Search Results

Search found 6730 results on 270 pages for 'loaded'.

Page 70/270 | < Previous Page | 66 67 68 69 70 71 72 73 74 75 76 77  | Next Page >

  • DIY Arcade Build Packed into an IKEA Console Table

    - by Jason Fitzpatrick
    If you checked out the Raspberry Pi-powered arcade table we shared earlier this week but want an all-in-one solution that doesn’t require as much configuration, this table uses a pre-programmed board that comes loaded with arcade classics. Courtesy of tinker Casper36, we’re treated to a compact build hidden inside an IKEA console table. One of the most polished aspects of this build is how well hidden the flush-mounted screen is under the dark glass tabletop–when the screen it just looks like the table has a patterned glass insert. Hit up the link below for the full photo build-log. IKEA Console Arcade Build [via Make] 6 Ways Windows 8 Is More Secure Than Windows 7 HTG Explains: Why It’s Good That Your Computer’s RAM Is Full 10 Awesome Improvements For Desktop Users in Windows 8

    Read the article

  • Attempted to dual boot with Windows and now can only run Ubuntu

    - by Zeusoflightning125
    Very recently, I decided to attempt to dual boot Ubuntu with my already installed windows 8. Everything worked perfectly, I manually set up disk partitions (this is all on 1 hard drive), and it loaded up Ubuntu fine. HOWEVER, now when I try to load up my computer it only has 2 options in the boot menu and both just load up Windows (both were something related to hard disk). I also can only boot from legacy hard disk things. (I already only was able to aside from my USB that I installed Windows from) The Windows files are still accessible from Ubuntu, but I cannot just load Windows. There is no option to. I also don't have the 2 buttons for each operating system I was expecting. I can only select the thing to load from BIOS. So, my question is, how do I load the Windows partition on my hard drive? I'm sorry if I'm a bit clueless I am just new to both Linux and dual-booting.

    Read the article

  • "Loading operating system... boot error" when booting from live CD

    - by jeremy
    I'm having a problem installing Ubuntu 12.10 on a new drive. I was running Windows7 on my SSD but when the drive crashed, I decided to use that as an excuse to make the switch to Ubuntu. I've been experimenting with it on my old laptop until I got my SSD replaced under warranty. Now I have my SSD back and want to install Ubuntu on my desktop machine. I used UNetbootin to make a bootable flash drive. I then I went into my BIOS and made sure USB loaded before the hard drive. However, when I try to load it I get an error that says: Loading operating system ... boot error I know the flash drive works because if I reboot my laptop or my other Windows PC with the flash drive and it loads into Ubuntu...just when I try to do it in the PC with no OS currently on the drive.

    Read the article

  • Wireless driver - how to load manufacturer's STA file (Ralink 3290)

    - by Matt
    Caution: I'm a newb. Hardware: Giada i35G, cedar trail atom with nvidia gf119, railtek ethernet and Ralink 3290 for wireless. Already accomplished: Installed Ubuntu 12.10, loaded GPU drivers and redirected sound out through GPU card to HDMI. Ethernet works like a charm. Issue: Can't get my wireless up and running. There seems to be no package to which I can simply run a sudo get-aspt install ... I found the corresponding Linux driver from the manufacturer's site, but I have not managed to find out what to with the file. Here's the manufacturers site: http://www.ralinktech.com/en/04_support/support.php?sn=501 I get a file with the following name: \2012_0508_RT3290_Linux_STA_v2.6.0.0.bz2 I hope somebody might be able to tell me what to do next. Thanks for reading and apologies for potentially asking a trivial question. Best regards, Matt

    Read the article

  • Building InstallShield based Installers using Team Build 2010

    - by jehan
    Last few weeks, I have been working on Application Packaging stuff using all the widely used tools like InstallShield, WISE, WiX and Visual Studio Installer. So, I thought it would be good to post about how to Build the Installers developed using these tools with Team Build 2010. This post will focus on how to build the InstallShield generated packages using Team Build 2010. For the release of VS2010, Microsoft has partnered with Flexera who are the makers of InstallShield to create InstallShield Limited Edition, especially for the customers of Visual Studio. First Microsoft planned to release WiX (Windows Installer Xml) with VS2010, but later Microsoft dropped  WiX from VS2010 due to reasons which are best known to them and partnered with InstallShield for Limited Edition. It disappointed lot of people because InstallShield Limited Edition provides only few features of InstallShield and it may not feasable to build complex installer packages using this and it also requires License, where as WiX is an open source with no license costs and it has proved efficient in building most complex packages. Only the last three features are available in InstallShield Limited Edition from the total features offered by InstallShield as shown in below list.                                                                                            Feature Limited Edition for Visual Studio 2010 Standalone Build System Maintain a clean build machine by using only the part of InstallShield that compiles the installations. InstallShield Best Practices Validation Suite Avoid common installation issues. Try and Die Functionality RCreate a fully functional trial version of your product. InstallShield Repackager Create Windows Installer setups from any legacy installation. Multilingual Support Present installation text in up to 35 languages. Microsoft App-V™ Support Deploy your applications as App-V virtual packages that run without conflict. Industry-Standard InstallScript Achieve maximum flexibility in your installations. Dialog Editor Modify the layout of existing end-user dialogs, create new custom dialogs, and more. Patch Creation Build updates and patches for your products. Setup Prerequisite Editor Easily control prerequisite restart behavior and source locations. String Editor View Control the localizable text strings displayed at run time with this spreadsheet-like table. Text File Changes View Configure search-and-replace actions for content in text files to be modified at run time. Virtual Machine Detection Block your installations from running on virtual machines. Unicode Support Improve multi-language installation development. Support for 64-Bit COM Extraction Extract COM data from a 64-bit COM server. Windows Installer Installation Chaining Add MSI packages to your main installation and chain them together. XML Support Save time by quickly testing XML configuration changes to installation projects. Billboard Support for Custom Branding Display Adobe Flash billboards and other graphic files during the install process. SaaS Support (IIS 7 and SSL Technologies) Easily deploy Windows-based Web applications. Project Assistant Jumpstart a project by using a simplified set of views. Support for Digital Signatures Save time by digitally signing all your files at build time. Easily Run Custom Actions Schedule a custom action to run at precisely the right moment in your installation. Installation Prerequisites Check for and install prerequisites before your installation is executed. To create a InstallShield project in Visual Studio and Build it using Team Build 2010, first you have to add the InstallShield Project template  to your Solution file. If you want to use InstallShield Limited edition you can add it from FileàNewà project àother Project Types àSetup and Deploymentà InstallShield LE and if you are using other versions of InstallShield, then you have to add it from  from FileàNewà project àInstallShield Projects. Here, I’m using  InstallShield 2011 Premier edition as I already have it Installed. I have created a simple package for TailSpin Application which has a Feature called Web, few components and a IIS Web Site for  TailSpin application.   Before started working on this, I thought I may need to build the package by calling invoke process activity in build process template or have to create a new custom activity. But, it got build without any changes to build process template. But, it was failing with below error message. C:\Program Files (x86)\MSBuild\InstallShield\2011\InstallShield.targets (68): The "InstallShield.Tasks.InstallShield" task could not be loaded from the assembly C:\Program Files (x86)\MSBuild\InstallShield\2010Limited\InstallShield.Tasks.dll. Could not load file or assembly 'file:///C:\Program Files(x86)\MSBuild\InstallShield\2011\InstallShield.Tasks.dll' or one of its dependencies. An attempt was made to load a program with an incorrect format. Confirm that the <UsingTask> declaration is correct, that the assembly and all its dependencies are available, and that the task contains a public class that implements Microsoft.Build.Framework.ITask. This error is due to 64-bit build machine which I’m using. This issue will be replicable if you are queuing a build on a 64-bit build machine. To avoid this you have to ensure that you configured the build definition for your InstallShield project to load the InstallShield.Tasks.dll file (which is a 32-bit file); otherwise, you will encounter this build error informing you that the InstallShield.Tasks.dll file could not be loaded. To select the 32-bit version of MSBuild, click the Process tab of your build definition in Team Explorer. Then, under the Advanced node, find the MSBuild Platform setting, and select x86. Note that if you are using a 32-bit build machine, you can select either Auto or x86 for the MSBuild Platform setting.  Once I did above changes, the build got successful.

    Read the article

  • Ahk script and C++ communication [closed]

    - by Tony
    I wish to use the fuctions of autohotkey within a C++ program. I am currently running my scripts triggered by the c++ program- I just run them as a .bat file. This works well but the problem is that I cannot return values from the script to the c++ program. I wish to be able to read the position of the mouse from the script and make decisions based upon this in my C++ program. My scripts do quite complex things- so doing this in autohotkey is the best solution for me- I have knowledge of C, but little of C++. I have read about the Autohotkey .DLL - I know how to trigger it but not how to read values from it. If anyone could instruct me or even post example code of a .dll being loaded and a value sent to a script and a value returned- I would be eternally grateful!! I have spent hours on this and to no avail!!

    Read the article

  • Ubuntu Software Center 12.04 Does not install Software

    - by Lester Miller
    I have just loaded Ubuntu 12.04 on a computer. I am new to Ubuntu. I am using an automatic proxy server. When I pick a software package to install the program I input my password. The progress icon displays for a few seconds and then it stops. I tried to load different programs and always the same problem. I can go out on the network through firefox so I know I have a network connection. I do not see any errors or anything. Not sure what to do. I am thinking about switching over to SUSE

    Read the article

  • I cannot read second internal HD

    - by Nathan
    I reformatted my Win "C" drive and loaded Ubuntu 11.04. The second internal HD of course is not read. It is shown in 'disk utility'. I try to mount it in disk utility but I get an error message error mounting: mount exited with exit code 1: helper failed with: mount: according to mtab, /dev/sda1 is already mounted on / One problem I see is the error relates to sda1, but I am trying to mount sdb. Unfortunately, I am windows literate and ignorant of the coding for linux. Can someone help me with the code to mount my second drive (sdb) Nathan

    Read the article

  • FireFox 6 Super Slow? Cache Settings Corruption

    - by Rick Strahl
    For those of you that follow me on Twitter, you've probably seen some of my tweets regarding major performance problems I've seen with the install of FireFox 6.0. FireFox 6.0 was released a couple of weeks ago and is treated as a 'force feed' update for FireFox 5.0. I'm not sure what the deal is with this braindead versioning that Mozilla is doing with major version releases coming out, what now every other month? Seriously that's retarded especially given the limited number of new features these releases bring, and the upgrade pain for plug-ins that the major version release causes. Anyway, after the FireFox updater bugged me long enough I finally gave in last week and updated to FireFox 6. Immediately after install I noticed terrible performance. Everything was running at a snail's pace with Web pages loading slowly and most content actually slowly 'painting' the page. A typical sign of content downloading slowly. However these are pages that should be mostly cached on my system and even repeated accesses ran just as slow. Just for a reality check I ran the same sites in Chrome (blazing fast) and IE (fast enough :-)) but FireFox - dog on a stick. Why so slow Boss? While complaining lots of people recommended to ditch FireFox - use Chrome, yada yada yada. Yeah, Chrome is fast and getting better but I have a number of plug-ins that I use in FF that I can't easily give up. So I suffered and started looking around more closely at what was happening. The first thing I noticed when accessing pages was that I continually saw accesses to the Google CDN downloading jQuery and jQuery UI. UI especially is pretty heavy in size and currently I'm in a location with a fairly slow IP connection where large files are a bit of an issue. However, seeing the CDN urls pop up repeatedly raised a flag with me. That stuff should be caching and it looked like each and every hit was reloading these scripts and various images over and over again. Fired up FireBug and sure enough I saw something like this on a repeated hit to my blog: Those two highlights are jquery and the main CSS file for the site and both are being loaded fully and taking a while to load. However, since this page had been loaded before, these items should be cached and show 304 requests instead of the full HTTP requests returning 200 result codes. In short it looked like FireFox was not caching ANY content at all and constantly reloading all page resources. No wonder things were running dog slow. Once I realized what the problem was I took a look in the about:config settings and lo and behold a bunch of the cache settings were set to not cache: In my case ALL the main cache flags were set to false for some reason that I can't figure out.  It appears that after the FireFox 6 update these flags somehow mysteriously changed and performance took a nose dive. Switching the .enable flags back to true and resetting all the cache settings tote default reverted performance back to the way it's supposed to be: reasonably fast and snappy as soon as content is cached and accessed again  from cache. I try not to muck with the about:config settings much (other than turning off the IPV6 option) but when there are problems access to these features can be really nice. However, I treat this as a last resort so it took me quite some time before I started looking through ALL the settings. This takes a while, not knowing what I was looking for exactly. If Web load performance is slow it's a good idea to check the cache settings. I have no idea what hosed these settings for me - I certainly didn't explicitly set them in about:config and while in FireFox's Options dialog I didn't see any option that would affect global caching like this, so this remains a mystery to me. Anyway, I hope that this is helpful to some, in case some of you end up running into a similar issue.© Rick Strahl, West Wind Technologies, 2005-2011Posted in FireFox   Tweet (function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = 'https://apis.google.com/js/plusone.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })();

    Read the article

  • DLL-s needed to run ASP.NET MVC 3 RC on Windows Azure

    - by DigiMortal
    In this weekend I made one of my new apps run on Windows Azure. I am building this application using ASP.NET MVC 3 RC and Razor view engine. In this posting I will list DLL-s you need to have as local copies to get ASP.NET MVC 3 RC run on Windows Azure web role. Besides assemblies that are already references you may need to add references to some more assemblies. List of assemblies is here: Microsoft.Web.Infrastructure System.Web.Helpers System.Web.Mvc System.Web.Razor System.Web.WebPages System.Web.WebPages.Razor WebMatrix.Data You can find Razor and ASP.NET Web Pages related assemblies from folder: C:\Program Files\Microsoft ASP.NET\ASP.NET Web Pages\v1.0\Assemblies\ NB! If your project is using dynamically loaded assemblies that are not referenced from any of your project make sure you are including them as project items that are located in bin folder. This way these DLL-s are also put to deployment package and you don’t have to create code level references to them.

    Read the article

  • Ask the Readers: What’s on Your Geeky Christmas List?

    - by Jason Fitzpatrick
    From tablets to replicas of Tattoine, visions of geeky and technology-loaded gifts surely dance in many of your heads. This week’s question is all about you and the loot you’d love to find in your stocking this year. Whether you’re dreaming of tech goodies like a new ultrabook or ebook reader, or of more geeky pursuits like a Star Trek themed chess set or a tour of Africa to visit abandoned Star Wars sets, we want to hear all about it. Don’t be bashful, hop into the comments and let loose with your wish list; check back on Friday for a What You Said roundup highlighting wishes from the endearing to the extravagant. Our Geek Trivia App for Windows 8 is Now Available Everywhere How To Boot Your Android Phone or Tablet Into Safe Mode HTG Explains: Does Your Android Phone Need an Antivirus?

    Read the article

  • Security Issues with Single Page Apps

    - by Stephen.Walther
    Last week, I was asked to do a code review of a Single Page App built using the ASP.NET Web API, Durandal, and Knockout (good stuff!). In particular, I was asked to investigate whether there any special security issues associated with building a Single Page App which are not present in the case of a traditional server-side ASP.NET application. In this blog entry, I discuss two areas in which you need to exercise extra caution when building a Single Page App. I discuss how Single Page Apps are extra vulnerable to both Cross-Site Scripting (XSS) attacks and Cross-Site Request Forgery (CSRF) attacks. This goal of this blog post is NOT to persuade you to avoid writing Single Page Apps. I’m a big fan of Single Page Apps. Instead, the goal is to ensure that you are fully aware of some of the security issues related to Single Page Apps and ensure that you know how to guard against them. Cross-Site Scripting (XSS) Attacks According to WhiteHat Security, over 65% of public websites are open to XSS attacks. That’s bad. By taking advantage of XSS holes in a website, a hacker can steal your credit cards, passwords, or bank account information. Any website that redisplays untrusted information is open to XSS attacks. Let me give you a simple example. Imagine that you want to display the name of the current user on a page. To do this, you create the following server-side ASP.NET page located at http://MajorBank.com/SomePage.aspx: <%@Page Language="C#" %> <html> <head> <title>Some Page</title> </head> <body> Welcome <%= Request["username"] %> </body> </html> Nothing fancy here. Notice that the page displays the current username by using Request[“username”]. Using Request[“username”] displays the username regardless of whether the username is present in a cookie, a form field, or a query string variable. Unfortunately, by using Request[“username”] to redisplay untrusted information, you have now opened your website to XSS attacks. Here’s how. Imagine that an evil hacker creates the following link on another website (hackers.com): <a href="/SomePage.aspx?username=<script src=Evil.js></script>">Visit MajorBank</a> Notice that the link includes a query string variable named username and the value of the username variable is an HTML <SCRIPT> tag which points to a JavaScript file named Evil.js. When anyone clicks on the link, the <SCRIPT> tag will be injected into SomePage.aspx and the Evil.js script will be loaded and executed. What can a hacker do in the Evil.js script? Anything the hacker wants. For example, the hacker could display a popup dialog on the MajorBank.com site which asks the user to enter their password. The script could then post the password back to hackers.com and now the evil hacker has your secret password. ASP.NET Web Forms and ASP.NET MVC have two automatic safeguards against this type of attack: Request Validation and Automatic HTML Encoding. Protecting Coming In (Request Validation) In a server-side ASP.NET app, you are protected against the XSS attack described above by a feature named Request Validation. If you attempt to submit “potentially dangerous” content — such as a JavaScript <SCRIPT> tag — in a form field or query string variable then you get an exception. Unfortunately, Request Validation only applies to server-side apps. Request Validation does not help in the case of a Single Page App. In particular, the ASP.NET Web API does not pay attention to Request Validation. You can post any content you want – including <SCRIPT> tags – to an ASP.NET Web API action. For example, the following HTML page contains a form. When you submit the form, the form data is submitted to an ASP.NET Web API controller on the server using an Ajax request: <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> </head> <body> <form data-bind="submit:submit"> <div> <label> User Name: <input data-bind="value:user.userName" /> </label> </div> <div> <label> Email: <input data-bind="value:user.email" /> </label> </div> <div> <input type="submit" value="Submit" /> </div> </form> <script src="Scripts/jquery-1.7.1.js"></script> <script src="Scripts/knockout-2.1.0.js"></script> <script> var viewModel = { user: { userName: ko.observable(), email: ko.observable() }, submit: function () { $.post("/api/users", ko.toJS(this.user)); } }; ko.applyBindings(viewModel); </script> </body> </html> The form above is using Knockout to bind the form fields to a view model. When you submit the form, the view model is submitted to an ASP.NET Web API action on the server. Here’s the server-side ASP.NET Web API controller and model class: public class UsersController : ApiController { public HttpResponseMessage Post(UserViewModel user) { var userName = user.UserName; return Request.CreateResponse(HttpStatusCode.OK); } } public class UserViewModel { public string UserName { get; set; } public string Email { get; set; } } If you submit the HTML form, you don’t get an error. The “potentially dangerous” content is passed to the server without any exception being thrown. In the screenshot below, you can see that I was able to post a username form field with the value “<script>alert(‘boo’)</script”. So what this means is that you do not get automatic Request Validation in the case of a Single Page App. You need to be extra careful in a Single Page App about ensuring that you do not display untrusted content because you don’t have the Request Validation safety net which you have in a traditional server-side ASP.NET app. Protecting Going Out (Automatic HTML Encoding) Server-side ASP.NET also protects you from XSS attacks when you render content. By default, all content rendered by the razor view engine is HTML encoded. For example, the following razor view displays the text “<b>Hello!</b>” instead of the text “Hello!” in bold: @{ var message = "<b>Hello!</b>"; } @message   If you don’t want to render content as HTML encoded in razor then you need to take the extra step of using the @Html.Raw() helper. In a Web Form page, if you use <%: %> instead of <%= %> then you get automatic HTML Encoding: <%@ Page Language="C#" %> <% var message = "<b>Hello!</b>"; %> <%: message %> This automatic HTML Encoding will prevent many types of XSS attacks. It prevents <script> tags from being rendered and only allows &lt;script&gt; tags to be rendered which are useless for executing JavaScript. (This automatic HTML encoding does not protect you from all forms of XSS attacks. For example, you can assign the value “javascript:alert(‘evil’)” to the Hyperlink control’s NavigateUrl property and execute the JavaScript). The situation with Knockout is more complicated. If you use the Knockout TEXT binding then you get HTML encoded content. On the other hand, if you use the HTML binding then you do not: <!-- This JavaScript DOES NOT execute --> <div data-bind="text:someProp"></div> <!-- This Javacript DOES execute --> <div data-bind="html:someProp"></div> <script src="Scripts/jquery-1.7.1.js"></script> <script src="Scripts/knockout-2.1.0.js"></script> <script> var viewModel = { someProp : "<script>alert('Evil!')<" + "/script>" }; ko.applyBindings(viewModel); </script>   So, in the page above, the DIV element which uses the TEXT binding is safe from XSS attacks. According to the Knockout documentation: “Since this binding sets your text value using a text node, it’s safe to set any string value without risking HTML or script injection.” Just like server-side HTML encoding, Knockout does not protect you from all types of XSS attacks. For example, there is nothing in Knockout which prevents you from binding JavaScript to a hyperlink like this: <a data-bind="attr:{href:homePageUrl}">Go</a> <script src="Scripts/jquery-1.7.1.min.js"></script> <script src="Scripts/knockout-2.1.0.js"></script> <script> var viewModel = { homePageUrl: "javascript:alert('evil!')" }; ko.applyBindings(viewModel); </script> In the page above, the value “javascript:alert(‘evil’)” is bound to the HREF attribute using Knockout. When you click the link, the JavaScript executes. Cross-Site Request Forgery (CSRF) Attacks Cross-Site Request Forgery (CSRF) attacks rely on the fact that a session cookie does not expire until you close your browser. In particular, if you visit and login to MajorBank.com and then you navigate to Hackers.com then you will still be authenticated against MajorBank.com even after you navigate to Hackers.com. Because MajorBank.com cannot tell whether a request is coming from MajorBank.com or Hackers.com, Hackers.com can submit requests to MajorBank.com pretending to be you. For example, Hackers.com can post an HTML form from Hackers.com to MajorBank.com and change your email address at MajorBank.com. Hackers.com can post a form to MajorBank.com using your authentication cookie. After your email address has been changed, by using a password reset page at MajorBank.com, a hacker can access your bank account. To prevent CSRF attacks, you need some mechanism for detecting whether a request is coming from a page loaded from your website or whether the request is coming from some other website. The recommended way of preventing Cross-Site Request Forgery attacks is to use the “Synchronizer Token Pattern” as described here: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29_Prevention_Cheat_Sheet When using the Synchronizer Token Pattern, you include a hidden input field which contains a random token whenever you display an HTML form. When the user opens the form, you add a cookie to the user’s browser with the same random token. When the user posts the form, you verify that the hidden form token and the cookie token match. Preventing Cross-Site Request Forgery Attacks with ASP.NET MVC ASP.NET gives you a helper and an action filter which you can use to thwart Cross-Site Request Forgery attacks. For example, the following razor form for creating a product shows how you use the @Html.AntiForgeryToken() helper: @model MvcApplication2.Models.Product <h2>Create Product</h2> @using (Html.BeginForm()) { @Html.AntiForgeryToken(); <div> @Html.LabelFor( p => p.Name, "Product Name:") @Html.TextBoxFor( p => p.Name) </div> <div> @Html.LabelFor( p => p.Price, "Product Price:") @Html.TextBoxFor( p => p.Price) </div> <input type="submit" /> } The @Html.AntiForgeryToken() helper generates a random token and assigns a serialized version of the same random token to both a cookie and a hidden form field. (Actually, if you dive into the source code, the AntiForgeryToken() does something a little more complex because it takes advantage of a user’s identity when generating the token). Here’s what the hidden form field looks like: <input name=”__RequestVerificationToken” type=”hidden” value=”NqqZGAmlDHh6fPTNR_mti3nYGUDgpIkCiJHnEEL59S7FNToyyeSo7v4AfzF2i67Cv0qTB1TgmZcqiVtgdkW2NnXgEcBc-iBts0x6WAIShtM1″ /> And here’s what the cookie looks like using the Google Chrome developer toolbar: You use the [ValidateAntiForgeryToken] action filter on the controller action which is the recipient of the form post to validate that the token in the hidden form field matches the token in the cookie. If the tokens don’t match then validation fails and you can’t post the form: public ActionResult Create() { return View(); } [ValidateAntiForgeryToken] [HttpPost] public ActionResult Create(Product productToCreate) { if (ModelState.IsValid) { // save product to db return RedirectToAction("Index"); } return View(); } How does this all work? Let’s imagine that a hacker has copied the Create Product page from MajorBank.com to Hackers.com – the hacker grabs the HTML source and places it at Hackers.com. Now, imagine that the hacker trick you into submitting the Create Product form from Hackers.com to MajorBank.com. You’ll get the following exception: The Cross-Site Request Forgery attack is blocked because the anti-forgery token included in the Create Product form at Hackers.com won’t match the anti-forgery token stored in the cookie in your browser. The tokens were generated at different times for different users so the attack fails. Preventing Cross-Site Request Forgery Attacks with a Single Page App In a Single Page App, you can’t prevent Cross-Site Request Forgery attacks using the same method as a server-side ASP.NET MVC app. In a Single Page App, HTML forms are not generated on the server. Instead, in a Single Page App, forms are loaded dynamically in the browser. Phil Haack has a blog post on this topic where he discusses passing the anti-forgery token in an Ajax header instead of a hidden form field. He also describes how you can create a custom anti-forgery token attribute to compare the token in the Ajax header and the token in the cookie. See: http://haacked.com/archive/2011/10/10/preventing-csrf-with-ajax.aspx Also, take a look at Johan’s update to Phil Haack’s original post: http://johan.driessen.se/posts/Updated-Anti-XSRF-Validation-for-ASP.NET-MVC-4-RC (Other server frameworks such as Rails and Django do something similar. For example, Rails uses an X-CSRF-Token to prevent CSRF attacks which you generate on the server – see http://excid3.com/blog/rails-tip-2-include-csrf-token-with-every-ajax-request/#.UTFtgDDkvL8 ). For example, if you are creating a Durandal app, then you can use the following razor view for your one and only server-side page: @{ Layout = null; } <!DOCTYPE html> <html> <head> <title>Index</title> </head> <body> @Html.AntiForgeryToken() <div id="applicationHost"> Loading app.... </div> @Scripts.Render("~/scripts/vendor") <script type="text/javascript" src="~/App/durandal/amd/require.js" data-main="/App/main"></script> </body> </html> Notice that this page includes a call to @Html.AntiForgeryToken() to generate the anti-forgery token. Then, whenever you make an Ajax request in the Durandal app, you can retrieve the anti-forgery token from the razor view and pass the token as a header: var csrfToken = $("input[name='__RequestVerificationToken']").val(); $.ajax({ headers: { __RequestVerificationToken: csrfToken }, type: "POST", dataType: "json", contentType: 'application/json; charset=utf-8', url: "/api/products", data: JSON.stringify({ name: "Milk", price: 2.33 }), statusCode: { 200: function () { alert("Success!"); } } }); Use the following code to create an action filter which you can use to match the header and cookie tokens: using System.Linq; using System.Net.Http; using System.Web.Helpers; using System.Web.Http.Controllers; namespace MvcApplication2.Infrastructure { public class ValidateAjaxAntiForgeryToken : System.Web.Http.AuthorizeAttribute { protected override bool IsAuthorized(HttpActionContext actionContext) { var headerToken = actionContext .Request .Headers .GetValues("__RequestVerificationToken") .FirstOrDefault(); ; var cookieToken = actionContext .Request .Headers .GetCookies() .Select(c => c[AntiForgeryConfig.CookieName]) .FirstOrDefault(); // check for missing cookie or header if (cookieToken == null || headerToken == null) { return false; } // ensure that the cookie matches the header try { AntiForgery.Validate(cookieToken.Value, headerToken); } catch { return false; } return base.IsAuthorized(actionContext); } } } Notice that the action filter derives from the base AuthorizeAttribute. The ValidateAjaxAntiForgeryToken only works when the user is authenticated and it will not work for anonymous requests. Add the action filter to your ASP.NET Web API controller actions like this: [ValidateAjaxAntiForgeryToken] public HttpResponseMessage PostProduct(Product productToCreate) { // add product to db return Request.CreateResponse(HttpStatusCode.OK); } After you complete these steps, it won’t be possible for a hacker to pretend to be you at Hackers.com and submit a form to MajorBank.com. The header token used in the Ajax request won’t travel to Hackers.com. This approach works, but I am not entirely happy with it. The one thing that I don’t like about this approach is that it creates a hard dependency on using razor. Your single page in your Single Page App must be generated from a server-side razor view. A better solution would be to generate the anti-forgery token in JavaScript. Unfortunately, until all browsers support a way to generate cryptographically strong random numbers – for example, by supporting the window.crypto.getRandomValues() method — there is no good way to generate anti-forgery tokens in JavaScript. So, at least right now, the best solution for generating the tokens is the server-side solution with the (regrettable) dependency on razor. Conclusion The goal of this blog entry was to explore some ways in which you need to handle security differently in the case of a Single Page App than in the case of a traditional server app. In particular, I focused on how to prevent Cross-Site Scripting and Cross-Site Request Forgery attacks in the case of a Single Page App. I want to emphasize that I am not suggesting that Single Page Apps are inherently less secure than server-side apps. Whatever type of web application you build – regardless of whether it is a Single Page App, an ASP.NET MVC app, an ASP.NET Web Forms app, or a Rails app – you must constantly guard against security vulnerabilities.

    Read the article

  • How to open directory in Guake from Nautilus

    - by Tinellus
    In Nautilus, I have upon right-clicking a directory, the option to open a Terminal with the prompt in the selected directory. I think this is very handy and I use it a lot. Now I would like to use Guake instead of the classic terminal. Is there a way to do this? I'm struggling with nautilus-actions. I can open Guake allright (i.e. it drops down from the top since it's permanently loaded), but the prompt isn't located at the directory of choice. In addition, it's one more mouseclick to open the terminal (if it would work), I would prefer a shorter way. Anyone any idea how to manage this? (or could this be a possible feature request?) Ubuntu 12.04, gnome-classic without Unity

    Read the article

  • How do i find out which program is using internet and how much?

    - by Anwar Shah
    Sometimes there are unusual Internet activity in my Computer. Modem's lights are always blinking and When I open system monitor, I see there some unknown program is using my precious Internet with 64KB/S (I have 512kbps connection). Still I am in a firefox session with only one tab opened, and the page in already loaded and there is no indication of busy sign in the page (that rotating orange circle). In that situation I unplug my modem and reconnect it again. After several times doing this, that unusual activity stops. It annoys me very much. How can I find out the process which is using the Internet?. How much they are using? How can I kill it? A graphical solution will be better.

    Read the article

  • Implementing Silverlight Coverflow with ADO.NET/WCF Data Services in SharePoint 2010

    - by Sahil Malik
    Ad:: SharePoint 2007 Training in .NET 3.5 technologies (more information). WOOHOO!! My next video is online. In this video, I show how you can implement Silverlight Coverflow like UI using the Telerik silverlight toolset. In this demo, I talk to a picture library running in SharePoint 2010, and use ADO.NET Data Services to load up the various images loaded in the picture library. I then use the Telerik Silverlight toolset  integrated with the ADO.NET Data Services/WCF Data Services, and show a fancy coverflow like UI. As always, very few slides, completely hands-on, all code written in front of your eyes! Enjoy – the video.   And yes, there are a couple of more exciting videos coming! Stay tuned! Comment on the article ....

    Read the article

  • Google Developers SXSW Lightning Talks

    Google Developers SXSW Lightning Talks Can't make it to the Google Developers house at SXSW? Don't worry, we've got you covered with a live stream of the exciting, demo-loaded lightning talks where you'll learn about the latest Google developer product hotness. Come watch what happens as we stream live from the Google Developers house in Austin, while a rain storm engulfs the city! Here is the schedule of talks: 1) Holo: Exploring the design of the Android user interface 2) The next gen of Social Apps is in a Hangout: introducing Google+ Hangout Apps 3) The VJ in Your Pocket: Mobile YouTube API Apps for Content Creators, Curators and Consumers 4) Cloud adventures: Instant scale... from zero to millions of hits in 24 hours 5) HTML5's Bleeding Edge 6) Beautiful Maps: enhancing geographic information with HTML5 You can learn more about the lightning talks and speakers at: www.google.com From: GoogleDevelopers Views: 19900 326 ratings Time: 02:49:00 More in Entertainment

    Read the article

  • On VirtualBox Guest OS “Could not initialize GLX"

    - by trivelt
    I have a remote build-machine with Jenkins and I'm trying to run GUI application. In Jenkins I installed Xvnc plugin, which uses TightVNC Server, but each build has failed. Earlier, there was a problem with loading driver swrast (by libGL), currently in the log there is this line: [Error] Could not initialize GLX Remote desktop is Ubuntu 14.04 running over VirtualBox, so I installed VBoxAddons but it didn't resolve the problem. Below I'm putting some logs, maybe helpful for you. $ cat /var/log/Xorg.0.log | grep GL [ 20.545] (==) AIGLX enabled [ 20.545] Loading extension GLX [ 20.913] (EE) AIGLX error: vboxvideo does not export required DRI extension [ 20.914] (EE) AIGLX: reverting to software rendering [ 21.615] (II) AIGLX: Loaded and initialized swrast [ 21.615] (II) GLX: Initialized DRISWRAST GL provider for screen 0 $ lsmod | grep box vboxsf 43786 0 vboxpci 23194 0 vboxnetadp 25670 0 vboxnetflt 27613 0 vboxdrv 339502 3 vboxnetadp,vboxnetflt,vboxpci vboxvideo 12658 0 vboxguest 248441 3 vboxsf drm 302817 1 vboxvideo $ lspci | grep VGA 00:02.0 VGA compatible controller: InnoTek Systemberatung GmbH VirtualBox Graphics Adapter Any ideas what should I do?

    Read the article

  • Fusion HCM SaaS – Integration

    - by Kiran Mundy
    v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);} Fusion HCM SaaS – Integration A typical implementation pattern we’re seeing with Fusion Apps early adopters is implementing a few Fusion HCM applications that bring the most benefit to their company with the least disruption to existing programs and interfaces. Very often this ends up being Fusion Goals & Performance, Talent, Compensation or Benefits, often with Taleo for recruiting. The implementation picture looks like what you see below: Here, you can see that all the “downstream integrations” from the On-Premise Core HR, are unaffected because the master for employee data is still your On-Premise Core HR system – all updates and new hires are made here (although they may be fed in from Taleo to start with). As a second phase when customers migrate Core HR to Fusion HCM, they have to come up with a strategy to manage integrations to all their downstream applications that require employee details. For customers coming from EBS HR, a short term strategy that allows for minimal impact, is to extract employee data from Fusion (Via HCM Extract), and load the shared EBS HR tables (which are part of an EBS Financials install anyways), and let your downstream integrations continue to function based on this data as shown below. If you are not coming from EBS HR and there are license implications, you may want to consider: Creating an On-Premise warehouse for extracting data from Fusion Apps. Leveraging Fusion Apps Web Services (available to SaaS customers starting R7) to directly retrieve/write data to Fusion Apps. Integration Tools File Based Loader This is the primary mechanism for loading HCM data (both initial load and incremental updates) into Fusion HCM. Employee & related data can be uploaded into Fusion HCM using File Based Loader. Note that ability to schedule File Based Loader to run on a pre-defined schedule will be available as a patch on top of Rel 5. Hr2Hr has been deprecated in favor of File Based Loader, but for existing customers using Hr2Hr, here are some sample scripts that show how to get more informative error messages. They can be run by creating data model sql queries in BI Publisher. The scripts currently have hard coded values for request id and loader batch id, which your developer will need to update to the correct values for you. The BI Publisher Training Session recorded on Apr 18th is available here (under "Recordings"). This will enable a somewhat technical resource to create a data model sql query. Links to Documentation & Traning Reference documentation for File Based Loader on docs.oracle.com FBL 1.1 MOS Doc Id 1533860.1 Sample demo data files for File Based Loader HCM SaaS Integrations ppt and recording. EBS api's Loading Information into EBS Full or Shared HCM This could be candidate information being loaded from Taleo into EBS or  Employee information being loaded from Fusion HCM into an EBS shared HR install (for downstream applications & EBS Financials). Oracle HRMS Product Family Publicly Callable Business Process APIs (A Reference Consolidation) [ID 216838.1] This is a guide to the EBS R12 Integration Repository accessible from an EBS instance. EBS HRMS Publicly Callable Business Process APIs in Release 11i & 12 [ID 121964.1] Fusion HCM Extract Fusion HCM Extract is the primary mechanism used to extract employee information from Fusion HCM. Refer to the "Configure Identity Sync" doc on MOS  for additional mechanisms. Additional documentation (you'll need an oracle.com account to access) HCM Extracts User Guides (Rel 4 & 5) HCM Extract Entity/Attributes (Rel 5) HCM Extract User Guide (Rel 5) If you don’t have an oracle.com account, download the zipped HCM Extract Rel 5 Docs (Click on File --> Download on next screen). View Training Recordings on Fusion HCM Extract Benefits Extract To setup the benefits extract, refer to the following guide. Page 2-15 of the User Documentation describes how to use the benefits extract. Benefit enrollments can also be uploaded into Fusion Benefits. Instructions are here along with a sample upload file. However, if the defined benefits extract does not meet your requirements, you can use BI Publisher (Link to BI Publisher presentation recording from Apr 18th) to create your own version of Benefits extract. You can start with the data model query underlying the benefits extract. Payroll Interface Fusion Payroll Interface enables you to capture personal payroll information, such as earnings and deductions, along with other data from Oracle Fusion Human Capital Management, and send that information to a third-party payroll provider. Documentation: Payroll interface guide Sample file DBI's used for the payroll interface.Usage Patterns always accessible @ http://www.finapps.com Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Calibri","sans-serif"; mso-bidi-font-family:"Times New Roman";}

    Read the article

  • what packages should I install in ubuntu 12.04 to fulfill opengl requirements for using nouveau driver?

    - by karolszk
    I try to switch from nvidia to nouveau driver via script: !/bin/bash stop gdm rmmod nvidia sed -i "s/nouveau/nvidia/" /etc/modprobe.d/blacklist-nvidia-nouveau.conf update-alternatives --set gl_conf /usr/lib/mesa/ld.so.conf ldconfig modprobe nouveau cp /etc/X11/xorg.conf{.nouveau,} start gdm and driver is loaded and X started but compiz it doesn't. In .xsession-errors I see: Compiz (opengl) - Fatal: Root visual is not a GL visual compiz (opengl) - Error: initScreen failed compiz (core) - Error: Couldn't activate plugin 'opengl' Compiz (opengl) - Fatal: Root visual is not a GL visual Compiz (opengl) - Fatal: Root visual is not a GL visual Compiz (opengl) - Fatal: Root visual is not a GL visual Compiz (opengl) - Fatal: Root visual is not a GL visual Compiz (opengl) - Fatal: Root visual is not a GL visual Compiz (opengl) - Fatal: Root visual is not a GL visual Compiz (opengl) - Fatal: Root visual is not a GL visual Compiz (opengl) - Fatal: Root visual is not a GL visual gnome-session[19075]: WARNING: App 'compiz.desktop' respawning too quickly gnome-session[19075]: WARNING: Application 'compiz.desktop' killed by signal gnome-session[19075]: WARNING: App 'compiz.desktop' respawning too quickly what I'm doing wrong??

    Read the article

  • Ubuntu 13.10 AdobeAIR application: Failed to load module "unity-gtk-module"

    - by nobuzz
    I have installed AdobeAIR on 13.10, but am getting the following error messages when using: Gtk-Message: Failed to load module "overlay-scrollbar" Gtk-Message: Failed to load module "unity-gtk-module" Has someone faced this issue. I looked at comment giving a possible resolution here , but that didn't help, as I already have those packages installed. Basically to install AdobeAIR, being a 32-bit, I had to install various i386 packages: libgtk2.0-0:i386 libnss3-1d:i386 libnspr4-0d:i386 lib32nss-mdns libxml2:i386 libxslt1.1:i386 When I run the program as root, it opens up properly without errors. But that is not an option. Could it be a problem that necessary modules are not getting loaded on non-root user's environment.

    Read the article

  • Setup was unable to create a new system partition or locate an existing system partition

    - by PearlFactory
    Have got a new kickn server as new DEV machine It has got two 3ware 9650 Cached Controllers with 8 x 300gig Velociraptor Drives First Problem was the 9.5.1.1 drivers Had to press F8 as soon as the Win 2008 r2 server cd started to load. Once in Adavanced Startup options Disable Driver Signing options Next Issue was I got everything running and accidently selected wrong raid part to do install once I restarted All I would get after waiting the 10 mins for the reboot to start & loading the driver was "setup was unable to create a new system partition or locate an existing system partition"  Finally after about 1 hour I removed all drives apart from the 2 needed for system part on cont 0 deleted system part and recreated this RAID1 mirror. (ALso make sure all USB drives are out on boot..only add them when browsing  the driver to be added )  Restarted loaded driver selected install and Once system is up I will go back and add drives and new parts on both controllers AT least I did not get stuck for a day as is the norm..lol

    Read the article

  • Reset the controls within asp placeholder

    - by alaa9jo
    I use placeholders very much in many projects,but in one of the projects I was asked to reset the controls within a specific placeholder to their original state after the user has finished from inserting his/her data. As everyone of us know,to keep the controls within a placeholder from disappearing after postbacks you have to recreate them,we add such a code in i.e. page_load,the controls will be recreated and their values will be loaded from viewstate (for some of them like textbox,checkboxs,..etc) automatically,that placeholder contains only textboxs so what I need is to block/ loading/clear that viewstate after inserting the data. First thought: Customizing placeholder I thought about it and tried overriding many methods but no success at all...maybe I'm missing something not sure. Second thought: recreate the controls 2 times: In page_load,I recreate the controls within that placeholder then in button click (the button that saves user's data) I recreate them once more and it worked! I just thought of sharing my experience in that case with everyone in case anyone needed it,any better suggestion(s) is welcomed.

    Read the article

  • Converting web.config from IIS6 to IIS7 format

    - by jamesbee
    I'm a bit stuck, kinda been lumbered with a website developed over a year ago. The company that designed it and the company that own it dont now speak so I have been lumbered with trying to get it to work. Bought the web space and have loaded it on to one of our sub domains while I get it working. Problem is that the Hosting provider is running ISS7 and the web.config was designed in IIS6 so am getting an error500 cause the tags are wrong. Could anyone give me some pointers on how to migrate the current web.config file over to IIS7.

    Read the article

  • Ubuntu Server 11.04 installs fine then gets stuck on USBHID

    - by SZetta
    ites! I have installed Server 11.04 many many times from this disc and they have always worked perfectly (installed and operated fine). I wanted to reinstall my server again on the same hardware so I threw the disc in and installed but once it finished installing the boot loader and ejected the disc, it decided to go unresponsive. I restarted it and it loaded in through the grub perfectly it seemed, but then it goes and says either that a ipv6 router is unavailable (even though I have it hardwired to my network) or it goes and says usbhid: USB HID core driver and goes unresponsive there. I am very confused as this never happened before from this install. I want to see if this is just me or what before I just go ahead and download the newest version of server. Any advice would be appreciated. Thanks

    Read the article

  • Entity Framework Code First: Get Entities From Local Cache or the Database

    - by Ricardo Peres
    Entity Framework Code First makes it very easy to access local (first level) cache: you just access the DbSet<T>.Local property. This way, no query is sent to the database, only performed in already loaded entities. If you want to first search local cache, then the database, if no entries are found, you can use this extension method: 1: public static class DbContextExtensions 2: { 3: public static IQueryable<T> LocalOrDatabase<T>(this DbContext context, Expression<Func<T, Boolean>> expression) where T : class 4: { 5: IEnumerable<T> localResults = context.Set<T>().Local.Where(expression.Compile()); 6:  7: if (localResults.Any() == true) 8: { 9: return (localResults.AsQueryable()); 10: } 11:  12: IQueryable<T> databaseResults = context.Set<T>().Where(expression); 13:  14: return (databaseResults); 15: } 16: }

    Read the article

< Previous Page | 66 67 68 69 70 71 72 73 74 75 76 77  | Next Page >