Search Results

Search found 1805 results on 73 pages for 'rich staats'.

Page 8/73 | < Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >

  • What do you do when a client requires Rich Text Editing on their website?

    - by George Stocker
    As we all know by now, XSS attacks are dangerous and really easy to pull off. Various frameworks make it easy to encode HTML, like ASP.NET MVC does: <%= Html.Encode("string"); %> But what happens when your client requires that they be able to upload their content directly from a Microsoft Word document? Here's the scenario: People can copy and paste content from Microsoft word into a WYSIWYG editor (in this case tinyMCE), and then that information is posted to a web page. The website is public, but only members of that organization will have access to post information to a webpage. What is the best way to handle this requirement? Currently there is no checking done on what the client posts (since only 'trusted' users can post), but I'm not particularly happy with that and would like to lock it down further in case an account is hacked. The platform in question is ASP.NET MVC. The only conceptual method that I'm aware of that meets these requirements is to whitelist HTML tags and let those pass through. Is there another way? If not, is the best way to let them store it in the Database in any form, but only display it properly encoded and stripped of bad tags? NB: The questions differ in that he only assumes there's one way. I'm also asking the following questions: 1. Is there a better way that doesn't rely on HTML Whitelists? 2. Is there a better way that relies on a different view engine? 3. Is there a WYSIWYG editor that includes the ability to whitelist on the fly? 4. Should I even worry about this since it will only be for 'private posting' (Much in the same way that a private blog allows HTML From the author, but since only he can post, it's not an issue)? Edit #2: If suggesting a WYSIWYG editor, it must be free (as in speech, or as in beer). Update: All of the suggestions thus far revolve around a specific Rich Text Editor to use: Only provide an editor as a suggestion if it allows for sanitization of HTML tags; and it fulfills the requirement of accepting pasted documents from a WYSIWYG Editor like Microsoft Word. There are three methods that I know of: 1. Not allow HTML. 2. Allow HTML, but sanitize it 3. Find a Rich Text Editor that sanitizes and allows HTML. The previous questions remain (1-4 above). Related Question Preventing Cross Site Scripting (XSS)

    Read the article

  • Flash in Python

    - by iamgopal
    I was exploring possibilities of Rich Internet applications using Python. The most awesome possibility I found was of programming in IronPython and running it as a Silverlight. Is there something similar available for Adobe AIR? I.e. programing in Python and run in Adobe AIR (Flash, that is).

    Read the article

  • openerp client customization

    - by iamgopal
    openerp client seems to be nice and working , i would like to hack it and use it as a front end to my open erp solution. but the documentation regarding client side design or customization is poor on openerp site , is there any good reference or documentation available for further digging in to openerp client side coding ? or more : if any similar client solution available that can be plug in to any back end system. ( i.e. rich internet client )

    Read the article

  • Is 30 calls / second a lot for one IIS server?

    - by Lieven Cardoen
    We have a RIA application that 300 clients concurrently use in an intranet environment. Together they make 30 calls / second to IIS (asp.net) (actually it's 60 but calls are loadbalanced over two IIS servers). Half of the calls is getting an asset (Caching Profile is used so most of the time cache is hit), the other half is saving data to a sql server. Retrieving an asset is done with a aspx page. Saving the data happens via WebORB, asp.net and Sql Server. So some processing is needed by WebORB (amf decoding, GZIP, ...). We also use Spring.NET, and some of the container objects have a request scope (not a lot). IIS servers -- Virtual machines, 4 CPU, 2 gb RAM. They are based on Windows 2008 x64 SP2 Enterprise Edition. Sql Server 2008 is used. Apparently CPU of both IIS serers is constantly around 60-70%. Now, my question, is the load of 60-70% acceptable and how could we possible bring that down to less % (maybe using only one IIS server)? + Is 2 gb RAM enough? Assets can be up to 20mb, but on average, they are about 30kb. (the load of 60-70% is achieved with assets around 30kb). The data that gets saved with weborb is very small (2kb) and is just one object.

    Read the article

  • Edit and render RichText

    - by OregonGhost
    We have an application (a custom network management tool for building automation) that supports printing labels that you can cut out and insert into the devices' front displays. In earlier versions of the tool (not developed in my company), the application just pushed the strings into an Excel file that the field technician could then manipulate (like formatting text). We didn't do this in the new version because it was hard (impossible) to keep the Excel file in sync, and to avoid a binding to an external application (let alone different versions of Excel). We're using PDFSharp for rendering the labels. It has a System.Drawing-like interface, but can output to a System.Drawing.Graphics (screen / printer) as well as to a PDF file, which is a requirement. Later, basic formatting was introduced like Font Family, Style, Size, Color which would apply to one label (i.e. to exactly one string). Now the customer wants to be able to apply these formats to single characters in a string. I think the easiest way would be to support a subset of RichText. It's not as easy as I thought though. Currently the editor just displays a TextBox for the label you want to edit, with the font set to the label's font. I thought I'd just replace it with RichTextBox, and update the formatting buttons to use the RichTextBox formatting properties. Fairly easy. However, I need to draw the text. I know you can get the RichTextBox to draw to a HDC or System.Drawing.Graphics - but as already said, I need it to use PDFSharp. Rendering to bitmaps is not an option, since the PDF must not be huge, and it's a lot of labels. Unfortunately I couldn't get the RichTextBox to tell me the layout of the text - I'm fine with doing the actual rendering by hand, as long as I know where to draw what. This is the first question: How can I get the properly layouted metrics of the rich text out of a RichTextBox? Or is there any way to convert the rich text to a vector graphics format that can be easily drawn manually? I know about NRTFTree which can be used to parse and manipulate RichText. The documentation is bad (actually I don't know, it's Spanish), but I think I can get it to work. As far as I understood, it won't provide layouting as well. Because of this, I think I'll have to write a custom edit control (remember, it's basically just one or two line labels with basic RTF formatting, not a full-fledged edit control - more like editing a textbox in PowerPoint) and write custom text layout logic that used PDFSharp rather than System.Drawing for drawing. Is there any existing, even if partial, solution available, either for the editing or for doing the layout manually (or both)? Or is there an entirely different approach I'm just not seeing? Bonus points if exporting the label texts as RTF into a CSV file, and then importing in Excel retains the formatting. For the editing part, I need it to work in Windows Forms. Other than that it's not Windows-Forms-related, I think.

    Read the article

  • What are reasons for Unity3D's owners to force rich guys buying Pro version?

    - by mhambra
    Well, I have to say that Unity is a really nice thing that can save one a dozen of hours on coding (letting instantly work on gameplay). But what's the idea of forcing (EULA) any party, which made over 100k last fiscal year, to purchase Pro instead of using normal edition!? It feels that this kind of licensing provides hidden benefits to rich guys over me, poor sloven, who can afford buying $3.5k license but obviously will not receive any additional cookies from it. And, by the way, anyone estimated how much Unity's source + Playstation + Xbox license will cost?

    Read the article

  • How to get a value of a textarea using markitup in ASP.NET MVC ?

    - by VJ
    I want to get the value of the text area that is basically the free Markitup rich text editor <textarea id="markItUp"></textarea> and store it in my variable so how can i do this in asp.net mvc. Also is there any way I can use the HtmlHelper to use the markitup editor, since I can easily do something like this - <%= Html.TextAreaFor((model => model.Description)) %> I want to just get the value in the markitup editor and store in my sql server db in a string variable. Also further I would like to get these text which I assume will be storing html tags and display or render it with the html tags...I know HttpUtility.HttpDecode() method but are there any more suggestions on this...Thanks.

    Read the article

  • [C#] how do I get the height of a rich text content after word wrap?

    - by Led
    Question A. Given 1. A string in rich text format that may have paragraph, tabs, space, line break, indentation, (or even image?) 2. A width for the word wrapping rich text control/editor How do I know the height of the content after it have performed all the word wrapping? Is there something like int MeasureRichTextHeightAfterWordWrap(string aRichTextContent, int aWidth)? Otherwise how does those rich text control know how much to autosize? Do I have to actually place the content on a dummy rich text control and get its height afterwards? Question B. Similar to question A but in plain text onto a plain text memo/control/editor. And manually draw string with manually calculated indentations, breaks, word wrappings. Is it easier or harder?

    Read the article

  • how do I get the height of a rich text content after word wrap?

    - by Led
    Question A. Given 1. A string in rich text format that may have paragraph, tabs, space, line break, indentation, (or even image?) 2. A width for the word wrapping rich text control/editor How do I know the height of the content after it have performed all the word wrapping? Is there something like int MeasureRichTextHeightAfterWordWrap(string aRichTextContent, int aWidth)? Otherwise how does those rich text control know how much to autosize? Do I have to actually place the content on a dummy rich text control and get its height afterwards? Question B. Similar to question A but in plain text onto a plain text memo/control/editor. And manually draw string with manually calculated indentations, breaks, word wrappings. Is it easier or harder?

    Read the article

  • What is required to create local business rich-snippets complete with sitelinks AND breadcrumbs?

    - by Felix
    I have a local business directory site. I would like to markup my business listing 'profile' level pages for display as enhanced listings/rich-snippets complete with business names, addresses and phone numbers. I would also like to display site-links and path-based breadcrumbs to help users navigate site directory hierarchy (which is deep). Is there a limit to the amount of breadcrumbs a site can leave? Is there a separate limit on the number of breadcrumbs which Google/Bing will display in the SERP? What kind of markup language(s) would be needed to best position my site to show site-links AND breadcrumbs? For example: Find a business Browse by Location State City Zip or Find a business Choose Service Browse by location State City Thanks all!

    Read the article

  • review count and rating using an image - schema.org

    - by Joel
    I need some help getting some rich snippets to my site I inserted the review microdata following the instructions given on schema.org here http://schema.org/docs/gs.html#advanced_missing using the star-image for rating and the text for review count, but testing it with the test tool it showed nothing. Example page where we use the microdata for the reviews. and here is what I used <div itemprop="reviews" itemscope itemtype="http://schema.org/AggregateRating"> <A HREF="javascript:an();"><img src="/images/stars/4.5.gif" border=0></a> <meta itemprop="ratingValue" content="4.5" /> <meta itemprop="bestRating" content="5" /> <BR><span class="bottomnavfooter"><A HREF="javascript:an();">Read (<span itemprop="ratingCount">70</span>) Reviews</A </span></div> I then created a static test page and made some change using instructions Google provided here http://www.google.com/support/webmasters/bin/answer.py?answer=172705 (which is different from what I found on schema.org!!) but still the test returned only product name not the price or the reviews. Here is my test page - Can you please see where I'm going wrong Thanks much!!

    Read the article

  • What java web application framework to use?

    - by frohiky
    One of the main products of my company is an Oracle Forms (and Reports) based application, that "needs" to be re-written in another technology. Why? Users want a more rich interface experience, and we want, preferably, to reduce costs with an open source application server. For this (HUGE) project, we intend to use a java web application framework, keep these points in mind: We have: hundreds of tables on our database (the ORM must be as flexible as possible); some logic which is (and will still be) based on PL/SQL procedures/functions/packages; a lot of CRUDs (the application itself is of an considerable size); a demand to work with/generate documents and workflows; an intranet based user environment; We want: to offer a RIA interface experience; use (if possible) an open source app server; a rapid (as possible) development framework; a somewhat mature framework with a "wise" roadmap (and a considerable community support); a MVC approach combined with JS or GWT widgets (e.g. Vaadin or SmartGWT); Well, in the past weeks I've read a lot of posts, Q&As on stackoverflow, and much more: Wicket, JSF, Tapestry, Grails, GWT, Struts2, Play, Spring, Seam, Echo, .... the list goes on! I've even researched about Alfresco..! The obvious question: Which one to use? At this time, any insight, recommendation, shared experience, advice will be more then welcome!

    Read the article

  • Convert Markdown text to RTF, using Ruby and Pandoc?

    - by niteshade
    Playing with Ruby and Ruby-Pandoc. Seems like a nice tool, if I can get it to work. I'd like to convert some Markdown text (with embedded lists and other fanciness) to Rich Text. Here's the text I'm converting: Title === This is a paragraph. Hallelujah. Here comes a nested list. --- * List item 1 * List item 1.1 * List item 1.2 * List item 2 * List item 2.1 Here's my Ruby code... require 'pandoc-ruby' input = File.read(test.md) converter = PandocRuby.new(input, from: :markdown, to: :rtf) puts converter.convert ... which (after saving the output to a file) produces a document without anything but a title: Here's the code of the RTF file: {\pard \ql \f0 \sa180 \li0 \fi0 \b \fs36 Title\par} {\pard \ql \f0 \sa180 \li0 \fi0 This is a paragraph. Hallelujah.\par} {\pard \ql \f0 \sa180 \li0 \fi0 \b \fs32 Here comes a nested list.\par} {\pard \ql \f0 \sa0 \li360 \fi-360 \bullet \tx360\tab List item 1\par} {\pard \ql \f0 \sa0 \li360 \fi-360 \bullet \tx360\tab List item 1.1\par} {\pard \ql \f0 \sa0 \li360 \fi-360 \bullet \tx360\tab List item 1.2\par} {\pard \ql \f0 \sa0 \li360 \fi-360 \bullet \tx360\tab List item 2\par} {\pard \ql \f0 \sa0 \li360 \fi-360 \bullet \tx360\tab List item 2.1\sa180\par} In addition, even if it did show up in my RTF viewer (Mac TextEdit), the RTF code seems to have lost all list nesting. I don't know how to diagnose this, whether I have not stated necessary header information or something in Ruby-Pandoc. Thanks in advance!

    Read the article

  • What did Rich Hickey mean when he said, "All that specificity [of interfaces/classes/types] kills your reuse!"

    - by GlenPeterson
    In Rich Hickey's thought-provoking goto conference keynote "The Value of Values" at 29 minutes he's talking about the overhead of a language like Java and makes a statement like, "All those interfaces kill your reuse." What does he mean? Is that true? In my search for answers, I have run across: The Principle of Least Knowledge AKA The Law of Demeter which encourages airtight API interfaces. Wikipedia also lists some disadvantages. Kevlin Henney's Imperial Clothing Crisis which argues that use, not reuse is the appropriate goal. Jack Diederich's "Stop Writing Classes" talk which argues against over-engineering in general. Clearly, anything written badly enough will be useless. But how would the interface of a well-written API prevent that code from being used? There are examples throughout history of something made for one purpose being used more for something else. But in the software world, if you use something for a purpose it wasn't intended for, it usually breaks. I'm looking for one good example of a good interface preventing a legitimate but unintended use of some code. Does that exist? I can't picture it.

    Read the article

  • Breaking out of first element in IHTMLTxtRange

    - by XwipeoutX
    I'm trying to do a rich text editor for a web application, and I need to be able to mark some elements in the text as uneditable by the user. The reason for this is they're placeholders for dynamic content (like created date) that I want to have a live preview for. Take the following Code as an example - there's no toolbar or anything in this one, for light weightness, but the textarea and html are synchronized. <!-- DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd" --> <html> <head> <title>Hi</title> <script type="text/javascript" src="http://code.jquery.com/jquery-1.4.2.min.js"></script> <script> $(function() { g = {}; g.iFrame = document.createElement("IFRAME"); $("#frameContainer").append(g.iFrame); g.iDoc = g.iFrame.contentWindow.document; g.iDoc.designMode = "on"; g.jTextArea = $("#textContainer textarea"); setTimeout(function() { g.iDoc.body.innerHTML = "<b class=\"notype\">Cannot type here</b>"; $(g.iDoc).trigger("keyup"); $(g.iDoc.body).focus(); }, 0); $(g.iDoc).keyup(function() { g.jTextArea.text(g.iDoc.body.innerHTML); }); g.jTextArea.keyup(function() { g.iDoc.body.innerHTML = this.innerText; }); var getSelection = function() { if (typeof g.iDoc.selection !== "undefined" && g.iDoc.selection.type !== "Text" && g.iDoc.selection.type !== "None") { g.iDoc.selection.clear(); } return g.iDoc.selection.createRange(); }; $(g.iDoc).keypress(function(event) { // If we're in a marked field, disable the operation. var sel = getSelection(); if ($(sel.parentElement()).hasClass('notype')) { sel.moveToElementText(sel.parentElement()); sel.collapse(); sel.move("character", -1); sel.select(); $("#log").append("<div>outside of thing</div>"); } }); $(testLink).click(function() { // Try and insert stuff at the front $(g.iDoc.body).focus(); var sel = getSelection(); sel.moveToElementText(sel.parentElement()); sel.collapse(); sel.move("character", -100); sel.pasteHTML("Before html?"); $(g.iDoc).trigger("keyup"); $(g.iDoc.body).focus(); }); }); </script> </head> <body id="#body"> <div id="container"> <div id="frameContainer"> <h1> Frame</h1> </div> <div id="textContainer"> <h1> Text</h1> <textarea rows="10" cols="80"></textarea> </div> <a href="#" id="testLink">Test</a> <div id="log"> </div> </div> </body> </html> In the keyup binding, I can successfuly detect if I'm inside another element, and move the cursor to the front of the text before inserting it no problem. However, since there is no text before the element marked as 'notype', it gets inserted inside the same element. This is double bad when the user presses "enter", as a new tag is genrated, and the "notype" tag is duplicated, obviously not required. I want the behaviour as follows: * If the user types while the cursor is in the 'notype' tag, the cursor is moved to front and the text goes there * If the cursor is at the last position inside the 'notype' tag, then the text appears after the tag * If the user types anywhere else, it's inserted as always. The link at the bottom tries to manually put the cursor at the front and insert the html. Obviously fails. I know this one can work by doing something like $(g.iDoc.body).prepend("before!"), but this obviously won't work in a real scenario (using keyup).

    Read the article

  • HTML text editor in ASP.NET 2.0

    - by Sachin Gaur
    I am developing a web application where user has the option to send email to other users. I am looking for any in-built HTML text editor for ASP.NET 2.0. I know latest AJAX release for .NET 3.5 has provided this control. I am looking for a similar control but in ASP.NET 2.0. Is there any other UI control that is build using Javscript or jQuery, which can be used to allow user to enter HTML formatted message?

    Read the article

  • contentEditable cursor position/style in FireFox

    - by Ben McCann
    I'm having trouble using contentEditable in FireFox 3. I have a problem where the cursor will appear above or only partially in the div after I click in it (until I start typing at which time it behaves correctly). Any ideas on how I can stop this from happening? HTML: <html> <head><title>Test Page</title></head> <body> <div id="editor" style="position:absolute; left:157px; top:230px; width:120px; height:30px"> <div id="input" style="width:100%; height:100%; border:1px solid black; outline:none" contentEditable="true"> </div> </div> </body> </html>

    Read the article

  • What is the Best JQuery WYSIWYM Textile Editor?

    - by viatropos
    I need to use a Textile (preferably instead of Markdown), and am looking for a nice WYSIWYM (not WYSIWYG, because of this) JQuery editor. I've seen these: WMD - Markdown, Stack Overflow uses it MarkItUp - Textile support but I don't know if it's WYSIWYM WYMEditor Which one supports both good HTML output and Textile?

    Read the article

  • Will ExtJS die?

    - by Stefan Kendall
    I look at ExtJS, and it appears to provide many of the RIA features that more bulky suites such as Flex provide, without the flash requirement. However, as Open-source initiatiatives such as jQuery-UI continue, will ExtJS simply die at some point? Furthermore, since flash penetration only continues to increase, why put stock in a javascript library? That said, JavaScript libraries such as jQuery have made gigantic leaps in providing easy-to-use APIs with great functionality, so maybe there's some merit in that. Thoughts? Opinions? ExtJS has a price tag, so I have to ask this question.

    Read the article

  • How would you design a question/answer view (iPhone SDK)

    - by Aurélien Vallée
    I'm new to iPhone development, and I have a question on how to create a view for my application. The view should display a problem (using formatted/syntax highlighted text), and multiple possible answers. The user should be able to click on an answer to validate it. Currently, I am trying to use a UITableView embedding UIWebView as contentView. That allows me to display formatted text easily. The problem is that it is a real pain to compute and adjust the height of the cells. I have to preload the webview, call sizeToFit, get its height, and update the cell accordingly. This process should be done for the problem and the answers (as they are HTML formatted text too). It's such a pain that I am planning to switch to something else. I thought using only a big UIWebView and design everything in HTML. But I looked at some articles describing how to communicate between the HTML page and the ObjectiveC code. This seems to involve some awful tricks too... So... that's it, I don't really know what I should do. I guess some of you dealt with such things before, and would provide some greatly appreciated tips :)

    Read the article

  • Help with ZK component development

    - by Lucas
    I'm developing a simple component. My jar structure is: br/netsoft/zkComponents/Tef.class META-INF/MANIFEST.MF metainfo/zk/lang-addon.xml web/js/br/netsoft/zkComponents.js web/zkComponents/tef.dsp My dsp file is: <c:set var="self" value="${requestScope.arg.self}"/> <span z.type="br.netsoft.zkComponents.Tef" id="${self.uuid}" ${self.outerAttrs}${self.innerAttrs}> <applet archive="tef.jar" id="tefApplet" code="br.netsoft.applets.tef.TEFProxy" width="0px" height="0px" /> <span/> and the language-addon.xml is: <language-addon> <addon-name>componentes</addon-name> <language-name>xul/html</language-name> <component> <component-name>tef</component-name> <component-class>br.netsoft.zkComponents.Tef</component-class> <mold> <mold-name>default</mold-name> <mold-uri>~./zkComponents/tef.dsp</mold-uri> </mold> </component> </language-addon> When i try to test this component, appears a pop-up showing : " /js/br/netsoft/zkComponents.js not found" what is wrong?

    Read the article

  • Which web Tier Framework for a public commercial website with heavy load ?

    - by Maxime ARNSTAMM
    Hello everyone, As a part of an enterprise architecture exercise, i need to find a java-based framework filling these constraints : heavy (i think) load : 5000 concurrent connections widely known : can't be too exotic, the contractors would be too high priced. relatively easy to use : developpement time must be reasonnable must be as compliant as possible with the css/html layout produced by a designer Must look like "web 2.0" from the marketing point of view. What i learned from my limited experience is : jsf : 1, don't know. 2, 3 ok. 4 not ok (at least not without huge effort) wicket : 1, not really. 2, 3 and 4 ok. gwt : 1, don't know. 2, 3 ok. 4 not ok (but more ok than jsf) others : not really "web 2.0" or not really known I'm really junior, so my ideas about those frameworks are probably wrong, that's why i come to you, stackoverflowees. Thanks for helping :)

    Read the article

  • adobe air google app engine session security

    - by iamgopal
    i am creating a ria in adobe air with google app engine based server side. i am using google client login for user login purpose. which is working , but how do i maintain session securely ? ( i.e. from man-in-middle attacks etc ) . what are the best practice in this kind of applications ?

    Read the article

  • how to disable ckeditor 3 auto spellchecker ?

    - by Motasem
    Hi there I've installed CKEditor 3.0 ,it work nice , but I want to disable the auto spellchecker I notice when I'm writing some words in the editor it manages to connect to "svc.spellchecker.net" to make spell check do you know any way to stop that feature ? thanks in advance

    Read the article

< Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >