Search Results

Search found 20607 results on 825 pages for 'secure global desktop'.

Page 94/825 | < Previous Page | 90 91 92 93 94 95 96 97 98 99 100 101 | Next Page >

Security failure - This is not a secure document but has security embed parameters

- by dimitris mistriotis

I try to create a private version and therefore I used something like this in php: var scribd_doc = scribd.Document.getDoc( 28394353, 'xxx'); scribd_doc.addParam("use_ssl", true); scribd_doc.addParam('public', false); scribd_doc.grantAccess("cbccf6e7-1ff7-9034-8a7c-a0c2a5b225ed", <?php echo "'" . trim($_COOKIE['PHPSESSID']) . "'" ?>, <?php echo "'" . scribd_calculate_signature($documentID = '28394353', $sessionID = trim($_COOKIE['PHPSESSID']), $userID = "cbccf6e7-1ff7-9034-8a7c-a0c2a5b225ed") . "'" ?>); ... ... scribd_doc.write( 'embedded_flash' ); Which is the api of scribd for javascript with the addition of the signature. My result is the "Security failure - This is not a secure document but has security embed parameters" Error, which is not well documented. The document is set to private. Any ideas?

Read the article
PHP variable in variable

- by FFish

I have set an array in my config file that I use global in my functions. This works fine, but now I want to pass the name of this array as a @param in my function. // in config file: $album_type_arr = array("appartamento", "villa"); global $album_type_arr; // pull in from db_config echo $album_type_arr[0]; function buildmenu($name) { $test = global $name . "_arr"; echo $test[0]; } buildmenu("album_type");

Read the article
Global "ajax call" notification with asp.net mvc/jquery

- by Joel Martinez

I need to be notified any time a largeish asp.net mvc web application makes an ajax call to the server. We're using both jquery, and the built-in Ajax.* methods to do the remote calls, and I would like a global way of knowing when we make a call without having to manually inject some sort of "IsMakingCall" method to every request. The root problem we're trying to solve is session timeout. If the user leaves a page up and goes to lunch (for example), they get errors when they get back because the ajax call is returning the login page instead of the expected json or partial html result. My idea was to have a js timer which would be reset any time we make an ajax call. That way, if the timer runs out (ie. their session has now timed out) I can just auto-log them out. This is how sites like bank of america and mint.com work. Thanks!

Read the article
Need to access the Page object in Global.asax in the PreRequestHandlerExecute

- by Taher

I have a huge website (containing around 5000+) pages. There is a theme functionality in the website where user can choose different colors for their profile. Now i want to use the ASP.net theme feature and put different CSS (for different colors) in the theme folder and in Global.asax i want check the user theme and render appropriate link element with the css. But my problem is, i am not able to access the Page element for adding the link in the page. Here is my code Dim page As System.Web.UI.Page = TryCast(System.Web.HttpContext.Current.Handler,System.Web.UI.Page) page.StyleSheetTheme = "Black" But when i run this code I get a Null reference error. P.s : My application is very huge so its not possible to have a master page or a base class and inherit it in every page. Please suggest.

Read the article
Web Services: Secure? Asp.net

- by Jacques

Hey there, Something I can't wrap my head around is how secure web services are. For example we're writing a desktop application that will interact with data on one of our websites as well as local data. This data is sensitive though and the last thing we want is anybody calling the web services. I've not yet found anything that says web services has some kind of authentication methods and the only security I've seen people talk about is using certificates to encrypt the message. I'm no guru on this and would appreciate anyone's input and perhaps a link to somewhere that will explain this in simple terms. Thanks Jacques

Read the article
Assign a custom global pseudo variable in Code Igniter like {elapsed_time}

- by Fábio Antunes

Hello As you probably all know Code Igniter can assign pseudo variables using the Parser library, but you also know that if we want to assign a Pseudo Variable to use it in a View, we have to do it in every controller that loads those views with the pseudo variables. I would like to know if Code Igniter 1.7.2 has some way that i can assign a Global Pseudo variable (like the pseudo variables from the Benchmarking Class). The pseudo variables i want, would have simple data mostly returned from the $config array in the config.php file. If some could help me with that. Regards.

Read the article
Assign a Custom Global Pseudo Variable in Code Igniter

- by Fábio Antunes

Hello As you probably all know Code Igniter can assign pseudo variables using the Parser library, but you also know that if we want to assign a Pseudo Variable to use it in a View, we have to do it in every do it in every controller that loads those views with the pseudo variables. I would like to know if Code Igniter 1.7.2 has some way that i can assign a Global Pseudo variable (like the pseudo variables from the Benchmarking Class). The pseudo variables i want, would have simple data mostly returned from the $config array in the config.php file. If some could help me with that. Regards.

Read the article
How to secure licensekey generation

- by Jakob Gade

Scenario, simplified for brevity: A developer creates an application for a customer. The customer sells this app to end-users. The app requires a license key to run, and this key is generated by the customer for each end-user with a simple tool created by the developer. The license key contains an expiry date for the license and is encrypted so the end-user can’t tamper with it. The problem here is that the developer (or anybody who has a copy of the license key generator) can easily create valid license keys. Should this generator fall into the wrong hands, it could spell disaster for the customers business. Ideally, the customer would have to use a password to create new license keys. And this password would be unknown to the developer, and somehow baked into the decryption algorithm in the application so it will fail if an attempt to use an unauthorized key is made. How would you implement a solution for this problem that is both transparent and secure?

Read the article
How to secure Java webservices with login and session handling

- by hubertg

I'd like to secure my (Java metro) webservice with a login. Here's how I'm planning to do that: Steps required when calling a webservice method are: call login(user,pwd), receive a session token 1.1 remember the token call servicemethod (token, arg1, arg2...) webservice checks if the token is known, if not throw exception otherwise proceed logout or timeout after x time periods of inactivity my questions: 1. what's your opinion on this approach? does it make sense? 2. are there any libraries which take the burden of writing a session handling (maybe with database persistence to survive app restarts) (the solution should be simple and easily usable with Java and .NET clients) thanks!

Read the article
Global Ignores for SVN?

- by Michael Stum

Is there a way to setup a global list of Ignores for a SVN Repository or for the SVN Client on the PC? The only reason I'm using tools like Tortoise/Ankh/VisualSVN is because I want to only check in the files I need without all the bin/obj/Resharper stuff. I'm spoiled by .gitignore and .hgignore which I just copy to a repository and then use "git commit -a" without having to care about checking in junk. I know I can manually set it, but that's tedious to do and I think it had to be applied to every new folder that gets created as well. Using SVN under Windows if that matters

Read the article
How to secure connection between PHP and Android

- by Elad Cohen

I am developing an application for the Android that requires a connection with PHP pages in order to add sensitive data to a database that will affect the application. Since it's very easy to reverse engineer an android app, one can simply find the url where the data is sent to and manipulate it. I thought about creating a registration based on IMEI, but one can still able to manipulate it for his malicious purposes. I have also checked OAuth but I didn't really understand how it works and if it can help in my condition. What can I do to fully secure my application? Thanks in advance! EDIT: By the way, what I am mostly trying to achieve here is to make sure the requests are being sent from an Android and not from any other device.

Read the article
global scope of variable

- by shantanuo

The following shell scrip will check the disk space and change the variable "diskfull" to 1 if the usage is more than 10% The last echo always shows 0 I tried the global diskfull=1 in the if clause but it did not work. How do I change the variable to 1 if the disk consumed is more than 10% #!/bin/sh diskfull=0 ALERT=10 df -HP | grep -vE '^Filesystem|tmpfs|cdrom' | awk '{ print $5 " " $1 }' | while read output; do #echo $output usep=$(echo $output | awk '{ print $1}' | cut -d'%' -f1 ) partition=$(echo $output | awk '{ print $2 }' ) if [ $usep -ge $ALERT ]; then diskfull=1 exit fi done echo $diskfull

Read the article
django admin app error (Model with property field): global name 'full_name' is not defined

- by rxin

This is my model: class Author(models.Model): first_name = models.CharField(max_length=200) last_name = models.CharField(max_length=200) middle_name = models.CharField(max_length=200, blank=True) def __unicode__(self): return full_name def _get_full_name(self): "Returns the person's full name." if self.middle_name == '': return "%s %s" % (self.first_name, self.last_name) else: return "%s %s %s" % (self.first_name, self.middle_name, self.last_name) full_name = property(_get_full_name) Everything is fine except when I go into admin interface, I see TemplateSyntaxError at /bibbase2/admin/bibbase2/author/ Caught an exception while rendering: global name 'full_name' is not defined It seems like the built-in admin app doesn't work with a property field. Is there something wrong with my code?

Read the article
SQL ConnectionString in global.asax overridden by web.config

- by rlb.usa

This is going to sound very odd, but I have a web.config like this: <connectionStrings> <remove name="LocalSqlServer"/> <add name="LocalSqlServer" connectionString="Data Source=BACKUPDB;..." providerName="System.Data.SqlClient"/> </connectionStrings> And a global.asax like this: void Session_Start(object sender, EventArgs e) { // Code that runs when a new session is started if (Application["con"] == null || Application["con"] == "") { Application["con"] = "Data Source=PRODUCTIONDB;..."; } } And EVERYWHERE in my code, I reference my ConnectionStrings like this: SqlConnection con = new SqlConnection(Convert.ToString(HttpContext.Current.Application["con"])); However, I see that everything I do inside this application goes to BACKUP db instead of PRODUCTIONDB. What is going on, how could this happen, and why? It doesn't make any sense to me, and it got me into a lot of trouble. We use LocalSqlServer string for FormsAuthentication.

Read the article
Global find object references in NHibernate

- by Miral

Is it possible to perform a global reversed-find on NHibernate-managed objects? Specifically, I have a persistent class called "Io". There are a huge number of fields across multiple tables which can potentially contain an object of that type. Is there a way (given a specific instance of an Io object), to retrieve a list of objects (of any type) that actually do reference that specific object? (Bonus points if it can identify which specific fields actually contain the reference, but that's not critical.) Since the NHibernate mappings define all the links (and the underlying database has corresponding foreign key links), there ought to be some way to do it.

Read the article
SQL ConnectionString in web.config and global.asax implications

- by rlb.usa

This is going to sound very odd, but I have a web.config like this: <connectionStrings> <remove name="LocalSqlServer"/> <add name="LocalSqlServer" connectionString="Data Source=BACKUPDB;..." providerName="System.Data.SqlClient"/> </connectionStrings> And a global.asax like this: void Session_Start(object sender, EventArgs e) { // Code that runs when a new session is started if (Application["con"] == null || Application["con"] == "") { Application["con"] = "Data Source=PRODUCTIONDB;..."; } } And EVERYWHERE in my code, I reference my ConnectionStrings like this: SqlConnection con = new SqlConnection(Convert.ToString(HttpContext.Current.Application["con"])); However, I see that everything I do inside this application goes to BACKUP db instead of PRODUCTIONDB. What is going on, how could this happen, and why? It doesn't make any sense to me, and it got me into a lot of trouble. We use LocalSqlServer string for FormsAuthentication.

Read the article
Secure login on your domain with Google App Engine

- by mhost

Hi, We are starting a very large web based service project. We are trying to decide what hosting environment to use. We would really like to use Google App Engine for scalability reasons and to eliminate the need to deal with servers ourselves. Secure logins/registrations is very important to us, as well as using our own domain. Our target audience is not very computer savvy. For this reason, we don't want to have the users have to sign up with OpenID as this can't be done within our site. We also do not want to force our customers to sign up with Google. As far as I can see, I am out of luck. I am hoping to have a definite answer to this question. Can I have an encrypted login to our site accessed via our domain, without having to send the customers to another site for the login (OpenID/Google). Thanks.

Read the article
Windows secure pinned website tile

- by Stijn de Voogd

I'm currently working on a pinned website tile for my website and instead of using a static XML file i'm linking the tile to a web api that returns user specific XML. My question is: Is it possible to secure this tile so that a user needs to be logged in before the data loads? The pinned website livetile doesn't send any security request headers/ cookies: - Http: Request, GET /v1/livetile/firsttile Command: GET + URI: /v1/livetile/firsttile ProtocolVersion: HTTP/1.1 UserAgent: Microsoft-WNS/6.3 Host: 192.168.14.109:2089 Cache-Control: no-cache HeaderEnd: CRLF Sidenote: Notice how it's not even sending an accept header even though it only wants xml. Info: http://msdn.microsoft.com/en-US/library/ie/dn455106 http://msdn.microsoft.com/en-us/library/ie/hh761491.aspx# Thanks in advance!

Read the article
Searching Outlook Global Adress List

- by MoominTroll

I'm pulling up the Global Address List from Outlook like so... Microsoft.Office.Interop.Outlook.Application oApp = new Microsoft.Office.Interop.Outlook.Application(); AddressList gal = oApp.Session.GetGlobalAddressList(); ...with the aim of eventually being able to search through this in my own application to retrieve contact information which I can then supply to a method that squirrels off an email. Unfortunately given that my own GAL has about 20K entries in (the customers much more) using a foreach or something simply doesn't work in an acceptable timeframe. I want to pass a string like "Tom" to a method and have it return a list of possible contacts. Is this possible outside of actually opening up Outlook and creating the mail there? Note: There are a couple of other questions similar to this but most seem to have no good answer. I'm hoping I have more luck.

Read the article
How to secure authorization of methods

- by Kurresmack

I am building a web site in C# using MVC.Net How can I secure that no unauthorized persons can access my methods? What I mean is that I want to make sure that only admins can create articles on my page. If I put this logic in the method actually adding this to the database, wouldn't I have business logic in my data layer? Is it a good practise to have a seperate security layer that is always in between of the data layer and the business layer to make? The problem is that if I protect at a higher level I will have to have checks on many places and it is more likely that I miss one place and users can bypass security. Thanks!

Read the article
How to call angular javascript directive methods from the global scope

- by user1659278

I have a directive like the one of the examples from AngularJS, shown below. How can I call the toggle method from the global scope? I want to be able to toggle the zippy from some legacy code. myApp.directive('zippy', function(){ return { restrict: 'E', replace: true, transclude: true, scope: { title:'bind' }, template: '<div class="zippy">' + '<div class="title">{{title}}</div>' + '<div class="body" ng-transclude></div>' + '</div>', link: function(scope, element, attrs) { var title = angular.element(element.children()[0]), opened = true; title.bind('click', toggle); function toggle() { opened = !opened; element.removeClass(opened ? 'closed' : 'opened'); element.addClass(opened ? 'opened' : 'closed'); } toggle(); } } });

Read the article
How do I secure all the admin actions in all controllers in cakePHP

- by Gaurav Sharma

Hello Everyone, I am developing an application using cakePHP v 1.3 on windows (XAMPP). Most of the controllers are baked with the admin routing enabled. I want to secure the admin actions of every controller with a login page. How can I do this without repeating much ? One solution to the problem is that "I check for login information in the admin_index action of every controller" and then show the login screen accordingly. Is there any better way of doing this ? The detault URL to admin (http://localhost/app/admin) is pointing to the index_admin action of users controller (created a new route for this in routes.php file) Thanks

Read the article
iphone: is there any secure way to establish 2-way SSL from an application

- by pmilosev

Hi I need to establish a HTTPS 2-way SSL connection from my iPhone application to the customer's server. However I don't see any secure way to deliver the client side certificates to the application (it's an e-banking app, so security is really an issue). From what I have found so far the only way that the app would be able to access the certificate is to provide it pre-bundeled with the application itself, or expose an URL from which it could be fetched (http://stackoverflow.com/questions/2037172/iphone-app-with-ssl-client-certs). The thing is that neither of this two ways prevent some third party to get the certificate, which if accepted as a risk eliminates the need for 2-way SSL (since anyone can have the client certificate). The whole security protocol should look like this: - HTTPS 2-way SSL to authenticate the application - OTP (token) based user registration (client side key pair generated at this step) - SOAP / WSS XML-Signature (requests signed by the keys generated earlier) Any idea on how to establish the first layer of security (HTTPS) ? regards

Read the article
how to check session upon start in masterpage or in global.asax

- by user572276

i am new in asp.net form authentication and sessions i would like to know how to save session in masterpage or in global.asax and how to clear session how to better handle session timeout by redirecting to a page this is my web.config session settings <sessionState mode="InProc" cookieless="false" timeout="1"></sessionState> code in my masterpage if (Request.Url.AbsolutePath.EndsWith("SessionExpired.aspx", StringComparison.InvariantCultureIgnoreCase)) { HtmlMeta meta = new HtmlMeta(); meta.HttpEquiv = "Refresh"; meta.Content = "7; URL=./Login.aspx"; Page.Header.Controls.Add(meta); } else HttpContext.Current.Response.AppendHeader("Refresh", Convert.ToString((Session.Timeout * 60)) + "; Url=./Public/SessionExpired.aspx");

Read the article
How secure is my website?

- by Doug

As a beginning web developer, I try my best to clean up all the user inputs through checks and what not. However, today, I found out my website was hacked (I'll share their website on request) and it really made my wonder how did they do it. I'm in the process of getting my website back together. What should I do to prevent these things? Is there people I should talk to and ask how secure my website is? What can I do to to keep my website safe?

Read the article

< Previous Page | 90 91 92 93 94 95 96 97 98 99 100 101 | Next Page >