Search Results

Search found 73679 results on 2948 pages for 'get http client info'.

Page 83/2948 | < Previous Page | 79 80 81 82 83 84 85 86 87 88 89 90 | Next Page >

What are some client-side sitemap generators?

- by BHare

Most of the sitemap generators I've found all scan my internal files and base it on that. However using apache and htaccess I have many aliases for things for example: /brand/model/photos/ is empty directory wise, but on the web it relocates it to a zenphoto gallery using htaccess. http://www.xml-sitemaps.com/ does What I need, but I'd like to have more control over it and I need it to be dynamic and run weekly or daily. Allow for specific change frequencies based on the file/directory. I also want to be able to make a "pretty" sitemap html file. Counting the photo gallery I have around 300 links, without the photo gallery more like 100. I have MySQL, PHP 5.3 installed.

Read the article
I used a 301 Permanent Redirect to a 3rd party site by mistake! Can I stop the redirection?

- by Dees

Oh Noes! I've been parking a domain name for a friend/client of mine on my hosting provider (Dreamhost, FWIW) for a while, and they eventually asked me to redirect their domain to a 3rd party website which is currently featuring some relevant promotional content. Once this period ends, we will probably go ahead and set up a proper website for the domain on my hosting account. I used Dreamhost's "redirect" hosting option in their domain configuration panel, not realizing that it would implement a 301 Permanent redirect, or what the implications were. Now it seems that for any client that has visited the site anytime recently, the 301 redirect is still cached/in effect, although I have changed the domain settings back to regular Dreamhost full site hosting. It seems that the only thing that can be done is to wait out the TTL/cache expiration for the redirect. I have no idea how long that might be, so I'm wondering if there is any good way to cache-bust the redirect or otherwise undo its long-term effects. I put a simple html meta refresh in the domain folder to replace the 301 to keep the intended functionality in place, but I'm still not able to access the domain's other content normally, even via FTP, etc. Isn't there anything I can do? Otherwise, how long does it take for a cached redirect to expire? It's gonna be a bummer if it's really permanent.

Read the article
An adequate message authentication code for REST

- by Andras Zoltan

My REST service currently uses SCRAM authentication to issue tokens for callers and users. We have the ability to revoke caller privileges and ban IPs, as well as impose quotas to any type of request. One thing that I haven't implemented, however, is MAC for requests. As I've thought about it more, for some requests I think this is needed, because otherwise tokens can be stolen and before we identify this and deactivate the associated caller account, some damage could be done to our user accounts. In many systems the MAC is generated from the body or query string of the request, however this is difficult to implement as I'm using the ASP.Net Web API and don't want to read the body twice. Equally importantly I want to keep it simple for callers to access the service. So what I'm thinking is to have a MAC calculated on: the url, possibly minus query string the verb the request ip (potentially is a barrier on some mobile devices though) utc date and time when the client issues the request. For the last one I would have the client send that string in a request header, of course - and I can use it to decide whether the request is 'fresh' enough. My thinking is that whilst this doesn't prevent message body tampering it does prevent using a model request to use as a template for different requests later on by a malicious third party. I believe only the most aggressive man in the middle attack would be able to subvert this, and I don't think our services offer any information or ability that is valuable enough to warrant that. The services will use SSL as well, for sensitive stuff. And if I do this, then I'll be using HMAC-SHA-256 and issuing private keys for HMAC appropriately. Does this sound enough? Have I missed anything? I don't think I'm a beginner when it comes to security, but when working on it I always. am shrouded in doubt, so I appreciate having this community to call upon!

Read the article
HTTP 303 redirection and robots.txt

- by Ian Dickinson

On a site I'm working on, we're using the HTTP 303 redirect pattern (see this article for background) to distinguish between information and non-information resources. So: some URL's under /id get redirected to dynamically-created pages under /doc. These dynamic pages are built from a database, and contain links to other /doc/ resources, so in general we don't want them to be crawled. Our robots.txt contains: Disallow: /doc However, we do want the non-redirected pages under /id to get indexed by Google et al: Allow: /id So the question I have, which I can't find an answer to so far, is: if an allowed /id page 303-redirects to a /doc page, will it still be blocked by robots.txt? If yes, we're OK, but otherwise I'm going to disallow all /id resources in the robots file, as having the crawler hammer the db would be worse than losing search indexing for the /id pages.

Read the article
Google crawler not found an error inside of the <head> tag

- by inckka

I've found a crawler error in my site and it is listed as a page not found(404) link. Heres the broken link http://mydomain.com/blog/comments/feed/ I'm using Google web master tools and found that broken link coming from my web site pages' head tag. here's actual code where that link situated. <head> <link rel="alternate" type="application/rss+xml" title="My Domain Blog » Feed" href="http://www.my-domain.com/blog/feed/" /> </head> So Google report this link as a not found. Actually this link target is not an exact page or a location. But essential for the blog feeds. Anyway I have to fix this and remove from the Google crawler error's list. But haven't got any idea, because cannot redirect or do a 404 header with this link target. Have anyone got an idea of fixing this?

Read the article
"X-Robots-Tag: noindex" on an HTTP 301 response

- by Peter O.

I understand that a resource with X-Robots-Tag: noindex forces some search engines, including Google, not to index the resource further. I also understand that an HTTP 301 response causes search engines to use the redirected URL instead of the original URL to refer to the resource. But what happens if both "X-Robots-Tag: noindex" and status code 301 occur on the same response? It's likely that the original URL will no longer be indexed, but will that cause the redirected URL to no longer be indexed too? This possibility is not mentioned in the X-Robots-Tag specification.

Read the article
Oracle Java Embedded Client 1.1 Released

- by Roger Brinkley

Yesterday an update release of Oracle Java Embedded Client (OJEC) 1.1 quietly slipped out door for general availability. Until last year it was pretty difficult to get your hands on either a Connected Limited Device Configuration (CLDC) for small devices or a Connected Device Configuration (CDC) for medium devices java implementation without a substantial initial commitment. But with the the release of OJWC (CLDC) and OJEC (CDC) last year that has changed. OJEC 1.1 is a binary distribution designed for installation on medium configurations which is a mid range processor requiring a slow startup time, seamless upgrades, in a cost sensitive hardware environment anywhere from 3.5mb to 8 mb. There are headless as well as headed versions available. It is intended for devices, such as Blu--ray Disc players, set--top boxes, residential gateways,VOIP phones, and similar. From a software point of view, OJEC is the Java runtime platform implementation of Connected Device Configuration (CDC v1.1, JSR--218), Foundation Profile (FP v1.1, JSR--219), and Personal Basis Profile (PBP v1.1, JSR--217) and includes optional packages RMI (JSR 66), JDBC (JSR 169) and XML API for Java ME (JSR 280), and Java TV (JSR--927). New to this release is support for the XML API (JSR 280) and a number of bug fixes and performance enhancements, including an improved Just-in-Time (JIT) compilation for the x86 chipset architecture. The platforms supported include ArmV5, ArmV6/ArmV7, MIPS 32 74K, and X86 in headless mode. For embedded developers there are number of advantages to using Java and if you have shied away from the JavaME edition in the past I would encourage you to look into the updated version of OJEC 1.1.

Read the article
RequestContextHolder.currentRequestAttributes() and accessing HTTP Session

- by Umesh Awasthi

Need to access HTTP session for fetching as well storing some information.I am using Spring-MVC for my application and i have 2 options here. User Request/ Session in my Controller method and do my work Use RequestContextHolde to access Session information. I am separating some calculation logic from Controller and want to access Session information in this new layer and for that i have 2 options Pass session or Request object to other method in other layer and perform my work. use RequestContextHolder.currentRequestAttributes() to access request/ session and perform my work. I am not sure which is right way to go? with second approach, i can see that method calling will be more clean and i need not to pass request/ session each time.

Read the article
URL Rewrite http to https EXCEPT files in a specific subfolder

- by BrettRobi

I am trying to force all traffic on my web site to use HTTPS, using the URL Rewrite 2.0 module added to IIS 7.5. I got that working and now have a need to exclude a couple of pages from using SSL. So I need a rule to rewrite all URL except those referencing this folder to HTTPS. I've been banging my head against the wall on this and am hoping someone can help. I tried creating a rule to match all URL except those in a nossl subfolder as in this example: <rule name="HTTP to HTTPS redirect" enabled="true" stopProcessing="true"> <match url="(/nossl/.*)" negate="true" /> <conditions logicalGrouping="MatchAll" trackAllCaptures="false"> <add input="{HTTPS}" pattern="off" /> </conditions> <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Found" /> </rule> But this doesn't work. Can anyone help?

Read the article
Authorization pop-up requested by http://localhost:51675 every time I run Firefox

- by user10711

Using Ubuntu 10.04. Whenever I run Firefox I get a pop up requesting authorisation. It says 'a user name and password are being requested by http://localhost:51675. The site says "server" I have tried all passwords I know and nothing is accepted. If I click 'cancel' it disappears but re-appears after about 5 minutes. This whole 'experience' is accompanied by a great deal of hard disc activity. Can anyone help with this?

Read the article
VPS Server OS differences

- by silvercover

I have two VPS servers. one of them is running Linux and the other is Windows one. I've uploaded same file to their public_html folders and could see them in my browser via static IP address of each one like http://178.63.165.178/getorder/file.xml and http://178.63.165.178/getorder/file.xml. On the other side there is a device called SMSPrinter that configured to read those XML files using GPRS and need static IP address to reach destination server. unfortunately this device can only read file from windows server and could not reach the file on Linux server. There is no note in this device manual suggesting Windows server or specific OS! I've also set file permission on Linux server to 777 to have no limitation. what could be the cause of our problem? Thanks.

Read the article
Large enterprise application - clients wish to use duplicate e-mails addresses?

- by Alex Key

I'd like to know people's opinions, reactions to clients and technical work arounds (if applicable), to the issue of an enterprise application where a client wishes to use duplicate e-mail addresses? To clarify, when I say duplicate e-mail addresses I mean within the same client system, having multiple users that have the same e-mail address. So not just using generic e-mail addresses but using the e-mail address of another user. e.g. Bob Jenkins: [email protected] James Jeffery: [email protected] Context To give this some further context, in the e-learning sector it is common that although all staff in an organisation must complete e-learning - they may not have their own e-mail address so they choose to use their managers e-mail address. Albeit against good practice in public sites... it's a requirement we've over and over again where an organisation is split between office based staff and perhaps e.g. staff in a warehouse. Where problem lies Mr Steak, good point, the problem lies in password resets and perhaps in situations where semi-personal information could be sent (not confidential enough to worry about the insecurities of email). Perhaps reminders for specific system actions, which would be confusing for the unintended party to see (if perhaps misreading the e-mail's intended recipient) Possible solutions System knowing the difference between a "for the attention of" and direct to the person e-mails, including this in the body text. Using alternative communication such as SMS Simply not having e-mails sent to people who are not the intended recipient. Providing an e-mail service ourselfs (not really viable for a corporate IT dept) Thoughts?

Read the article
Alternative to nofollow: custom 302 url shortener?

- by Dogweather

Here's the scenario: lots of blogging platforms make it tedious to insert nofollow into links within the post content. I.e., you need to edit the html, format it correctly, etc. I have a client who posts lots of content with links that should be nofollow'ed, and I thought of a novel way to handle this, since the blogging platform they're using makes it hard: I install a URL shortener web app on the client's domain. The shortener works as normal, except it redirects via 302 instead of 301. The pagerank will therefore stay at the shortener's domain, and not flow on to the target site. Part 2: In order to get the pagerank to collect meaningfully, say on the site's home page, the shortened URLs would be generated like this: /link?12345 instead of /link/12345. And then, the path /link would 301 to the home page. This way, the id is a param, not a path element. And thus, all the incoming shortened links are going to one path, which transfers pagerank to the home page. So that's my idea. I wanted to see if anybody could find problems with it. Thanks!

Read the article
URL Rewrite http to https EXCEPT files in a specific subfolder

- by BrettRobi

I am trying to force all traffic on my web site to use HTTPS, using the URL Rewrite 2.0 module added to IIS 7.5. I got that working and now have a need to exclude a couple of pages from using SSL. So I need a rule to rewrite all URL except those referencing this folder to HTTPS. I've been banging my head against the wall on this and am hoping someone can help. I tried creating a rule to match all URL except those in a nossl subfolder as in this example: <rule name="HTTP to HTTPS redirect" enabled="true" stopProcessing="true"> <match url="(/nossl/.*)" negate="true" /> <conditions logicalGrouping="MatchAll" trackAllCaptures="false"> <add input="{HTTPS}" pattern="off" /> </conditions> <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Found" /> </rule> But this doesn't work. Can anyone help?

Read the article
SSL issue and redirects from https to http

- by Asghar

I have a site www.example.com for which i purchased SSL cert and installed. And it was working fine, I also have a subdomain with app.example.com which was not on SSL. Both www.example.com and app.example.com are on same IP address. At later we decided to put SSL only on app.frostbox.com and then i configured SSL with app.frostbox.com and it worked fine, Now the issue is that Google is indexing my site as https://www.example.com/ and when users hits the web , Invalid security warning is issued and when user allow security issue they are shown my app.example.com contents. Note: I have my SSL configuration files in /etc/httpd/conf.d/ssl.conf The contents of the ssl.conf are below. http://pastebin.com/GCWhpQJq NOTE: I tried solutions in .httaccess but none of those worked. Like redirecting 301 redirects etc

Read the article
HTTP Session Invalidation in Servlet/GlassFish

- by reza_rahman

HTTP session invalidation is something most of us take for granted and don't think much about. However for security and performance sensitive applications it is helpful to have at least a basic understanding of how it works in Servlets. In a brief code centric blog post Servlet specification lead Shing Wai Chan introduces the APIs for session invalidation and explains how you can fine tune the underlying reaper thread for session invalidation when it is needed in GlassFish 4. Don't hesitate to post a question here if the blog is not clear, this is a relatively esoteric topic...

Read the article
HTTP(S) based file server

- by Michael

I've got a server running Ubuntu 10.04. I've already gotten openssh for ssh and sftp on it. I've been looking for a web-based (http, or preferably https) file server, perhaps a web-front-end to an (S)FTP server, that allows access to a specific folder, and also allows uploads. It requires user authentication, preferably using PAM. This web-based solution is for users that are not allowed to use FTP software / browser extension and don't have flash / java browser plugins within their corporate environments. So far I have looked into: Webmin: Includes a file manager, however it uses Java, and I'm looking for a plugin-free implementation. Apache2: I was able to set up https and PAM authentication, but the barebone implementation doesn't include file upload (as far as I'm aware of). HFS: Haven't tried it out because it is for Windows/wine only, and I don't want to run it under wine.

Read the article
Please help for change wallpaper on terminal where image from http (ubuntu 12.04)

- by Yan Fachmi

I need to change the background of my desktop in Ubuntu 12. 04 with a command in terminal, in order to make a script with bash. Does anyone know how to do it? but i want the image from internet... i know if i use local image would like this : gsettings set org.gnome.desktop.background picture-uri file:///home/icorner/wallpaper/curr.jpg but if i use something like this wont work gsettings set org.gnome.desktop.background picture-uri http://www.sergiuhelldragoon.com/wp-content/uploads/2012/04/dota_2_wallpaper_1_1280x800_by_zadelim.jpg Please anyone or somebody?... Thanks & regards, Yan Fachmi

Read the article
Significant number of non-HTTP requests hitting my site

- by Mark Westling

I'm seeing a significant number of non-HTTP requests hitting a site I just launched. They show up in the server (nginx) logs as non-ASCII and get rejected (correctly) with a 400 status. Here are some lines from the log: 95.132.198.189 - - [09/Jan/2011:13:53:30 -0500] "œ$A\x10õœ²É9J" 400 173 "-" "-" 79.100.145.126 - - [09/Jan/2011:13:57:42 -0500] "#§i²¸oYi á¹„\x13VJ—x·—œ\x04N \x1DÔvbÛè½\x10§¬\x1E0œ_^¼+\x09ÜÅ\x08DÌÃiJeT€¿æ]œr\x1EëîyIÐ/ßýúê5Ç¸" 400 173 "-" "-" 79.100.145.126 - - [09/Jan/2011:13:58:33 -0500] "¯Ú%ø=Œ›D@\x12î½‰¼\x1C†ÄÀe\x015mˆàd˜Û%pÛÿ" 400 173 "-" "-" What should I make of this? Is this some sort of scripted attack? Or could these be correct requests that have somehow been garbled? They're not affecting the performance of the site and I'm not seeing any other signs of attacks (e.g., no strange POSTs) so at this point I'm more curious than afraid.

Read the article
PHP - Internal APIs/Libraries - What makes sense?

- by Mark Locker

I've been having a discussion lately with some colleagues about the best way to approach a new project, and thought it'd be interesting to get some external thoughts thrown into the mix. Basically, we're redeveloping a fairly large site (written in PHP) and have differing opinions on how the platform should be setup. Requirements: The platform will need to support multiple internal websites, as well as external (non-PHP) projects which at the moment consist of a mobile app and a toolbar. We have no plans/need in the foreseeable future to open up an API externally (for use in products other than our own). My opinion: We should have a library of well documented native model classes which can be shared between projects. These models will represent everything in our database and can take advantage of object orientated features such as inheritance, traits, magic methods, etc. etc. As well as employing ORM. We can then add an API layer on top of these models which can basically accept requests and route them to the appropriate methods, translating the response so that it can be used platform independently. This routing for each method can be setup as and when it's required. Their opinion: We should have a single HTTP API which is used by all projects (internal PHP ones or otherwise). My thoughts: To me, there are a number of issues with using the sole HTTP API approach: It will be very expensive performance wise. One page request will result in several additional http requests (which although local, are still ones that Apache will need to handle). You'll lose all of the best features PHP has for OO development. From simple inheritance, to employing the likes of ORM which can save you writing a lot of code. For internal projects, the actual process makes me cringe. To get a users name, for example, a request would go out of our box, over the LAN, back in, then run through a script which calls a method, JSON encodes the output and feeds that back. That would then need to be JSON decoded, and be presented as an array ready to use. Working with arrays, as appose to objects, makes me sad in a modern PHP framework. Their thoughts (and my responses): Having one method of doing thing keeps things simple. - You'd only do things differently if you were using a different language anyway. It will become robust. - Seeing as the API will run off the library of models, I think my option would be just as robust. What do you think? I'd be really interested to hear the thoughts of others on this, especially as opinions on both sides are not founded on any past experience.

Read the article
deny-uncovered-http-methods in Servlet 3.1

- by reza_rahman

Servlet 3.1 is a relatively minor release included in Java EE 7. However, the Java EE foundational API still contains some very important changes. One such set of features are the security enhancements done in Servlet 3.1 such as the new deny-uncovered-http-methods option. Servlet 3.1 co-spec lead Shing Wai Chan outlines the use case for the feature and shows you how to use it in a recent code example driven post. You can also check out the official specification yourself or try things out with the newly released Java EE 7 SDK.

Read the article
https (SSL) instead of http

- by user1332729

I am building myself a new website, out of privacy and security concerns I am contemplating trying to make it https only. It will be mobile-friendly using media queries but I am concerned--especially for mobile users--about the increased bandwidth. How much will doing so increase my bandwidth or slow load times? For pages where I'm not transferring sensitive information, should I leave external links (to a jQuery library, or a web font for instance) in http? Simply put, I have read articles saying the entire web would be more secure if everything was SSL but my actual knowledge of implementation is limited to payment gateways and log-in pages and such. I apologize for the open-ended nature of the question but anything, even just simple answers to the specific questions is welcomed.

Read the article
Live search/filter as you type in client approach

- by Pinoniq

As an exercise for myself to practice my JavaScript "skills" I'm trying to write a client-side filter. It should be able to filter "content blocks" as the user types. By "content block", I mean a list of DomElements that each contain at least one text node - it is possible that they contain more, and even a different amount of text nodes, nested inside other nodes, etc. I've thought of 2 approaches: On page initialization, scan all nodes and store all the text in some kind of Map or a tree. Simply iterate over every item and check whether it has the string to search/filter for. One could add performance here by caching, only filtering the current remaining items if text is added, etc. Obviously, if the number of nodes is really big, option 1 will take a while to build the 'index' but it will perform faster once it is built. Option 2 however will be available right on page load since no initialization is performed. But of course it will take longer to search. So my question is: what is the best approach here? And how would one implement 'caching' and/or 'index'?

Read the article
Oracle Java ME Embedded Client 1.1????

- by sasa

6?26???????????Java ME????????Oracle Java ME Embedded Client (OJEC) 1.1???????????CDC 1.1.2?Foundation Profile (FP) 1.1.2???????????ARM, MIPS, x86?Linux???????????Security Optional Package, RMI, JDBC, XML API, Web Services?????????????????????????????·???????????? 2011?5???????1.0??????????????XML API???????????????????????????????????????????x86?????????????x86????????Just-in-Time (JIT)?????????????? ?????????????????????(????GUI??)??????????????Linux (x86)?JDK 6?????????????????????? CPU OS ROM RAM ARM (v5) Linux 2.6.31??, glibc 2.10.2?? 5MB?? 8MB?? ARM (v6, v7) Linux 2.6.35??, glibc 2.12.1?? 5MB?? 8MB?? MIPS (MIPS32 74K) Linux 2.6.22??, glibc 2.8?? 5MB?? 8MB?? x86 (Pentium III??) Linux 2.6.35??, glibc 2.12.1?? 5MB?? 8MB?? OJEC 1.1??????????????OTN??????????????????????????????????????Java Embedded??????????? OJEC 1.1 ?????? OJEC 1.1 ??????

Read the article
How to get the client ip address in ASP.Net MVC?

- by melaos

hi guys, i'm totally new to the asp.net mvc stack and i was wondering what happened to the simple Page object and the Request ServerVariables object? basically what i wanted to do is to pull out the client's pc ip address. but i fail to understand how the current MVC structure has changed all of this. as far as i can understand, most of the variable object has been replaced by the HttpRequest variants? anybody care to share some resources? really a sea of stuff to learn in the asp.net mvc world :) thanks.

Read the article

< Previous Page | 79 80 81 82 83 84 85 86 87 88 89 90 | Next Page >