Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 247/3920 | < Previous Page | 243 244 245 246 247 248 249 250 251 252 253 254  | Next Page >

  • Is it possible to embed Cockburn style textual UML Use Case content in the code base to improve code

    - by fooledbyprimes
    experimenting with Cockburn use cases in code I was writing some complicated UI code. I decided to employ Cockburn use cases with fish,kite,and sea levels (discussed by Martin Fowler in his book 'UML Distilled'). I wrapped Cockburn use cases in static C# objects so that I could test logical conditions against static constants which represented steps in a UI workflow. The idea was that you could read the code and know what it was doing because the wrapped objects and their public contants gave you ENGLISH use cases via namespaces. Also, I was going to use reflection to pump out error messages that included the described use cases. The idea is that the stack trace could include some UI use case steps IN ENGLISH.... It turned out to be a fun way to achieve a mini,psuedo light-weight Domain Language but without having to write a DSL compiler. So my question is whether or not this is a good way to do this? Has anyone out there ever done something similar? c# example snippets follow Assume we have some aspx page which has 3 user controls (with lots of clickable stuff). User must click on stuff in one particular user control (possibly making some kind of selection) and then the UI must visually cue the user that the selection was successful. Now, while that item is selected, the user must browse through a gridview to find an item within one of the other user controls and then select something. This sounds like an easy thing to manage but the code can get ugly. In my case, the user controls all sent event messages which were captured by the main page. This way, the page acted like a central processor of UI events and could keep track of what happens when the user is clicking around. So, in the main aspx page, we capture the first user control's event. using MyCompany.MyApp.Web.UseCases; protected void MyFirstUserControl_SomeUIWorkflowRequestCommingIn(object sender, EventArgs e) { // some code here to respond and make "state" changes or whatever // // blah blah blah // finally we have this (how did we know to call fish level method?? because we knew when we wrote the code to send the event in the user control) UpdateUserInterfaceOnFishLevelUseCaseGoalSuccess(FishLevel.SomeNamedUIWorkflow.SelectedItemForPurchase) } protected void UpdateUserInterfaceOnFishLevelGoalSuccess(FishLevel.SomeNamedUIWorkflow goal) { switch (goal) { case FishLevel.SomeNamedUIWorkflow.NewMasterItemSelected: //call some UI related methods here including methods for the other user controls if necessary.... break; case FishLevel.SomeNamedUIWorkFlow.DrillDownOnDetails: //call some UI related methods here including methods for the other user controls if necessary.... break; case FishLevel.SomeNamedUIWorkFlow.CancelMultiSelect: //call some UI related methods here including methods for the other user controls if necessary.... break; // more cases... } } } //also we have protected void UpdateUserInterfaceOnSeaLevelGoalSuccess(SeaLevel.SomeNamedUIWorkflow goal) { switch (goal) { case SeaLevel.CheckOutWorkflow.ChangedCreditCard: // do stuff // more cases... } } } So, in the MyCompany.MyApp.Web.UseCases namespace we might have code like this: class SeaLevel... class FishLevel... class KiteLevel... The workflow use cases embedded in the classes could be inner classes or static methods or enumerations or whatever gives you the cleanest namespace. I can't remember what I did originally but you get the picture.

    Read the article

  • tool to export code to html

    - by some guy
    Hi there, I'm looking for a tool that can highlight code (ruby, php, javascript...) like with an IDE and then export the code to html format so that when opening the html page the code looks just like with the IDE Thanks.

    Read the article

  • Django with custom authentication backends, is Csrf middleware really required ?

    - by Hellnar
    Hello, Under Django 1.1.1, I am using several authentication backends such as social-registration for facebook connect and django-emailauth for email based authentication instead of user names. I am curious if the Csrf middleware is an essential security measure as it seems like it sometimes generates problems, especially with facebook connect. My project is rather simple. Each user have a profile which they can fill and a purchase page where they fill the payment for to do purchases. Either of these pages are protected via @login_required.

    Read the article

  • Example open source client-server code projects

    - by Ricket
    I'm still trying to determine an answer to my question from a few minutes ago, "Should client-server code be written in one 'project' or two?" and I think it would benefit me to see how other projects organize their code (and hopefully deduce the pros and cons of why they chose to do it that way). What are some open source client-server projects which might be best to look at and mimic their code organization style? Java is preferred but not required.

    Read the article

  • JQuery - code behind

    - by nisardotnet
    how would you use JQuery with asp.net Code-Behind what i mean by that: i have a div that displays the result based on some processing and this process done on code-behind and based on that result i have to display if the process went through sucessfully or not. how would i do and is that possible? can anybody show me some sample lines of code to understand? thanks.

    Read the article

  • Unmanaged Code calling leads to heavy memory leak!!

    - by konnychen
    Maybe I need change the title as "Unmanaged Code calling leads to heavy memory leak!" The leak is around 30M/hour I think maybe I need complete my code here because the memory leak maybe not from a static string whereas my real code derive this string from external device (see new code attached). so I handle also unmanaged code. Could it be possible the leak comes from unmanaged code? But I freed the resouce by Marshal.FreeCoTaskMem(pos); oThread2 = new Thread(new ThreadStart(Cyclic_Call)); oThread2.Start(); delegate void SetText_lab_Statubar(string text); private void m_SetText_lab_Statubar(string text) { if (this.lab_Statubar.InvokeRequired) { SetText_lab_Statubar d = new SetText_lab_Statubar(m_SetText_lab_Statubar); this.Invoke(d, new object[] { text }); } else { this.lab_Statubar.Text = text; } } private void Cyclic_Call() { do { //... ... ReadMatrixCode(Station6, 0, str_Code); this.m_SetText_lab_Statubar(str_Code[4]); Thread.Sleep(100); } while (!b_AbortThraed); } private void ReadMatrixCode(Station st, int ItemNr, string[] str_Code) { IntPtr pItemStates = IntPtr.Zero; IntPtr pErrors = IntPtr.Zero; int NumItems = itemServerHandles.Length; m_SyncIO.Read(DataSrc, NumItems, itemServerHandles, out pItemStates, out pErrors); // This calls external dll which has some of "out IntPtr" errors = new int[NumItems]; Marshal.Copy(pErrors, errors, 0, NumItems); IntPtr pos = pItemStates; // Now get the read values and check errors for (int dwCount = 0; dwCount < NumItems; dwCount++) { result[dwCount] = (ITEMSTATE)Marshal.PtrToStructure(pos, typeof(ITEMSTATE)); pos = (IntPtr)(pos.ToInt32() + Marshal.SizeOf(typeof(ITEMSTATE))); } // Free allocated COM-ressouces Marshal.FreeCoTaskMem(pItemStates); Marshal.FreeCoTaskMem(pErrors); pItemStates = IntPtr.Zero; pErrors = IntPtr.Zero; } m_syncIO is a class and finally it will call COM component which is defined below [Guid("39C12B52-011E-11D0-9675-1020AFD8ADB3")] [InterfaceType(1)] [ComConversionLoss] public interface ISyncIO { void Read(DATASOURCE dwSource, int dwCount, int[] phServer, out IntPtr ppItemValues, out IntPtr ppErrors); void Write(int dwCount, int[] phServer, object[] pItemValues, out IntPtr ppErrors); }

    Read the article

  • How do i write tasks? (parallel code)

    - by acidzombie24
    I am impressed with intel thread building blocks. I like how i should write task and not thread code and i like how it works under the hood with my limited understanding (task are in a pool, there wont be 100 threads on 4cores, a task is not guaranteed to run because it isnt on its own thread and may be far into the pool. But it may be run with another related task so you cant do bad things like typical thread unsafe code). I wanted to know more about writing task. I like the 'Task-based Multithreading - How to Program for 100 cores' video here http://www.gdcvault.com/sponsor.php?sponsor_id=1 (currently second last link. WARNING it isnt 'great'). My fav part was 'solving the maze is better done in parallel' which is around the 48min mark (you can click the link on the left side. That part is really all you need to watch if any). However i like to see more code examples and some API of how to write task. Does anyone have a good resource? I have no idea how a class or pieces of code may look after pushing it onto a pool or how weird code may look when you need to make a copy of everything and how much of everything is pushed onto a pool.

    Read the article

  • How extensible should code actually be?

    - by griegs
    I've just started a new job and one of the things my new boss talked to me about was code longevity. I've always coded to make my code infinently extensible and adaptable. I figured that if someone was going to change my code in the future then it should be easy to do. But I never really had a clear idea on how far into the future that should be. So my new boss told me not to bother coding for anything more that 3 years into the future and his reasoning was that technology changes, programs expire etc. At first I was kinda taken aback and thought he was a whack job but the longer I think about it the more I'm warming to the concept. Does anyone else have an opinion on how far into the future you should code to?

    Read the article

  • How to convince my boss to improve code quality?

    - by Vimvq1987
    The place I'm working for is a service provider. We have a lot of services, which are written to deal with deadline, so their code are really terrible: No coding convention, everyone codes in his own style No unit testing (which is really bad) No refactoring (which is truly worse) No automation build/deployment etc and these code are used again and again, so bad code continue to spread all over my department. I really want to set up a standard quality for our code, by requiring everyone to follow "rules": every line of code which does not follow convention will be rejected, and every function of code which does not pass unit testing will not be committed,...But I don't know how to convince my boss to allow me to do this. I'm relatively new comer, so inspiring people from my works is really hard, and I think it's easier if my boss support me to this. Thank you very much for your advices

    Read the article

  • Use DLL and have it be as trusted as my own application is

    - by Binary255
    Hi, I am using a port of GNU GetOpts, to be specific I am using the one at: http://getopt.codeplex.com I have added the DLL as a reference. But when I run my application I receive an exception: System.IO.FileLoadException was unhandled Message="Could not load file or assembly 'Gnu.Getopt, Version=0.9.1.24287, Culture=neutral, PublicKeyToken=d014b4ccdc53511a' or one of its dependencies. Failed to grant permission to execute. (Exception from HRESULT: 0x80131418)" If it is possible I would like my application to say, "trust this DLL as much as you trust me". Is there a way to do that so I won't have to fiddle with security settings? And if there is not. What is the cleanest way to get the DLL working?

    Read the article

  • Why Shouldn't I Programmatically Submit Username/Password to Facebook/Twitter/Amazon/etc?

    - by viatropos
    I wish there was a central, fully customizable, open source, universal login system that allowed you to login and manage all of your online accounts (maybe there is?)... I just found RPXNow today after starting to build a Sinatra app to login to Google, Facebook, Twitter, Amazon, OpenID, and EventBrite, and it looks like it might save some time. But I keep wondering, not being an authentication guru, why couldn't I just have a sleek login page saying "Enter username and password, and check your login service", and then in the background either scrape the login page from say EventBrite and programmatically submit the form with Mechanize, or use an API if there was one? It would be so much cleaner and such a better user experience if they didn't have to go through popups and redirects and they could use any previously existing accounts. My question is: What are the reasons why I shouldn't do something like that? I don't know much about the serious details of cookies/sessions/security, so if you could be descriptive or point me to some helpful links that would be awesome. Thanks!

    Read the article

  • How can I monitor if a cookie is being sent to a domain other than the one it originated from?

    - by Brendan Salt
    I am trying to write a program that will verify that all cookies sent out from the machine are in fact going to the domain they came from. This is part of a larger security project to detect cookie based malicious attacks (such as XSS). The main snag for this project is actually detecting the out-going cookies. Can someone point me in the right direction for monitoring out-going HTTP traffic for cookie information? Other information about the project: This is a windows application written in C and numerous scripting languages. Thanks so much for the help.

    Read the article

  • Mongrel not using latest deployed code, despite multiple restarts

    - by ming yeow
    What could be the potential reasons why mongrel does not use the latest code in the ~/current branch? The code changes are in the MODELs. The code changes in the CONTROLLERS TAKE EFFECT. I tried the following: god restart app deploying several times manually stopping mongrel cluster, deleting the pid files, and starting them again Anyone has similar experiences? Where could the server be potentially caching the model files?

    Read the article

  • Is there any benefit to encrypting twice using pgp?

    - by ojblass
    I am asking from a "more secure" perspective. I can imagine a scenario with two required private keys needed for decryption scenarios that may make this an attractive model. This is to settle an argument. My vote is that it is not adding any additional security other than having to compromise two different private keys. I think that if it was any more secure than encrypting it one million times would be the best way to secure informaiton and I don't buy it. So I guess my question becomes is a two locking mechanism equivalent to another one locking mechanism with a single key? Update: Forgive me if the answer is obvious but my bread goes dead as I read books on the topic.

    Read the article

  • Simple jQuery code contains a syntax error that I can't find

    - by inkedmn
    I've got this (remarkably) simple JavaScript function that is called when a user clicks a "Cancel" link: function hideNewUserPanel(){ $('#create_user_panel').slideUp('slow'); $('.right_interior_panel').slideDown('slow'); } And the code to add the handler: $(function(){ $('#cancel_create_user_btn').live('click', function(){ hideNewUserPanel(); } }); Functionally, everything works as expected. Trouble is, when I click the "Cancel" link, Firebug shows an error in the console: uncaught exception: Syntax error, unrecognized expression: # I've stepped through the code several times and the error appears at some point before the call to hideNewUserPanel(). At the risk of sounding like one of "those programmers" (the kind that claim to have found a bug in GCC and assume their own code is perfect), the exception is being thrown from somewhere within jQuery proper, so I assume the issue is in there. I'm using jQuery 1.3.2 (this is a legacy project using many jQuery plugins that will break if we update to 1.4.x). Is there anything obviously wrong with my code that I'm simply not seeing? This code is, frankly, very simple and I don't really see what the issue could be. Thanks!

    Read the article

  • Detecting if a browser is using Private Browsing mode

    - by Steve
    I'm building an extranet for a company paranoid about security. They want to make sure that (among other things) their users are browsing the site with the Private Browsing mode switched on in their web browser so that no cookies or history is kept. I found only this http://jeremiahgrossman.blogspot.com/2009/03/detecting-private-browsing-mode.html and http://serverfault.com/questions/18966/force-safari-to-operate-in-private-mode-and-detect-that-state-from-a-webserver The ideal solution would use no or minimal javascript. Would attempting to set a unique cookie work for all browsers and platforms? Anyone done this before? thanks!

    Read the article

  • 405: Method Not Allowed WCF

    - by luiscarlosch
    I can perfectly call a WCF web method from localhost. I published to this server: http://luiscarlosch.com/WebFormClean.aspx (only firefox or chrome) with the Visual Studio publishing tool and it works fine. The problem is when a try to access it from another computer. I get the 405: Method Not Allowed. But It doest make sense because It works fine when i access it remotely from the publisher computer as I said. Any idea? [ServiceContract(Namespace = "")] [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)] public class ContactProxy { [WebGet()] [OperationContract] public Contact getByID(int IDContact) { Contact contact = new Contact(IDContact); return contact; } [OperationContract] public EntityData insertEntityData(int IDEntityDataFieldType, int IDContact, String value) { //Contact contact = new Contact(); // contact.insertEntityData(IDEntityDataFieldType, IDContact, value); EntityData entityData = new EntityData(); entityData.save(IDEntityDataFieldType, IDContact, value); return entityData; } } Neither method seems to work. I just noticed some user were able to access http://luiscarlosch.com/WebFormClean.aspx because they change the values. So. some clients can read the methods but some cant. This should be happening. Web Config <?xml version="1.0"?> <configuration> <configSections> </configSections> <connectionStrings> <add name="ApplicationServices" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnetdb.mdf;User Instance=true" providerName="System.Data.SqlClient" /> </connectionStrings> <system.web> <compilation debug="true" targetFramework="4.0" /> <customErrors mode="Off"/> <authentication mode="Forms"> <forms loginUrl="~/Account/Login.aspx" timeout="2880" /> </authentication> <membership> <providers> <clear/> <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" /> </providers> </membership> <profile> <providers> <clear/> <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/"/> </providers> </profile> <roleManager enabled="false"> <providers> <clear/> <add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" /> <add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" /> </providers> </roleManager> </system.web> <system.webServer> <modules runAllManagedModulesForAllRequests="true"/> </system.webServer> <system.serviceModel> <behaviors> <serviceBehaviors> <behavior name="MyServiceTypeBehaviors" > <serviceMetadata httpGetEnabled="true" /> </behavior> </serviceBehaviors> <endpointBehaviors> <behavior name="WebApplicationTest.WCFProxy.EmployeeProxyAspNetAjaxBehavior"> <enableWebScript /> </behavior> <behavior name="WebApplicationTest.WCFProxy.EntityDataFieldCollectionProxyAspNetAjaxBehavior"> <enableWebScript /> </behavior> <behavior name="WebApplicationTest.WCFProxy.Service1AspNetAjaxBehavior"> <enableWebScript /> </behavior> <behavior name="WebApplicationTest.WCFProxy.ContactProxyAspNetAjaxBehavior"> <enableWebScript /> </behavior> </endpointBehaviors> </behaviors> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" /> <services> <service name="WebApplicationTest.WCFProxy.EmployeeProxy" behaviorConfiguration="MyServiceTypeBehaviors" > <endpoint address="" behaviorConfiguration="WebApplicationTest.WCFProxy.EmployeeProxyAspNetAjaxBehavior" binding="webHttpBinding" contract="WebApplicationTest.WCFProxy.EmployeeProxy" /> <endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" /> </service> <service name="WebApplicationTest.WCFProxy.EntityDataFieldCollectionProxy" behaviorConfiguration="MyServiceTypeBehaviors" > <endpoint address="" behaviorConfiguration="WebApplicationTest.WCFProxy.EntityDataFieldCollectionProxyAspNetAjaxBehavior" binding="webHttpBinding" contract="WebApplicationTest.WCFProxy.EntityDataFieldCollectionProxy" /> <endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" /> </service> <service name="WebApplicationTest.WCFProxy.Service1"> <endpoint address="" behaviorConfiguration="WebApplicationTest.WCFProxy.Service1AspNetAjaxBehavior" binding="webHttpBinding" contract="WebApplicationTest.WCFProxy.Service1" /> </service> <service name="WebApplicationTest.WCFProxy.ContactProxy" behaviorConfiguration="MyServiceTypeBehaviors" ><!--new--> <endpoint address="" behaviorConfiguration="WebApplicationTest.WCFProxy.ContactProxyAspNetAjaxBehavior" binding="webHttpBinding" contract="WebApplicationTest.WCFProxy.ContactProxy" /> <endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" /> </service> </services> <bindings /> <client /> </system.serviceModel> </configuration>

    Read the article

  • Prevent Method call without Exception using @PreAuthorize Annotation

    - by Chepech
    Hi all. We are using Spring Security 3. We have a custom implementation of PermissionEvaluator that has this complex algorithm to grant or deny access at method level on the application. To do that we add a @PreAuthorize annotation to the method we want to protect (obviously). Everything is fine on that. However the behavior that we are looking for is that if a hasPermission call is denied, the protected method call only needs to be skipped, instead we are getting a 403 error each time that happens. Any ideas how to prevent that? You can find a different explanation of the problem here; AccessDeniedException handling during methodSecurityInterception

    Read the article

  • How to convert a character to key code?

    - by Murat
    Hello everyone, How can I convert backslash key ('\') to key code? On my keyboard backslash code is 220, but the method below (int)'\\' returns me 92. I need some generic conversion like int ConvertCharToKeyValue(char c) { // some code here... } Any ideas?

    Read the article

  • IIS reveals internal IP address in content-location field - fix

    - by saille
    Referring: http://support.microsoft.com/kb/q218180/, there is a known issue in IIS4/5/6 whereby it will reveal the internal IP of a web server in the content-location field of the HTTP header. We have IIS 6. I have tried the fix suggested, but it has not worked. The website is configured to send all requests to ASP.NET, and I am wondering if this is why the fix, which addresses IIS configuration, has not worked for us. If this is the case, how would we fix this in ASP.NET? We need to fix this issue in order to pass a security audit.

    Read the article

  • What is the sense of permiting the user to use no passwords longer than xx chars?

    - by reox
    Its more like a usability question or maybe database, or even maybe security (consider injection attacks) but what is the sense of permiting the user's password to a be not longer than xx chars? It does not make any sense to me, because longer passwords are mostly considered better and even harder to crack, and some users use password safes, so the password length should not matter. I understand that passwords with more than 20 chars are hardly to remember, but if you use diceware or password safe you dont have any problem with that. I really cant understand why there are sites that say "your password need to be between 5 and 8 chars"... also should the password saved as hash, so the length of the field in the database is fixed, so where is the problem? i think that most of the sites where the password is has to be a fixed length are not even using any hashing method...

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 243 244 245 246 247 248 249 250 251 252 253 254  | Next Page >