Search Results

Search found 63938 results on 2558 pages for 'asp net security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 104/2558 | < Previous Page | 100 101 102 103 104 105 106 107 108 109 110 111  | Next Page >

  • asp.net web apps: are OnServerValidate necessary with custom validators

    - by peroija
    I recently created a .net web app that used over 200 custom validators on one page. I wrote code for both ClientValidationFunction and OnServerValidate which results in a ton of repetitive code. My sql statements are parameterized, I have functions that pull data from input fields and validates them before passing to the sql statements or stored procedures. And the javascript validates the fields before the page submits. So essentially the data is clean and valid before it even hits the OnServerValidate and clean after it anyways due to the aforementioned steps. This makes me question, is OnServerValidate really needed when I validate on the clientside?

    Read the article

  • ASP.NET MVVM Handling multiple Data Transfer Objects on a single page

    - by meffect
    I have an asp.net mvc "edit" page which allows the user to make edits to the parent entity, and then also "create" child entities on the same page. Note: I'm making these data transfer objects up. public class CustomerViewModel { public int Id { get; set; } public Byte[] Timestamp { get; set; } public string CustomerName { get; set; } public etc.. public CustomerOrderCreateViewModel CustomerOrderCreateViewModel { get; set; } } In my view I have two html form's. One for Customer "edit" Http Posts, and the other for CustomerOrder "create" Http Posts. In the view page, I load the CustomerOrder "create" form in using: <div id="CustomerOrderCreate"> @Html.Partial("Vendor/_CustomerOrderCreatePartial", Model.CustomerOrderCreateViewModel) </div> The CustomerOrder html form action posts to a different controller HttpPost ActionResult than the Customer "edit" Action Result. My concern is this, on the CustomerOrder controller, in the HttpPost ActionResult [HttpPost] public ActionResult Create(CustomerOrderCreateViewModel vm) { if (!ModelState.IsValid) { return [What Do I Return Here] } ...[Persist to database code]... } I don't know what to return if the model state isn't valid. Right now it's not a problem, because jquery unobtrusive validation handles validation on the client. But what if I need more complex validation (ie: the server needs to handle the validation).

    Read the article

  • Visual Studio 2010 & .NET 4.0 RC in Feb-2010

    Scott says, In order to make sure that these fixes truly address the performance issues reported, and to Other Interested articles…27 New Features of .NET Framework 4.022 New Features of Visual Studio 2008 for .NET Professionals50 New Features of SQL Server 2008IIS 7.0 New featureshelp validate them across the broadest number of scenarios and machine configurations, we’ve decided to ship another public preview release of VS 2010 and .NET 4 before we ship. Specifically, we plan to make a Release Candidate build available in February that everyone will be able to download and test. It will be a public build and include a broad “go live” license that supports production deployment.The goal behind the Release Candidate is to get broad feedback on the readiness of the product. In order to ensure that we are able to receive and react to this feedback, we will also be moving the launch of Visual Studio 2010 and .NET 4 back a few weeks.Continue span.fullpost {display:none;}

    Read the article

  • Remote server security: handling compiler tools

    - by Gonzolas
    Hello! I was wondering wether to remove compiler tools (gcc, make, ...) from a remote production server, mainly for security purposes. Background: The server runs a web application on Linux. Consider Apache jailed. Otherwise, only OpenSSHd faces the public network. Of course there is no compiler stuff within the jail, so this is about the actual OS outside of any jails. Here's my personal PRO/CON list (regarding removal) so far: PRO: I had been reading some suggestions to remove compiler tools in order inhibit custom building of trojans etc. from within the host if an attacker attains unpriviliged user permissions. CON: I can't live without Perl/Python and a trojan/whatever could be written in a scripting language like that, anyway, so why bother about removing gcc et al. at all. There is a need to build new Linux kernels as well as some security tools from source directly on the server, because the server runs in 64-bits mode and (to my understanding) I can't (cross-)compile locally/elsewhere due to lack of another 64-bits hardware system. OK, so here are my questions for you: (a) Is my PRO/CON assessment correct? (b) Do you know of other PROs / CONs to removing all compiler tools? Do they weigh in more? (c) Which binaries should I consider dangerous if the given PRO statement holds? Only gcc, or also make, or what else? Should I remove the enitre software packages them come with? (d) Is it OK to just move those binaries to a root-only accessible directory when they are not needed? Or is there a gain in security if I "scp them in" every time? Thank you!

    Read the article

  • How to prevent getting infected by rogue security applications

    - by Ieyasu Sawada
    My computer never got infected with a virus before, because I'm using Web of Trust browser plugin, sandboxie and Avast Free antivirus. But today, it got infected with a rogue security application called antivirus.net. I have already removed it using MBAM, SAS, and Kaspersky Virus Removal Tool. And by the way, I was using MSE when my laptop got infected. Seems like the rogue application just killed off the MSE process. And I never even got a warning. I was using the wi-fi from our school, which I think is the cause since most of the computers in our laboratory has rogue applications on it. My question is, how do I prevent this from happening again? It took me about 6 hours to disinfect my computer and I don't want it to happen again. Please enlighten me if these rogue applications really just pop out of nowhere. Note I'm not dumb enough to agree with installing rogue security applications. It just came out of nowhere. I'm happy with MSE, well not after it let antivirus.net penetrate my computer. I've done a little bit of research and it says that it needs the permission of the user to actually install it in the computer: http://www.net-security.org/malware_news.php?id=1245 http://en.wikipedia.org/wiki/Rogue_security_software Is it possible that other computers in our school network have agreed to install those? Or maybe the network admin?

    Read the article

  • Google chrome not accepting any security certificates

    - by Jerry
    I've recently developed a problem with Google Chrome that's really annoying. I'm using Firefox at the moment with no problems whatsoever and it's the same with IE, so it's safe to say this problem is specific to Chrome. The problem is that it's not accepting security certificates from certain sites. I suppose the best place to start would be google itself. I can't search. The google search page will load but when I type some search term into the search box and hit 'search' I get the message: "You attempted to reach www.google.com, but the server presented an invalid certificate. You cannot proceed because the website operator has requested heightened security for this domain." No matter what the search term is, this is the result. Also when I try to log in to facebook - same message. Youtube works and many other sites that I know present security certs so I'm baffled. I've searched and there are other people who have had similar issues but I can't find a solution anywhere. The most common answer I'm picking up for this is to "check your system time" but I can safely say that it's not my system time. If anyone knows what is going on, I'd very much appreciate being informed. It's not super urgent as I can use Firefox to access those places Chrome won't, but it IS super annoying because I can usually sort out issues like this in no time.

    Read the article

  • Web Site Performance and Assembly Versioning – Part 3 Versioning Combined Files Using Mercurial

    - by capgpilk
    Minification and Concatination of JavaScript and CSS Files Versioning Combined Files Using Subversion Versioning Combined Files Using Mercurial – this post I have worked on a project recently where there was a need to version the system (library dll, css and javascript files) by date and Mercurial revision number. This was in the format:- 0.12.524.407 {major}.{year}.{month}{date}.{mercurial revision} Each time there is an internal build using the CI server, it would label the files using this format. When it came time to do a major release, it became v1.{year}.{month}{date}.{mercurial revision}, with each public release having a major version increment. Also as a requirement, each assembly also had to have a new GUID on each build. So like in previous posts, we need to edit the csproj file, and add a couple of Default targets. 1: <?xml version="1.0" encoding="utf-8"?> 2: <Project ToolsVersion="4.0" DefaultTargets="Hg-Revision;AssemblyInfo;Build" 3: xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> 4: <PropertyGroup> Right below the closing tag of the entire project we add our two targets, the first is to get the Mercurial revision number. We first need to import the tasks for MSBuild which can be downloaded from http://msbuildhg.codeplex.com/ 1: <Import Project="..\Tools\MSBuild.Mercurial\MSBuild.Mercurial.Tasks" />   1: <Target Name="Hg-Revision"> 2: <HgVersion LocalPath="$(MSBuildProjectDirectory)" Timeout="5000" 3: LibraryLocation="C:\TortoiseHg\"> 4: <Output TaskParameter="Revision" PropertyName="Revision" /> 5: </HgVersion> 6: <Message Text="Last revision from HG: $(Revision)" /> 7: </Target> With the main Mercurial files being located at c:\TortoiseHg To get a valid GUID we need to escape from the csproj markup and call some c# code which we put in a property group for later reference. 1: <PropertyGroup> 2: <GuidGenFunction> 3: <![CDATA[ 4: public static string ScriptMain() { 5: return System.Guid.NewGuid().ToString().ToUpper(); 6: } 7: ]]> 8: </GuidGenFunction> 9: </PropertyGroup> Now we add in our target for generating the GUID. 1: <Target Name="AssemblyInfo"> 2: <Script Language="C#" Code="$(GuidGenFunction)"> 3: <Output TaskParameter="ReturnValue" PropertyName="NewGuid" /> 4: </Script> 5: <Time Format="yy"> 6: <Output TaskParameter="FormattedTime" PropertyName="year" /> 7: </Time> 8: <Time Format="Mdd"> 9: <Output TaskParameter="FormattedTime" PropertyName="daymonth" /> 10: </Time> 11: <AssemblyInfo CodeLanguage="CS" OutputFile="Properties\AssemblyInfo.cs" 12: AssemblyTitle="name" AssemblyDescription="description" 13: AssemblyCompany="none" AssemblyProduct="product" 14: AssemblyCopyright="Copyright ©" 15: ComVisible="false" CLSCompliant="true" Guid="$(NewGuid)" 16: AssemblyVersion="$(Major).$(year).$(daymonth).$(Revision)" 17: AssemblyFileVersion="$(Major).$(year).$(daymonth).$(Revision)" /> 18: </Target> So this will give use an AssemblyInfo.cs file like this just prior to calling the Build task:- 1: using System; 2: using System.Reflection; 3: using System.Runtime.CompilerServices; 4: using System.Runtime.InteropServices; 5:  6: [assembly: AssemblyTitle("name")] 7: [assembly: AssemblyDescription("description")] 8: [assembly: AssemblyCompany("none")] 9: [assembly: AssemblyProduct("product")] 10: [assembly: AssemblyCopyright("Copyright ©")] 11: [assembly: ComVisible(false)] 12: [assembly: CLSCompliant(true)] 13: [assembly: Guid("9C2C130E-40EF-4A20-B7AC-A23BA4B5F2B7")] 14: [assembly: AssemblyVersion("0.12.524.407")] 15: [assembly: AssemblyFileVersion("0.12.524.407")] Therefore giving us the correct version for the assembly. This can be referenced within your project whether web or Windows based like this:- 1: public static string AppVersion() 2: { 3: return Assembly.GetExecutingAssembly().GetName().Version.ToString(); 4: } As mentioned in previous posts in this series, you can label css and javascript files using this version number and the GetAssemblyIdentity task from the main MSBuild task library build into the .Net framework. 1: <GetAssemblyIdentity AssemblyFiles="bin\TheAssemblyFile.dll"> 2: <Output TaskParameter="Assemblies" ItemName="MyAssemblyIdentities" /> 3: </GetAssemblyIdentity> Then use this to write out the files:- 1: <WriteLinestoFile 2: File="Client\site-style-%(MyAssemblyIdentities.Version).combined.min.css" 3: Lines="@(CSSLinesSite)" Overwrite="true" />

    Read the article

  • What prevents a user from adding controls to an ASP.NET page client side?

    - by Curtis White
    This goes back to my other question which I thought was sufficiently answers but upon reflect am not sure that it was (sorry). Backgrounder: I am generating a form dynamically. I am pulling from the database the controls. I must associate each control with a database ID which is not the user's session id. I do this currently by storing my ID in the ID for the web control with some other stuff to make it unique/clear what I am doing. On the post back, I iterate through all the controls on my web page checking for my special identifier, ie, MyGeneratedTextBox_ID_Unique. This process enables for 2 important steps, identifying the control was one I generated and also getting the ID for this input field. And, all of this works but I'm still concerned about the security of it. I do not see a security issue with showing the actual database ID's in this case, although agree it is not desirable. However, I am concerned of the following possibilities: If a user could add a nefarious control to my collection and use that for a SQL injection attack. More academic, but if a user could somehow store data for fields they do not have access too by changing the id's. I agree this is a "hack" of a way to do it. But my question is, is it a security risk and is there an 'easy' way to do it in a less hack way? I assume that only the controls that are created/instantiated on the page are added to the controls list.. thus all controls must be created server side and thus the security issue is address but just wanted to validate. Thanks again. PS: I could see adding a property for each control and encrypting the viewstate would be a little more secure.

    Read the article

  • .NET Framework 4.0 installation is very slow

    - by Dimitri C.
    On my Windows Vista, it takes a full 12 minutes to install the .NET Framework 4.0. a) Is this normal? b) If not, can something be done about it? The reason I'm concerned about the speed is because it slows down the testing of our product installer considerably. Testing an installer is time consuming already, but this new .NET Framework installer makes it almost undoable. Detail: I did the test on a clean Vista inside a VirtualBox virtual machine. This setup does not show any performance issues in other situations. I tried both dotNetFx40_Full_x86_x64.exe and dotNetFx40_Client_x86_x64.exe. They both take approximately the same time to install.

    Read the article

  • No option to select ASP.Net Version in IIS 6?

    - by GenericTypeTea
    I'm running Windows Server 2003 64bit edition. I've just installed the .Net 4 Framework in order to get a new WCF service up and running. However, I have no options anywhere in IIS 6 for selecting the ASP.Net framework version. I.e. Right click Properties on the website should have as ASP.Net tab from where I should be able to select v2 or v4. Does anyone know why they're not there and how I can make them appear? For the time being I've had to go into Website Properties Home Directory Configuration and change the .svc extension to use v4.0.30319 instead. So, everything's now working for my WCF service, however every other extension is set to v2. How can I get the tab? It's not visible on any of my 23 websites.

    Read the article

  • Attempting to install .NET framework 4 *full* installs *client* instead

    - by msorens
    On a Win7 SP1 32-bit machine, I initially had .NET 4 client installed and wanted to upgrade to .NET 4 full. I downloaded the full installer dotNetFx40_Full_x86_x64.exe from Microsoft. After download the file showed 48.11MB, the correct size for the full package (vs. 41MB for the client). I ran the installer and it first prompted to repair or remove the existing package. I chose to remove, so uninstalled the two parts, 4 extended and 4 client. Reboot. I reran the installer and it began installation, showing that it was installing the client. Though this raised an eyebrow for me, I let it run to completion, thinking it might be reporting the full install in sections. But after completion, I again ended up with 4 extended and 4 client installed! Obviously I am missing something; ideas...?

    Read the article

  • Why does my .NET 4 application know .NET 4 is not installed

    - by Tergiver
    I developed an application that targeted .NET 4 the other day and XCOPY-installed it to a Windows XP machine. I had told the owner of the machine that they would need to install .NET Framework 4 to run my app and he told me he did (not a reliable source). When I ran the application I was presented with a message box that said this app requires .NET Framework 4, would I like to install it? Clicking the Yes button took me to the Microsoft web site and a few clicks later .NET 4 was installed, and the application successfully launched. Now I normally don't develop applications that target the latest version of .NET, I always target the lowest version I can (what features do I really need?). So this was my first .NET 4 app (and I only targeted 4 because it used a library that did). In the past, XCOPY-installing .NET applications to a machine that didn't have the correct version of .NET installed resulted in the application simply crashing on startup with no useful information presented to the user. Was it built into my app because I targeted .NET X? Was it something already installed on the target machine? I love the feature, I just want to know precisely how to leverage it in the future.

    Read the article

  • Asp.net tips and tricks

    - by ybbest
    Asp.net tips and tricks Here is a summary of articles I found very useful over the years while I am working on asp.net TRULY Understanding View state http://weblogs.asp.net/infinitiesloop/archive/2006/08/03/Truly-Understanding-Viewstate.aspx TRULY Understanding Dynamic Controls http://weblogs.asp.net/infinitiesloop/archive/2006/08/25/TRULY-Understanding-Dynamic-Controls-_2800_Part-1_2900_.aspx ASP.Net 2.0 – Master Pages: Tips, Tricks, and Traps http://odetocode.com/articles/450.aspx ASP.NET Tip – Use The Label Control Correctly http://haacked.com/archive/2007/02/15/asp.net_tip_-_use_the_label_control_correctly.aspx Asp.net httphandlers http://www.michaelflanakin.com/Articles/NET/NET1x/ImplementingHTTPHandlers/tabid/173/Default.aspx http://support.microsoft.com/default.aspx?scid=kb;EN-US;308001 http://msdn.microsoft.com/en-us/library/ms972974.aspx Asp.net ajax http://encosia.com/ ASP.NET 2.0 Tips, Tricks, Recipes and Gotchas http://weblogs.asp.net/scottgu/pages/ASP.NET-2.0-Tips_2C00_-Tricks_2C00_-Recipes-and-Gotchas.aspx Mastering Page-UserControl Communication http://www.codeproject.com/KB/user-controls/Page_UserControl.aspx Comparing Web Site Projects and Web Application Projects Web Deployment Projects .NET Radio Show http://www.dotnetrocks.com/ Herdingcode http://herdingcode.com/ Clean Code talk http://www.objectmentor.com/videos/video_index.html .NET Video Show http://www.dnrtv.com/ .Net User group http://chicagoalt.net/home http://exposureroom.com/members/RIAViewMirror.aspx/assets/ FAQ Why should you remove unnecessary C# using directives? http://stackoverflow.com/questions/136278/why-should-you-remove-unnecessary-c-using-directives http://stackoverflow.com/questions/2009471/what-is-the-benefit-of-removing-redundant-imports-in-vb-net-or-using-in-c-file http://codeclimber.net.nz/archive/2009/12/30/best-of-2009-the-5-most-popular-posts.aspx

    Read the article

  • Unit testing ASP.NET MVC 2 routes with areas bails out on AreaRegistration.RegisterAllAreas()

    - by Sandor Drieënhuizen
    I'm unit testing my routes in ASP.NET MVC 2. I'm using MSTest and I'm using areas as well. When I call AreaRegistration.RegisterAllAreas() however, it throws this exception: System.InvalidOperationException: System.InvalidOperationException: This method cannot be called during the application's pre-start initialization stage.. OK, so I reckon I can't call it from my class initializer. But when can I call it? I don't have an Application_Start in my test obviously.

    Read the article

  • ASP.Net Webservice - Constructors with Parameters

    - by Ben
    Hi, I'm fairly new to WebService developement and have just set up my own webservice (ASP.Net 3.5, Visual Studio 2008 .asmx file). I can not find a way of setting up my webservice to take parameters on the constructor. If i create a constructor that takes parameters, it is not then shown when i hook up to the webservice from my application (it only shows a parameterless constructor). Am i missing something blatently obvious, or is this not possible (and why not)? Thanks.

    Read the article

  • FCKeditor for ASP.NET: file upload size limit

    - by balanza
    Hi all, I'm working on an asp.net website written in vb. I embedded fdkeditor in my page, and it works fine. As it includes image-upload feature, which works fine as well, I need to limit the size of the file before it's been uploaded. I wonder I couldn't find anyting satisfactory on web, it seems fckeditor's developers haven't ever thought about that. Has anyone workarounded it? Thanks

    Read the article

  • ViewData.* and TModel in asp.net MVC

    - by Quintin Par
    After a week of asp.net mvc2, I still haven’t understood the advantages of ViewData.model or rather how I can properly utilize Viewdata. Can some teach me how to use Viewdata properly? Also what’s TModel that’s associated with viewdata? How does one utilize TModel? The viewdata explanation in spark view engine talks about TModel and I couldn’t get a clue of how I can use it in my projects. Can someone help me?

    Read the article

  • Adding custom perfomance counters in ASP.Net for service calls

    - by Nithin
    Hi All, I have to show the time taken for a service call in Perfmon from my ASP.Net application. For this, I have added a stopwatch which starts at the service call start and stops at service call stop. Now I have a custom counter which user AverageTimer32 to log the stopwatch values to Perfmon. My question is, how can I show the service names on the Perfmon graph. I am using windows XP (I know windows server perfmon has some fancy stuff).

    Read the article

  • Easiest Way To Get Started In Dot Net

    - by Avery Payne
    Ok, so the initial search in StackOverflow shows nothing related for this question. So here it goes: Let's pretend for a moment that you're just getting started in a career in computer programming. Let's say that, for whatever reason, you decide to use the .Net framework as a basis for your programming. Let's also say that you've been exposed to some programming background, but not one in .Net, so it seems foreign to you at first. And lastly, you don't have the benefit of 25 years of exposure to the Win32 API, which explains why it seems so foreign to you when you start looking at it. So the questions are: What is a comprehensive overview of what .Net is? It appears to be a combination of a runtime environment, a set of languages, a common set of libraries, and perhaps a few other things...so it's about as clear as mud. Specifically, what are the key components to .Net? What is the easiest way to understand .Net programming with regard to available APIs? Which language would best suit beginning programming out of the "stock" languages that Microsoft has to offer? (C++, C#, VB, etc.) What are some differences between .Net programming and programming in a procedural language (aka Pascal, Modula, etc.) What are some differences between .Net programming and programming in a "traditional" object-oriented language? (aka Smalltalk, Java, Python, Ruby, etc.) As I currently understand it, the CLR provides a foundation for all of the other languages to run on. What are some of the inherent limitations of the CLR? Given the enormous amount of API to cover, would it even be worth learning a .Net language (using the Microsoft APIs) given that you would not have prior exposure to Win32 programming? Let's say you write a for-profit program with .Net. Can you resell the program without running afoul of licensing issues? Let's say you write a gratis (free) program with .Net. Can you offer the program to the public under a "free" license (GPL, BSD, Artistic, etc.) without running afoul of licensing issues? Thank you in advance for your patience.

    Read the article

  • ASP.NET 2.0 - scaffolding a database table for webforms

    - by Francis Huang
    Can you recommend a tool that can analyze a SQL database table, read the table columns, and populate an .aspx page with appropriate controls (i.e. textboxes with matching labels)? See this demo of ComponentOne InputPanel for WinForms for the functionality desired. Are there any built-in tools for ASP.NET 2.0 WebForms that can help build a scaffold page for any given database table or entity? Are there any free components out there to help achieve this goal?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 100 101 102 103 104 105 106 107 108 109 110 111  | Next Page >