Mobile devices

    - by Steve
    I have started reading some of the posts related to protocol buffers. The serialization method seems very appropriate for the transfer of data to and from web servers. Has anyone considered using a method like this to save and retrieve data on the mobile device itself? (i.e. a replacement for a traditional database / orm layer) Where would the data be persisted? How would the data be queried? Would it make sense to store the data in a traditional database (SqlCE or SqlLite) with a few "searchable" columns and then one column for the serialized data? Thoughts? Am I out on a limb here? Thank you!

    Read the article

  • Is wrapping new within the constructor good or bad?

    - by Timothy
    I watched John Resig's Best Practices in JavaScript Library Design presentation; one slide suggested "tweaking" the object constructor so it instantiates itself. function jQuery(str, con) { if (window === this) { return new jQuery(str, con); } // ... } With that, new jQuery("#foo") becomes jQuery("# foo"). I thought it was rather interesting, but I haven't written a constructor like that in my own code. A little later I read a post here on SO. (Sorry, I don't remember which or I'd supply a link. I will update the question if I can find it again.) One of the comments said it was bad practice to hide new from the programmer like that, but didn't go into details. My question is, it the above generally considered good, bad, or indifferent, and why?

    Read the article

  • Is this a "valid" css image replacement technique?

    - by user278457
    I just came up with this, it seems to work in all modern browsers, I just tested it then on (IE8/compatibility, Chrome, Safari, Moz) HTML <img id="my_image" alt="my text" src="images/small_transparent.gif" /> CSS #my_image{ background-image:url('images/my_image.png'); width:100px; height:100px;} Pro's: image alt text is best-practice for accessibility/seo no extra HTML markup, and the css is pretty minimal too gets around the css on/images off issue where "text-indent" techniques hide text from low bandwidth users The biggest disadvantage that I can think of is the css off/images on situation, because you'll only send a transparent gif. I'd like to know, who uses images without stylesheets? some kind of mobile phone or something? I'm making some sites for clients in regional Australia (hundreds of km from the nearest city), where many users will be suffering from dial-up connections, and often outdated browsers too, so the "images off" issue is an important consideration. are there any other side effects with this technique that I haven't considered?

    Read the article

  • Detect if camera is capturing in Flash

    - by Ben
    I'm having trouble with Camera.getCamera() in Flash AS3. If there are multiple camera drivers, it does not necessarily pick the correct one. If the default is the correct, the program works fine; however, if another driver is selected as the default then LED on the webcam does not come on and no video is captured. I can cycle through the available cams and select an arbitrary one. I don't, however, know how to determine if the selected camera is correct. It is not returning null. I considered using camera.currentFPS, but it's not clear when this gets updated. I'm really struggling to determine dynamically which camera will do the trick!

    Read the article

  • What are some best practices for making sure your .NET code will scale well?

    - by billmaya
    Last week I interviewed for a position at a TripleA MMORPG game company here in NE. I didn't get the job but one of the areas that came up during the interview was the about the scalability of the code that you write and how it should be considered early on in the design of your architecture and classes. Sadly to say I've never thought very much about the scalability of the .NET code that I've written (I work with single user desktop and mobile applications and our major concerns are usually with device memory and rates of data transmission). I'm interested in learning more about writing code that scales up well so it can handle a wide range of remote users in a client server environment, specifically MMORPGs. Are there any books, web sites, best practices, etc. that could get me started researching this topic?

    Read the article

  • What policies are standard for programmers?

    - by Shehket's Apprentice
    My office is about has proposed implementing some extremely strict (I would consider them draconian) policies regarding programmers, and our access due to security concerns (note, we have never had a security breach). While I can theoretically get used to them, I'd like to ask about what is considered good security policy for programmers, specifically in the area of access policies, and what is too much? Any answers to this question are greatly appreciated as they directly relate to my ability to write code, and I can't find anything so far on Google. Edit: Most of the security policies that concern me are about access to my machine and to the code. According to these proposed policies, I'd need management approval to access either, which means that I'd be forced to get management to unlock my computer anytime I leave my desk as my computer is always locked when I'm not at my desk.

    Read the article

  • Can this be improved? Scrubing of dangerous html tags.

    - by chobo2
    I been finding that for something that I consider pretty import there is very little information or libraries on how to deal with this problem. I found this while searching. I really don't know all the million ways that a hacker could try to insert the dangerous tags. I have a rich html editor so I need to keep non dangerous tags but strip out bad ones. So is this script missing anything? It uses html agility pack. public string ScrubHTML(string html) { HtmlDocument doc = new HtmlDocument(); doc.LoadHtml(html); //Remove potentially harmful elements HtmlNodeCollection nc = doc.DocumentNode.SelectNodes("//script|//link|//iframe|//frameset|//frame|//applet|//object|//embed"); if (nc != null) { foreach (HtmlNode node in nc) { node.ParentNode.RemoveChild(node, false); } } //remove hrefs to java/j/vbscript URLs nc = doc.DocumentNode.SelectNodes("//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'javascript')]|//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'jscript')]|//a[starts-with(translate(@href, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'vbscript')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.SetAttributeValue("href", "#"); } } //remove img with refs to java/j/vbscript URLs nc = doc.DocumentNode.SelectNodes("//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'javascript')]|//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'jscript')]|//img[starts-with(translate(@src, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'vbscript')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.SetAttributeValue("src", "#"); } } //remove on<Event> handlers from all tags nc = doc.DocumentNode.SelectNodes("//*[@onclick or @onmouseover or @onfocus or @onblur or @onmouseout or @ondoubleclick or @onload or @onunload]"); if (nc != null) { foreach (HtmlNode node in nc) { node.Attributes.Remove("onFocus"); node.Attributes.Remove("onBlur"); node.Attributes.Remove("onClick"); node.Attributes.Remove("onMouseOver"); node.Attributes.Remove("onMouseOut"); node.Attributes.Remove("onDoubleClick"); node.Attributes.Remove("onLoad"); node.Attributes.Remove("onUnload"); } } // remove any style attributes that contain the word expression (IE evaluates this as script) nc = doc.DocumentNode.SelectNodes("//*[contains(translate(@style, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'), 'expression')]"); if (nc != null) { foreach (HtmlNode node in nc) { node.Attributes.Remove("stYle"); } } return doc.DocumentNode.WriteTo(); }

    Read the article

  • Ideas for Computer Science related Microteaching

    - by Roman Stolper
    This semester, I will be a TA for an introductory computer science course at my university. As part of TA training, I'll be doing something called Microteaching, which is where I teach for 5-7 minutes in front of a small audience (4-5 people) and I am reviewed on my teaching style. Among being critiqued on my personal things like confidence and eye contact, I will be critiqued on how well I know the subject material, as well as how interesting it is to the audience. So my question is: Can you offer me any suggestions of computer science related topics that: I can begin and finish teaching in a span of 5-7 minutes Are fun to learn about Are accessible to a general engineering (but not necessarily computer science) audience Some topics I have considered: Teaching how to write Hello World in some simple language Introducing a synchronization problem like dining philosophers

    Read the article

  • Count How many lines in a Java String

    - by Simon Guo
    Need some compact code for counting how many lines in a string. It should be Java Code. And the string is separated by \r or \n will be considered as a separate line. For example, "Hello\nWorld\nThis\nIs\t" should return 4. The prototype is private static int countLines(String str) {...} Can someone provide a compact code? I have solution at here but it is too long, I think. Thank you.

    Read the article

  • How Java Runtime Maps to Targets

    - by zharvey
    According to the Javadocs for Runtime here: Every Java application has a single instance of class Runtime that allows the application to interface with the environment in which the application is running. The current runtime can be obtained from the getRuntime method. An application cannot create its own instance of this class. My question is: what's their definition of an application? Is each JAR/WAR/EAR considered a standalone application? What about a plain ole' Driver.class class with a main() method? What about JEE containers that house EARs and EJBs? I guess I'm trying to understand how many Runtime instances could be up and running inside a complex (JEE) system. And understanding that requires me to understand what specific "things" constitute an "application" in Java terminology. Thanks in advance!

    Read the article

  • Should I convert overlong UTF-8 strings to their shortest normal form?

    - by Grant McLean
    I've just been reworking my Encoding::FixLatin Perl module to handle overlong UTF-8 byte sequences and convert them to the shortest normal form. My question is quite simply "is this a bad idea"? A number of sources (including this RFC) suggest that any over-long UTF-8 should be treated as an error and rejected. They caution against "naive implementations" and leave me with the impression that these things are inherently unsafe. Since the whole purpose of my module is to clean up messy data files with mixed encodings and convert them to nice clean utf8, this seems like just one more thing I can clean up so the application layer doesn't have to deal with it. My code does not concern itself with any semantic meaning the resulting characters might have, it simply converts them into a normalised form. Am I missing something. Is there a hidden danger I haven't considered?

    Read the article

  • How to Format Code in Research Reports

    - by RoseOfJericho
    I am currently writing a formal research report, and I'll be including code with this report. Question: Is there an accepted way of displaying code in research reports? I'm thinking both in terms of font, spacing, et cetera, and whether the code should be displayed inside the document, or in an appendix. The code will be JavaScript and PHP. None of the sections of code will be more than 25 lines (so they're mere snippets). There will be approx. half a dozen snippets. Each of the snippets will have a couple of paragraphs explaining what is happening in the code, and a discussion on its pros/cons. I have no contact with the body the report will be submitted to, and they have no published guidelines on how to format code (please do not question these points). Any help considered and appreciated.

    Read the article

  • SQL Join query help

    - by lostInTransit
    Hi I have 2 tables A and B with the following columns Table A - id,bId,aName,aVal Table B - id,bName where A.bId is the same as B.id. I want a result set from a query to get A.id, A.aName, B.bName where A.bId=B.id OR A.id, A.aName, "" when A.bId=0. In both cases, only those records should be considered where A.aVal LIKE "aVal" Can someone please help me with the query? I can use left join but how do I get the blank string if bId=0 and B.bName otherwise? Thanks

    Read the article

  • Is reverse engineering evil?

    - by Amir Arad
    Lately I've been pondering on how a specific beloved old game actually works. I had some mild progress, but then a friend pointed out that if I really loved the game and appreciate it, I wouldn't try to reverse-engineer it. Note that the game is long considered an abandonware and is offerd for download publicly in lawful game sites, and I have no commercial / other large scale intentions - just to learn and "mess around" with it. Did I miss something? Is there an ethical taboo regarding reverse-engeneering? Alternatively, is there a legal issue?

    Read the article

  • Resetting Objects vs. Constructing New Objects

    - by byronh
    Is it considered better practice and/or more efficient to create a 'reset' function for a particular object that clears/defaults all the necessary member variables to allow for further operations, or to simply construct a new object from outside? I've seen both methods employed a lot, but I can't decide which one is better. Of course, for classes that represent database connections, you'd have to use a reset method rather than constructing a new one resulting in needless connecting/disconnecting, but I'm talking more in terms of abstraction classes. Can anyone give me some real-world examples of when to use each method? In my particular case I'm thinking mostly in terms of ORM or the Model in MVC. For example, if I would want to retrieve a bunch of database objects for display and modify them in one operation.

    Read the article

  • Hashing a python method to regenerate output when method is modified

    - by Seth Johnson
    I have a python method that has a deterministic result. It takes a long time to run and generates a large output: def time_consuming_method(): # lots_of_computing_time to come up with the_result return the_result I modify time_consuming_method from time to time, but I would like to avoid having it run again while it's unchanged. [Time_consuming_method only depends on functions that are immutable for the purposes considered here; i.e. it might have functions from Python libraries but not from other pieces of my code that I'd change.] The solution that suggests itself to me is to cache the output and also cache some "hash" of the function. If the hash changes, the function will have been modified, and we have to re-generate the output. Is this possible or a ridiculous idea? If this isn't a terrible idea, is the best implementation to write f = """ def ridiculous_method(): a = # # lots_of_computing_time return a """ , use the hashlib module to compute a hash for f, and use compile or eval to run it as code?

    Read the article

  • Is there a chance that sending an email via a thread could ever fail to complete?

    - by Benjamin Dell
    I have a project where I send a couple of emails via a seperet thread, to speed up the process for the end-user. It works successfully, but i was just wondering whether there were any potfalls that i might not have considered? My greatest fear is that the user clicks a button, it says that the message has been sent (as it will have been sent to the thread for sending) but for some reason the thread might fail to send it. Are there any situations where a thread could be aborted prematurely? Please note, that i am not talking about network outages or obvious issues with an email recipient not existing. For simplicites sake please assume that the connect is up, the mail server alive and the recipient valid. Is it possible, for example, for the thread to abort prematurely if the user kills the browser before the thread has completed? This might be a silly question, but i just wanted to make sure i knew the full ramifications of using a thread in this manner. Thanks, in advance, for your help.

    Read the article

  • whats faster, more efficient, loading a js file with arrays or populating arrays from tables

    - by Leigh
    I am rebuilding an ecom site where the product data is stored in a multidimensional JS array that gets loaded on page load. This data is constantly being accessed with JS due to the nature of the site, to update prices based on user selections. There are many options that affect final price. From a programming standpoint, a DB table is much easier to maintain and update than are JS arrays, and since I am porting the site over to PHP and MYSQL, I have been considering moving these arrays into tables. So, would it be better to populate an array from the DB on load so that the pricing data is always available to the JS, or stay with hard coded JS files? I considered getting data via ajax as needed, but since this site has to constantly update pricing with user interaction, I have pretty much ruled that out. How would you handle it?

    Read the article

  • Best way to store data for Greasemonkey based crawler?

    - by Björn
    I want to crawl a site with Greasemonkey and wonder if there is a better way to temporarily store values than with GM_setValue. What I want to do is crawl my contacts in a social network and extract the Twitter URLs from their profile pages. My current plan is to open each profile in it's own tab, so that it looks more like a normal browsing person (ie css, scrits and images will be loaded by the browser). Then store the Twitter URL with GM_setValue. Once all profile pages have been crawled, create a page using the stored values. I am not so happy with the storage option, though. Maybe there is a better way? I have considered inserting the user profiles into the current page so that I could all process them with the same script instance, but I am not sure if XMLHttpRequest looks indistignuishable from normal user initiated requests.

    Read the article

  • How do I detect a change of tab page in TabControl prior to SelectedIndexChanged event?

    - by JYelton
    I currently determine what page of a tabcontrol was clicked on via the SelectedIndexChanged event. I would like to detect before the selected index actually changes, for validation purposes. For example, a user clicks a tab page other than the one they are viewing. A dialog is presented if form data is unsaved and asks if it's ok to proceed. If the user clicks no, I'd like to remain on the current tab. Currently I have to remember the previous tab page and switch back to it after an answer of 'no.' I considered MouseDown (and the assorted calculation logic), but I doubt that's the best way. (This is in .NET C# 3.5)

    Read the article

  • Multiple Refinement/Clusters in a single search

    - by Brain Teasers
    Suppose I have options of searching are 1.occupation 2.education 3.religion 4.caste 5.country and many more. when i perform this search, i can get easily calculate refinements. problem is i need to calculate refinements in a way that for individual refinement is calculated in a manner that all search parameter is considered expect the calculated refinement check on the left side ... even i have choose the profession area, still search refinements of this is coming.... same functionality if of all refinements.Please help.I use sphinx for searching seen this type of refinements in http://ww2.shaadi.com/search

    Read the article

  • How come (a_method || :other) returns :other only when assigning to a var called a_method?

    - by Paul Annesley
    Given the following method: def some_method :value end The following statements work as I would expect: some_method || :other # => :value x = some_method || :other # => :value But the behaviour of the following statement perplexes me: some_method = some_method || :other # => :other It creates a local variable called some_method as expected, and subsequent calls to some_method return the value of that local variable. But why does it assign :other rather than :value? I understand that it's probably not a smart thing to do, and can see how it might be ambiguous, but I thought the right-hand-side of the assignment should be evaluated prior to the assignment being considered... I've tested this in Ruby 1.8.7 and Ruby 1.9.2 with identical results. Cheers! Paul

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 61 62 63 64 65 66 67 68 69 70 71 72  | Next Page >