Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 248/3920 | < Previous Page | 244 245 246 247 248 249 250 251 252 253 254 255  | Next Page >

  • I am confused -- Will this code always work?

    - by Shekhar
    Hello, I have written this piece of code public class Test{ public static void main(String[] args) { List<Integer> list = new ArrayList<Integer>(); for(int i = 1;i<= 4;i++){ new Thread(new TestTask(i, list)).start(); } while(list.size() != 4){ // this while loop required so that all threads complete their work } System.out.println("List "+list); } } class TestTask implements Runnable{ private int sequence; private List<Integer> list; public TestTask(int sequence, List<Integer> list) { this.sequence = sequence; this.list = list; } @Override public void run() { list.add(sequence); } } This code works and prints all the four elements of list on my machine. My question is that will this code always work. I think there might be a issue in this code when two/or more threads add element to this list at the same point. In that case it while loop will never end and code will fail. Can anybody suggest a better way to do this? I am not very good at multithreading and don't know which concurrent collection i can use? Thanks Shekhar

    Read the article

  • Setting value in html control in code behind without making server control

    - by Muhammad Akhtar
    Setting value in html control in code behind without making server control <input type="text" name="txt" /> <%--Pleas note I don't want put runat=server here to get the control in code behind--%> <asp:Button ID="Button1" runat="server" Text="Button" OnClick="Button1_Click" /> Code behind protected void Page_Load(object sender, EventArgs e) { if (!Page.IsPostBack) { //If I want to initlize some value in input, how can I set here } } protected void Button1_Click(object sender, EventArgs e) { Request["txt"] // Here I am getting the value of input } Thanks

    Read the article

  • Redoundant code in exception handling

    - by Nicola Leoni
    Hi, I've a recurrent problem, I don't find an elegant solution to avoid the resource cleaning code duplication: resource allocation: try { f() } catch (...) { resource cleaning code; throw; } resource cleaning code; return rc; So, I know I can do a temporary class with cleaning up destructor, but I don't really like it because it breaks the code flow and I need to give the class the reference to the all stack vars to cleanup, the same problem with a function, and I don't figure out how does not exists an elegant solution to this recurring problem.

    Read the article

  • Are there cross-platform tools to write XSS attacks directly to the database?

    - by Joachim Sauer
    I've recently found this blog entry on a tool that writes XSS attacks directly to the database. It looks like a terribly good way to scan an application for weaknesses in my applications. I've tried to run it on Mono, since my development platform is Linux. Unfortunately it crashes with a System.ArgumentNullException deep inside Microsoft.Practices.EnterpriseLibrary and I seem to be unable to find sufficient information about the software (it seems to be a single-shot project, with no homepage and no further development). Is anyone aware of a similar tool? Preferably it should be: cross-platform (Java, Python, .NET/Mono, even cross-platform C is ok) open source (I really like being able to audit my security tools) able to talk to a wide range of DB products (the big ones are most important: MySQL, Oracle, SQL Server, ...)

    Read the article

  • Use Tomcat with Java SecurityManager?

    - by pauline
    I'm writing a web application that is supposed to run on Tomcat on Ubuntu. On Ubuntu, Tomcat is per default configured to run with the Java SecurityManager. Besides my own web application, there will only be some well known third party web applications related to my own, like the BIRT report engine. If one of the web applications fails or gets compromised, it may take down all the others without harm, because they all belong together. What I don't wont to happen is that a compromised web app compromises the system itself, like calling rm -r / Do I need to use the java security manager to achieve this? Or is it only necessary to protect one web app from the other? I'd really like to prevent the effort to create .policy files for all the 3rd party web applications I intend to use.

    Read the article

  • XSS as attack vector even if XSS data not stored?

    - by Klaas van Schelven
    I have a question about XSS Can forms be used as a vector for XSS even if the data is not stored in the database and used at a later point? i.e. in php the code would be this: <form input="text" value="<?= @$_POST['my_field'] ?>" name='my_field'> Showing an alert box (demonstrate that JS can be run) on your own browser is trivial with the code above. But is this exploitable across browsers as well? The only scenario I see is where you trick someone into visiting a certain page, i.e. a combination of CSRF and XSS. "Stored in a database and used at a later point": the scenario I understand about CSS is where you're able to post data to a site that runs JavaScript and is shown on a page in a browser that has greater/different privileges than your own. But, to be clear, this is not wat I'm talking about above.

    Read the article

  • When do you trust the data / variables

    - by Wizzard
    We all know that all user data, GET/POST/Cookie etc etc needs to be validated for security. But when do you stop, once it's converted into a local variable? eg if (isValidxxx($_GET['foo']) == false) { throw InvalidArgumentException('Please enter a valid foo!'); } $foo = $_GET['foo']; fooProcessor($foo); function fooProcessor($foo) { if (isValidxxx($foo) == false) { throw Invalid...... } //other stuff } To me thats over the top. But what if you load the value from the database... I hope I make sense :)

    Read the article

  • Source code versioning with comments (organizational practice) - leave or remove?

    - by ADTC
    Before you start admonishing me with "DON'T DO IT," "BAD PRACTICE!" and "Learn to use proper source code control", please hear me out first. I am fully aware that the practice of commenting out old code and leaving it there forever is very bad and I hate such practice myself. But here's the situation I'm in. A few months ago I joined a company as software developer. I had worked in the company for few months as an intern, about a year before joining recently. Our company uses source code version control (CVS) but not properly. Here's what happened both in my internship and my current permanent position. Each time I was assigned to work on a project (legacy, about 8-10 years old). Instead of creating a CVS account and letting me check out code and check in changes, a senior colleague exported the code from CVS, zipped it up and passed it to me. While this colleague checks in all changes in bulk every few weeks, our usual practice is to do fine-grained versioning in the actual source code itself (each file increments in versions independent from the rest). Whenever a change is made to a file, old code is commented out, new code entered below it, and this whole section is marked with a version number. Finally a note about the changes is placed at the top of the file in a section called Modification History. Finally the changed files are placed in a shared folder, ready and waiting for the bulk check-in. /* * Copyright notice blah blah * Some details about file (project name, file name etc) * Modification History: * Date Version Modified By Description * 2012-10-15 1.0 Joey Initial creation * 2012-10-22 1.1 Chandler Replaced old code with new code */ code .... //v1.1 start //old code new code //v1.1 end code .... Now the problem is this. In the project I'm working on, I needed to copy some new source code files from another project (new in the sense that they didn't exist in destination project before). These files have a lot of historical commented out code and comment-based versioning including usually long or very long Modification History section. Since the files are new to this project I decided to clean them up and remove unnecessary code including historical code, and start fresh at version 1.0. (I still have to continue the practice of comment-based versioning despite hating it. And don't ask why not start at version 0.1...) I have done similar something during my internship and no one said anything. My supervisor has seen the work a few times and didn't say I shouldn't do such clean-up (if at all it was noticed). But a same-level colleague saw this and said it's not recommended as it may cause downtime in the future and increase maintenance costs. An example is when changes are made in another project on the original files and these changes need to be propagated to this project. With code files drastically different, it could cause confusion to an employee doing the propagation. It makes sense to me, and is a valid point. I couldn't find any reason to do my clean-up other than the inconvenience of a ridiculously messy code. So, long story short: Given the practice in our company, should I not do such clean-up when copying new files from project to project? Is it better to make changes on the (copy of) original code with full history in comments? Or what justification can I give for doing the clean-up? PS to mods: Hope you allow this question some time even if for any reason you determine it to be unfit in SO. I apologize in advance if anything is inappropriate including tags.

    Read the article

  • javascript on twitter to prevent embedding the html page.

    - by Reginald
    This is the javascript that you can find in www.twitter.com (just click to see the source code) I have just reformatted it for clarity: if (window.top !== window.self) { document.write = ""; window.top.location = window.self.location; setTimeout(function() { document.body.innerHTML = ''; }, 1); window.self.onload = function(evt) { document.body.innerHTML = ''; }; } now I understand this trick is to prevent other sites to wrap twitter in other iframes. but what I want to ask is do we really need all of this code ? what's the need of setting a function to execute in 1 millisecond, one to execute at 'onload' and one now. is that paranoia or is it really worth ? Many THanks in advance Reg

    Read the article

  • I dont know how or where to add the correct encoding code to this iPhone code...

    - by BC
    Ok, I understand that using strings that have special characters is an encoding issue. However I am not sure how to adjust my code to allow these characters. Below is the code that works great for text that contains no special characters, but can you show me how and where to change the code to allow for the special characters to be used. Right now those characters crash the app. enter code here - (void)alertView:(UIAlertView *)alertView clickedButtonAtIndex:(NSInteger)buttonIndex{ if (buttonIndex == 1) { //iTunes Audio Search NSString *stringURL = [NSString stringWithFormat:@"http://phobos.apple.com/WebObjects/MZSearch.woa/wa/search?WOURLEncoding=ISO8859_1&lang=1&output=lm&term=\"%@\"",currentSong.title]; stringURL = [stringURL stringByAddingPercentEscapesUsingEncoding:NSASCIIStringEncoding]; NSURL *url = [NSURL URLWithString:stringURL]; [[UIApplication sharedApplication] openURL:url]; } } And this: -(IBAction)launchLyricsSearch:(id)sender{ WebViewController * webView = [[WebViewController alloc] initWithNibName:@"WebViewController" bundle:[NSBundle mainBundle]]; webView.webURL = [NSString stringWithFormat:@"http://www.google.com/m/search?hl=es&q=\"%@\"+letras",currentSong.title]; webView.webTitle = @"Letras"; [self.navigationController pushViewController:webView animated:YES]; } Please show me how and where to do this for these two bits of code.

    Read the article

  • What is the sense of permiting the user to use no passwords longer than xx chars?

    - by reox
    Its more like a usability question or maybe database, or even maybe security (consider injection attacks) but what is the sense of permiting the user's password to a be not longer than xx chars? It does not make any sense to me, because longer passwords are mostly considered better and even harder to crack, and some users use password safes, so the password length should not matter. I understand that passwords with more than 20 chars are hardly to remember, but if you use diceware or password safe you dont have any problem with that. I really cant understand why there are sites that say "your password need to be between 5 and 8 chars"... also should the password saved as hash, so the length of the field in the database is fixed, so where is the problem? i think that most of the sites where the password is has to be a fixed length are not even using any hashing method...

    Read the article

  • how to run javascript from .NET code ?

    - by dotnetcoder
    I have a webrequest that returns a html response which has form inside with hidden fields with some javascript that submits the form automatically on pageload ( if this was run in a browser). If I save this file as *.html and run this file in browser , the java script code automatically posts the form and the output is excel file. I want to be able to generate this file(excel) from a c# code which is not running in broswer. I tried mocking thr form post but its complicated and has various scenarios based on the original webrequest querystring. any pointers.... i know its not possible to probably run JS code that posts the form - from within c# code but still thought of chekcing if someone has done that.

    Read the article

  • Code Design Process?

    - by user156814
    I am going to be working on a project, a web application. I was reading 37signals getting real pamphlet online (http://gettingreal.37signals.com/), and I understand the recommended process to build the entire website. Brainstorm, sketch, HTML, code. They touch on each process lightly, but they never really talk much about the coding process (all they say is to keep code lean). I've been reading about different ways to go about it (top to bottom, bottom to top) but I dont know much about each way. I even read somewhere that one should write tests for the code before they actually write the code??? WHAT? What coding process should one follow when building an application. if its necessary, I'm using PHP and a framework.

    Read the article

  • hiding <div> from vb.net code side

    - by reffe
    i have this code for hiding a table and a cell in aspx, backend vb.net Code - For Each row As HtmlTableRow In tab_a1.Rows If row.ID = "a1" Then For Each cell As HtmlTableCell In row.Cells cell.Visible = (cell.ID = "a1") Next ElseIf row.ID = "b1" Then For Each cell As HtmlTableCell In row.Cells cell.Visible = (cell.ID = "b1") Next Else row.Visible = False End If Next now instead of tables I'm using tags. How can i use similar code and make div's visible and invisible?

    Read the article

  • how to start with php code sniffer

    - by Rahul Mehta
    Hi, I have all written code and i want to this code standarise by php code sniffer. I would like to know what is the best way to start with it . I had installed it but when i run the command phpcs /path/to/code/myfile.php in the command line i got the last one hundered line error from 310 to 410 . but if i want to see the starting errors of any line error how can i see that . Mostly errors are 322 | ERROR | Spaces must be used to indent lines; tabs are not allowed 322 | ERROR | Line indented incorrectly; expected at least 8 spaces, found 2 How can i solve these things easily and in future it don't repeat , what it saying that i should not use tab , and use space , by using space it will take time . and how can i start with basic standard ,because don't want to utilise more time in this right now. Thanks

    Read the article

  • Asp.net MVC 3 Razor code problem in a if statement

    - by ray247
    I have the following asp.net mvc 3 razor code, where "item" is my model, <a @if (item.Selected) { class="youarehere" } href="@item.Href" title="@item.Title">@item.Description</a> This code throws up the following error, CS1513: } expected which is pointing to class="youarehere" portion of the code, but I could not figure out why. Could someone help point out how to fix it please? Thank you.

    Read the article

  • Compiling code at runtime, loading into current appdomain.

    - by Richard Friend
    Hi Im compiling some code at runtime then loading the assembly into the current appdomain, however when i then try to do Type.GetType it cant find the type... Here is how i compile the code... public static Assembly CompileCode(string code) { Microsoft.CSharp.CSharpCodeProvider provider = new CSharpCodeProvider(); ICodeCompiler compiler = provider.CreateCompiler(); CompilerParameters compilerparams = new CompilerParameters(); compilerparams.GenerateExecutable = false; compilerparams.GenerateInMemory = false; foreach (Assembly assembly in AppDomain.CurrentDomain.GetAssemblies()) { try { string location = assembly.Location; if (!String.IsNullOrEmpty(location)) { compilerparams.ReferencedAssemblies.Add(location); } } catch (NotSupportedException) { // this happens for dynamic assemblies, so just ignore it. } } CompilerResults results = compiler.CompileAssemblyFromSource(compilerparams, code); if (results.Errors.HasErrors) { StringBuilder errors = new StringBuilder("Compiler Errors :\r\n"); foreach (CompilerError error in results.Errors) { errors.AppendFormat("Line {0},{1}\t: {2}\n", error.Line, error.Column, error.ErrorText); } throw new Exception(errors.ToString()); } else { AppDomain.CurrentDomain.Load(results.CompiledAssembly.GetName()); return results.CompiledAssembly; } } This bit fails after getting the type from the compiled assembly just fine, it does not seem to be able to find it using Type.GetType.... Assembly assem = RuntimeCodeCompiler.CompileCode(code); string typeName = String.Format("Peverel.AppFramework.Web.GenCode.ObjectDataSourceProxy_{0}", safeTypeName); Type t = assem.GetType(typeName); //This works just fine.. Type doesntWork = Type.GetType(t.AssemblyQualifiedName); Type doesntWork2 = Type.GetType(t.Name); ....

    Read the article

  • How to make an Asp.net MVC 2 website have a Private Beta Mode.

    - by Mark Kitz
    I am creating an ASP.Net MVC website that I am launching soon in private beta. What I am using. ASP.NET MVC 2 ASP.NET Sql Membership Provider Authorization Attributes on ActionMethods. ex. [EditorsOnly] What I am trying to accomplish: During the private Beta period of my website, I want no anonymous users to access my site. Only Beta Testers of my site should be able to login and use my site as normal. After the private beta period people can access it using the security structure I already have set up. I am hoping I do not have to recompile but can have a setting in the webconfig to switch between Private Beta mode to Normal mode. Thanks for your suggestions.

    Read the article

  • Websphere exception handling

    - by Benjamin
    Hi all, From a security standpoint, what is the best solution to handle application errors with Websphere? I've been thinking of creating a class that is called every time an application error is generated, log the error and display a generic error message to the users. In PHP this can be achieved using the set_exception_handler() function. Is there something similar for websphere that could be configured in the web.xml? I've found codes like this on the internet: <error-page> <error-code>500</error-code> <location>/servlet/ExceptionHandlerServlet</location> </error-page> But that would only work with "500" HTTP error codes. I really want something generic that catches everything. Something like a class that implements a certain interface which can have access to all information about the error. Thanks for your time.

    Read the article

  • Is php fileinfo sufficient to prevent upload of malicious files?

    - by Scarface
    Hey guys, I have searched around a bit, and have not really found a professional type response to how to have secure fileupload capability so I wanted to get the opinion of some of the experts on this site. I am currently allowing upload of mp3s and images, and while I am pretty confident in preventing xss and injection attacks on my site, I am not really familiar with fileupload security. I basically just use php fileinfo and check an array of accepted filetypes against the filetype. For images, there is the getimagesize function and some additional checks. As far as storing them, I just have a folder within my directory, because I want the users to be able to use the files. If anyone could give me some tips I would really appreciate it.

    Read the article

  • Redundant code in exception handling

    - by Nicola Leoni
    Hi, I've a recurrent problem, I don't find an elegant solution to avoid the resource cleaning code duplication: resource allocation: try { f() } catch (...) { resource cleaning code; throw; } resource cleaning code; return rc; So, I know I can do a temporary class with cleaning up destructor, but I don't really like it because it breaks the code flow and I need to give the class the reference to the all stack vars to cleanup, the same problem with a function, and I don't figure out how does not exists an elegant solution to this recurring problem.

    Read the article

  • embed js code issue from rails application

    - by Arpit Vaishnav
    I am on the ruby on rails application and trying to embed the code for js , added the whole code for embedding in Text box , But when i copy paste in other blogs where embed is poss , i am not getting the full js work , the code is given below <%= text_field_tag "text"," script src=\"/public/javascripts/calendarview.js\" script src=\"/public/javascripts/calendarview_init.js\" link rel=\"stylesheet\" href=\"/public/stylesheets/calendarview.css\" link rel=\"stylesheet\" href=\"/public/stylesheets/calendarview_init.css\" ",:size = 40 % I have just removed < for let it be seen in the coding window PLease help if poss List item

    Read the article

  • Navigating through code with keyboard shortcuts

    - by MarceloRamires
    I'm starting to feel the need to run fastly through code with keyboard shortcuts, to arrive faster where I want to make any changes (avoiding use of mouse or long times holding [up], [left], [right] and [down]). I'm already using some: [home] - first position in current line [end] - last position in current line [ctrl] + [home] - first line of the entire code [ctrl] + [end] - last line of the entire code [pageup] - same vertical position, one screen above [pagedown] - same vertical position, one screen below [ctrl] + [pageup] - first line in current screen [ctrl] + [end] - last line in current screen [ctrl] + [left/right] - skipping word per word What have you got ? I use Visual Studio. (but I'm open to any answer, as I maybe can use others soon) obs: I've searched through stackoverflow and didn't find a nice question with this content, nor a list of keyboard code searching. If it's repeated, I'm sorry for not finding it, I'm here in my best intentions. This question is NOT about any shortcuts, and not only about visual studio, it's about running through code with shortcuts. Answers that suit the question so far: [Ctrl] + [-] - jumps to last cursor position [Ctrl] + [F3] - Jumps to next occurance of the word the curson is in [Shift] + [F3] - Same as the above, backwards. [F12] - Goes to definition of method/variable the cursor is in [Ctrl] + [ ] ] - Jumps to matching brace and select I'll ad more as there are answers.

    Read the article

  • Not able to get response back on java code while http get with S60

    - by Rishabh
    Hi, I am using Net Beans for developing an application on S60. I made one page for user authentication and using .net wcf service to authenticate user. i am able to send data on .net service by HttpGet method but not able to get response back on java page. I have tested it on fiddler with this url its working fine and returning response code 200, but not getting response code by java code. Following code i am using. Is some thing wrong here ? httpConn = (HttpConnection)Connector.open(url); httpConn.setRequestMethod(HttpConnection.GET); httpConn.setRequestProperty("User-Agent", "Profile/MIDP-2.1 Confirguration/CLDC-1.1"); int respCode = httpConn.getResponseCode(); Thanks Rishabh

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 244 245 246 247 248 249 250 251 252 253 254 255  | Next Page >