Search Results

Search found 8253 results on 331 pages for 'secure coding'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 211/331 | < Previous Page | 207 208 209 210 211 212 213 214 215 216 217 218  | Next Page >

  • What are the best programming and development related Blogs?

    - by Christopher Cashell
    There are lots of great resources available on the Internet for learning more about programming and improving your skills. Blogs are one of the best, IMO. There's a wealth of knowledge and experience, much of it covering topics not often found in traditional books, and the increased community aspect helps to bring in multiple viewpoints and ideas. We're probably all familiar with Coding Horror and Joel on Software (so no need to mention them), but what are the other great ones out there? What are the Blogs that you find yourself following most closely? Where you see the best new ideas, the most interesting or informative ideas, or just the posts that make you sit back and think? One Blog per answer, and then we'll vote up the best so we can all learn from them.

    Read the article

  • PageMethods security

    - by TenaciousImpy
    Hi, I'm trying to 'AJAX-ify' my site in order to improve the UI experience. In terms of performance, I'm also trying to get rid of the UpdatePanel. I've come across a great article over at Encosia showing a way of posting using PageMethods. My question is, how secure are page methods in a production environment? Being public, can anyone create a JSON script to POST directly to the server, or are there cross-domain checks taking place? My PageMethods would also write the data into the database (after filtering). I'm using Forms Authentication in my pages and, on page load, it redirects unauthenticated users to the login page. Would the Page Methods on this page also need to check authentication if the user POSTs directly to the method, or is that authentication inherited for the entire page? (Essentially, does the entire page cycle occur even if a user has managed to post only to the PageMethod)? Thanks

    Read the article

  • Unload image of UIImageView thats offscreen

    - by ludo
    Hi, I'm coding an application on Ipad, in a certain point of my application I present a ViewController with the presentModalViewController. My ViewController is a UISScrollView who take the larger of the modalView and inside it I display some images, I allow pagingEnabled so I can see all my images inside the scrollView. Sometimes I have to display more than 10 images inside the scrollView, so I have this error RECEIVE MEMORY WARNING LEVEL=1 after this one RECEIVE MEMORY WARNING LEVEL=2 and finnaly the debugger exited due to signal 10 (Sigbus). What can I do? is there a way to unload the image thats offscreen? or others things to do? Thanks,

    Read the article

  • What's the best JSF implementation?

    - by Jeff
    Hey everyone, I currently have a medium size Java web application sitting on top of Spring MVC. As much as I like (no sarcasm) coding straight HTML, CSS and JS, it's not possible for me to develop as fast as I'd like. I'm looking at different RAD frameworks to speed up my development. I'm looking at JSF implementations and component libraries, Flex, GWT and a few others. As of now, Apache MyFaces (with ICEFaces) seems to be the front runner in my mind, but I'm curious to find out what you all think of that specific implementation and if the Sun implementation is any better? What's important to me is something that is stable, has an active community and that it doesn't look like there is another technology in the near future that is going to eclipse JSF (which would drive me to use a different RAD framework). Thanks in advance for the responses.

    Read the article

  • Why do people still use Vi and Emacs?

    - by mawg
    This is not a subjective question. I am genuinely looking for techinccal reasons to do so. I will risk offending some folks (not intended as an offence – maybe as a goad) by saying that I have been coding for 30+ years and used to be religously attched to each of them, but as soone as I saw editor-cum-IDE which seemed to offer more, I moved on. Is there any compelling reason, in this day and age, to choose Vi / Emacs over – say- Eclipse for code editing? Even Notepad++ for win-doze users seems to offer more. Just sayin'

    Read the article

  • SSL Form Post in ASP.NET MVC 1.0

    - by goombaloon
    I'd like to use SSL for the post action on the login page of my MVC 1.0 app. I've seen some articles related to the [RequireSSL] attribute in ASP.NET MVC Futures. However, since this works using a redirect, I assume it's not an option (can't redirect a POST, correct?). Ultimately, my goal is to get the Html.BeginForm method to render "https://..." as the form's action so that I can secure the information being posted (login info). How have others handled this?

    Read the article

  • What do I return if the return type of a method is Void? (Not void!)

    - by DR
    Due to the use of Generics in Java I ended up in having to implement a function having Void as return type: public Void doSomething() { //... } and the compiler demands that I return something. For now I'm just returning null, but I'm wondering if that is good coding practice... I've also tried Void.class, void, Void.TYPE, new Void(), no return at all, but all that doesn't work at all. (For more or less obvious reasons) (See this answer for details) So what am I supposed to return if the return type of a function is Void? What's the general use of the Void class? EDIT: Just to spare you the downvotes: I'm asking about V?oid, not v?oid. The class Void, not the reserved keyword void.

    Read the article

  • Does Google index HTTPS ASP.NET pages?

    - by ncakmak
    I have an online application that all of its pages use HTTPS. I have 3 questions: Does Google index HTTPS pages? I have a password protected single ASP.NET page (using HTTPS). Password protection is basically achieved by a Session object. When the correct password is entered, it hides the login panel and displays the same page which has a sensitive data. Is this page indexed by Google? I have a Secure folder that I implemented Forms Authentication. All pages in folder use HTTPS as well. Are the pages in this folder indexed by Google? Thank you for your help, Niyazi

    Read the article

  • Let MySQL users create databases, but allow access to only their own databases

    - by eikes
    I want to have multiple a MySQL users to be able to issue commands like CREATE DATABASE dbTest; But I also want each of these users to be able to see and access only their own databases. All I could find was how to either create the databases by a DBA and grant the privileges on this database to the specific user: GRANT ALL PRIVILEGES ON dbTest.* TO 'user'; or grant privileges on all databases to a user: GRANT ALL PRIVILEGES ON *.* TO 'user'; But neither is what I want, because it needs to scale and be secure.

    Read the article

  • Leaving out type="text/javascript" language="javascript"

    - by coffeeaddict
    Most of the script tags I create, I always include type="text/javascript" language="javascript" in the tag. My boss however does not. Sometimes he excludes both, sometimes just has language=javascript even without the quotes Now we have not had an issue in any of the major browsers with his tags. I'm talking about all versions of IE, FF, Safari, and Chrome. Personally I feel it's laziness and just totally improper and bad coding practice to leave stuff out like this even if it works without it. Anyone know if both should be included or just one or is it ok to leave both out in ASP.NET?

    Read the article

  • Compile C# into objective-C

    - by Ali Shafai
    Now that monotouch is being banned, I was wondering if there is a way to translate C# (or some other modern language for that matter) into objective-C? I won't mind using apple's api as long as I don't have to declare my variables in 3-4 stages (ivar-property-synthesize-dealloc). All I want is a less wordy language to concentrate on my intent and not on the compiler syntax. unfortunately apple in its arrogance thinks objective-c is a "modern" language and if you are looking for an alternative (monotouch) it's because you are incapable of coding. also if you don't find programming in itunes; sorry, xcode enjoyable, it is not because there are better alternatives, it's because you are stupid. anyway back to my original question: can it be done?

    Read the article

  • Limit a program's execution time in C (Monte Carlo technique)

    - by rrs90
    I am working on a project which has no determined algorithm to solve using C language. I am Using Monte Carlo technique for solving that problem. And the number of random guesses I want to limit to the execution time specified by the user. This means I want to make full use of the execution time limit defined by the user (as a command line argument) to make as many random iterations as possible. Can I check the execution time elapsed so far for a loop condition. Eg: for(trials=0;execution_time P.S. I am using code blocks 10.05 for coding and GNU compiler.

    Read the article

  • setCurrentTab Android

    - by Ali
    i have 4 tabs on my main screen, main ( set to current ) , Call, Email, Web When a user clicks on any of tab call, email or web, it starts making a call, or go to compose a email, or opens up the browser respectfully. Problem is, i want just three tabs (Call, Email, Web) and i Dont want any tab to be selected by default, means they should only become active when a user Touch them..(a call or any service cant be main at all) All java coding, XML file, and Manifest code is given below, XML File (tab_activity_layout) <?xml version="1.0" encoding="utf-8"?> <TabHost xmlns:android="http://schemas.android.com/apk/res/android" android:id="@android:id/tabhost" android:layout_width="fill_parent" android:layout_height="fill_parent"> <LinearLayout android:orientation="vertical" android:layout_width="fill_parent" android:layout_height="fill_parent" android:padding="5dp"> <RelativeLayout android:layout_width="fill_parent" android:layout_height="fill_parent" > <TabWidget android:id="@android:id/tabs" android:layout_width="fill_parent" android:layout_height="wrap_content" android:layout_alignParentBottom="true" /> <FrameLayout android:id="@android:id/tabcontent" android:layout_width="fill_parent" android:layout_height="fill_parent" android:padding="5dp"></FrameLayout> </RelativeLayout> </LinearLayout> </TabHost> Java Coding (MainTabActivity) package com.NVT.android; import android.app.TabActivity; import android.content.Intent; import android.content.res.Resources; import android.os.Bundle; import android.widget.TabHost; public class MainTabActivity extends TabActivity{ public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.tab_activity_layout); Resources res = getResources(); // Resource object to get Drawables TabHost tabHost = getTabHost(); // The activity TabHost TabHost.TabSpec spec; // Resusable TabSpec for each tab Intent intent; // Reusable Intent for each tab // Create an Intent to launch an Activity for the tab (to be reused) intent = new Intent().setClass(this, Main.class); // Initialize a TabSpec for each tab and add it to the TabHost spec = tabHost.newTabSpec("main").setIndicator("Main", res.getDrawable(R.drawable.ic_tab_artists_grey)) .setContent(intent); tabHost.addTab(spec); TabHost host=getTabHost(); host.addTab(host.newTabSpec("one") .setIndicator("Call") .setContent(new Intent(this, CallService.class))); host.addTab(host.newTabSpec("two") .setIndicator("Email") .setContent(new Intent(this, EmailService.class))); host.addTab(host.newTabSpec("three") .setIndicator("Web") .setContent(new Intent(this, WebService.class))); } } Manifest file <?xml version="1.0" encoding="utf-8"?> <manifest xmlns:android="http://schemas.android.com/apk/res/android" package="com.NVT.android" android:versionCode="1" android:versionName="1.0"> <application android:icon="@drawable/icon" android:label="@string/app_name"> <activity android:name=".Main" android:label="@string/app_name"> <!-- <intent-filter> <action android:name="android.intent.action.MAIN" /> <category android:name="android.intent.category.LAUNCHER" /> </intent-filter> --> </activity> <activity android:name=".MainTabActivity" android:label="@string/app_name"> <intent-filter> <action android:name="android.intent.action.MAIN" /> <category android:name="android.intent.category.LAUNCHER" /> </intent-filter> </activity> <activity android:name=".Courses"> </activity> <activity android:name=".CampusMap"> </activity> <activity android:name=".GettingHere"> </activity> <activity android:name=".ILoveNescot"> </activity> <activity android:name=".FurtherEducationCourses"> </activity> <activity android:name=".HigherEducationCourses"> </activity> <activity android:name=".EmployersTrainingCourses"> </activity> <activity android:name=".WebService"> </activity> <activity android:name=".CallService"> </activity> <activity android:name=".EmailService"> </activity> </application> <uses-sdk android:minSdkVersion="9" /> <uses-permission android:name="android.permission.CALL_PHONE"></uses-permission> <uses-permission android:name="android.permission.INTERNET" /> </manifest>

    Read the article

  • asp.net mvc form add comment

    - by Pinu
    I have a page where a product appears on the right side and the user can add comment so i have a user control which gets all the comments and a small text area where user can add new comment for that product. the link of the page is like http://localhost/Product/TestComment/1 Where 1 indicates the id of the product and I have been hard coding my AddNote function below and fourth argument you see has been hard coded, but i need to pass that as the id of the product. How do i do this AddNote(HttpContext.User.Identity.ToString(), txtComment, 1, DateTime.Now, true); [AcceptVerbs(HttpVerbs.Post)] public ActionResult AddComment(string txtComment) { bool rst = _NotesService.AddNote(HttpContext.User.Identity.ToString(), txtComment, 1, DateTime.Now, true); return RedirectToAction("TestComment"); }

    Read the article

  • How to generate a client certificate using a third party CA-NOT Self Signed CA

    - by Bryan
    I am trying to trying to export a client certificate for use with a web browser. The goal is to restrict access using the <Location directive to the admin area. I have seen numerous tutorials on using self signed CAs. How would you do this using a third party? 1) Do I need to include the CA in the client pfx if it is a trusted root CA? I have seen both examples. Without CA: openssl pkcs12 -export -inkey KEYFILENAME -in CERTFILEFILENAME -out XXX.pfx With CA: openssl pkcs12 -export -in my.crt- inkey my.key -certfile my.bundle -out my.pfx 2) Do I need to still include SSLCACertificateFile for trusted CA in the httpd.conf setup? SSLVerifyClient none SSLCACertificateFile conf/ssl.crt/ca.crt <Location /secure/area> SSLVerifyClient require SSLVerifyDepth 1 </Location> http://www.modssl.org/docs/2.8/ssl_howto.html#ToC8

    Read the article

  • In LINQ-SQL, wrap the DataContext is an using statement - pros cons

    - by hIpPy
    Can someone pitch in their opinion about pros/cons between wrapping the DataContext in an using statement or not in LINQ-SQL in terms of factors as performance, memory usage, ease of coding, right thing to do etc. Update: In one particular application, I experienced that, without wrapping the DataContext in using block, the amount of memory usage kept on increasing as the live objects were not released for GC. As in, in below example, if I hold the reference to List of q object and access entities of q, I create an object graph that is not released for GC. DataContext with using using (DBDataContext db = new DBDataContext()) { var q = from x in db.Tables where x.Id == someId select x; return q.toList(); } DataContext without using and kept alive DBDataContext db = new DBDataContext() var q = from x in db.Tables where x.Id == someId select x; return q.toList(); Thanks.

    Read the article

  • How to share code with continuous integration

    - by alchemical
    I've just started working in a continuous integration environment (TeamCity). I understand the basic idea of not getting so abstracted out in your code that you are never able to build it to test functionality, etc. However, when there is deep coding going on, occasionally it will take me several days to get buildable code--but in the interim other team members may need to see my code. If I check the code in, it breaks the build. However, if I don't check it in, my team members are unable to see the most recent work. I'm wondering how this situation is best dealt with.

    Read the article

  • Best Method for Minimizable Fullscreen Window

    - by kaykun
    Hi, I'm coding a short game in C++ and Win32, and I want to be able to make it in fullscreen with a fixed size. I also want the user to be able to switch focus between the game window and other windows as much as he/she wants without any weird screen glitches. So far I know of the ChangeDisplaySettings function and creating the window with the WS_POPUP style at initialization to make it fullscreen. To detect the user switching focus to other windows by way of alt+tab or otherwise, what messages should I be handling on the window's WndProc or should I be using another function? When loss of focus is detected should I only call ChangeDisplaySettings(NULL, 0); or are there other functions I should call as well? And what method should I use to handle focus back into the window? Also can anyone give me some info on how to make it work smoothly for different screen sizes? Thanks for any help.

    Read the article

  • What are the use cases for closures/callback functions in Javascript?

    - by Christopher Altman
    I was listening to Crockford's talk on Javascript closures and am convinced of the benefit of information hiding, but I do not have a firm understanding of when to use callback functions. It is mostly a true statement that a person could accomplish the same functionality with or without callbacks. As someone who is writing code, what heuristics or cues should I keep in mind when determining when to use callbacks/closures? I am not looking for the blanket statement 'Closures make more secure code', rather a list of practical examples or rules of thumb for when callbacks are the right idea. Crockford's Presentation: http://www.yuiblog.com/blog/2010/04/08/video-crockonjs-5/

    Read the article

  • Why does IIS not support chunked transfer encoding?

    - by Graeme Perrow
    I am making an HTTP connection to an IIS web server and sending a POST request with the data encoded using Transfer-Encoding: chunked. When I do this, IIS simply closes the connection, with no error message or status code. According to the HTTP 1.1 spec, All HTTP/1.1 applications MUST be able to receive and decode the "chunked" transfer-coding so I don't understand why it's (a) not handling that encoding and (b) it's not sending back a status code. If I change the request to send the Content-Length rather than Transfer-Encoding, the query succeeds, but that's not always possible. When I try the same thing against Apache, I get a "411 Length required" status and a message saying "chunked Transfer-Encoding forbidden". Why do these servers not support this encoding?

    Read the article

  • Finding out what user Apache is running as?

    - by AP257
    I want to secure a file upload directory on my server as described beautifully here, but I have one problem before I can follow these instructions. I don't know what user Apache is running as. I've found a suggestion that you can look in httpd.conf and there will be a "User" line, but there is no such line in my httpd.conf file, so I guess Apache is running as the default user. I can't find out what that is, though. So, my question is (are): how do I find out what the default user is do I need to change the default user if the answer is yes and I change the default user by editing httpd.conf, is it likely to screw anything up? Thanks!

    Read the article

  • TRY/CATCH_ALL vs try/catch

    - by Tim
    I've been using c++ for a while, and I'm familiar with normal try/catch. However, I now find myself on Windows, coding in VisualStudio for COM development. Several parts of the code use things like: TRY { ... do stuff } CATCH_ALL(e) { ... issue a warning } END_CATCH_ALL; What's the point of these macros? What benefit do they offer over the built-in try/catch? I've tried googling this, but "try vs TRY" is hard to search for.

    Read the article

  • Is url.openStream harmful?

    - by Casebash
    I was using the java.net.URL.openStream() method to retrieve content from the server. I recently ran into an issue where the HTTP Response code indicated an error, but instead of throwing an exception, the stream still was read anyway. This caused the error to appear much later in the execution and proved to be a red herring. As far as I can see, when you have opened a stream using this method, there is no way to check the HTTP response code. The only way I could find to handle this properly was to use code such as: HttpURLConnection conn=(HttpURLConnection) url.openConnection() if(conn.getResponseCode()!=HttpStatus.SC_OK) //Raise Exception; InputStream in=conn.getInputStream() So do you agree? Is it possible to use openStream safely, or is it a method that should be avoided at all costs. It is worth noting that Sun uses the method in their tutorial code for reading directly from a URL. Then again, the code throws Exception so it isn't exactly a bastion of good coding practices.

    Read the article

  • C# Winforms ADO.NET - DataGridView INSERT starting with null data

    - by Geo Ego
    I have a C# Winforms app that is connecting to a SQL Server 2005 database. The form I am currently working on allows a user to enter a large amount of different types of data into various textboxes, comboboxes, and a DataGridView to insert into the database. It all represents one particular type of machine, and the data is spread out over about nine tables. The problem I have is that my DataGridView represents a type of data that may or may not be added to the database. Thus, when the DataGridView is created, it is empty and not databound, and so data cannot be entered. My question is, should I create the table with hard-coded field names representing the way that the data looks in the database, or is there a way to simply have the column names populate with no data so that the user can enter it if they like? I don't like the idea of hard-coding them in case there is a change in the database schema, but I'm not sure how else to deal with this problem.

    Read the article

  • My website is infected with JS:ScriptIP-inf [Trj]

    - by Rizwan Aaqil
    I am using Network Solutions hosting. I was recently attacked with JS:Illredir-S [Trj], I asked my hosting providers to clean it and they cleaned it and updated all passwords, but now after a week my site got infected again with JS:ScriptIP-inf [Trj]. Can anyone please suggest me how to secure my website properly ? Should I change my hosting provider ? I am fed up of these viruses again and again on my websites. I can't even find this virus in my files. Please post informative answers. Thanks

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 207 208 209 210 211 212 213 214 215 216 217 218  | Next Page >