Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 253/3920 | < Previous Page | 249 250 251 252 253 254 255 256 257 258 259 260  | Next Page >

  • How to ensure the HTTP_REQUEST Is coming from the right place?

    - by seatoskyhk
    I learn that HTTP_REFERER or any HTTP request header can be fake and not reliable. REMOTE_ADDR is reliable though. so, how can I ensure the incoming HTTP_REQUEST call is coming from a website that I white-list? For example, I have a js code that will send from client site to server. (something like a sniper, cross platform). however, I only allow this happen from several websites. Not others. so, even other people copy the code and put onto their website, it won't work.

    Read the article

  • EJB3.1 logout doesn't work

    - by Kevin
    Hello, I've got a problem with the authentication features of EJB3.1: With this code in a Servlet v3: log.info(""+request.getUserPrincipal()); log.info(""+request.getAuthType()); log.info("===^==="); request.logout() ; log.info(""+request.getUserPrincipal()); log.info(""+request.getAuthType()); request.authenticate(response) ; log.info("===v==="); log.info(""+request.getUserPrincipal()); log.info(""+request.getAuthType()); I would always expect to see the Username/login windows, because of the logout() function. Instead, it seems to be a 'cache' mechanism which repopulate the credential and cancel my logout ... Admin BASIC ===^=== null null ===v=== Admin BASIC is it a problem with my firefox, or something I'm missing in the Servlet code? Thanks

    Read the article

  • Which IDE / code editor was the first to introduce a code completion feature?

    - by Uri
    I am trying to identify the point in time where code completion (autocomplete/intellisense/whatever) was first introduced in IDEs and would appreciate any pointers. By code completion here I mean a feature within the editor that offers methods or suggestions based on the code that was already typed, and I am interested in programming language related completions (not word processor style completion).

    Read the article

  • Code Highligh with javascript ?

    - by BrunoLM
    Is there any API or a jQuery plugin that allow me to highlight a code on my website? For example <pre code="c#"> var x = new StringBuilder(); var complex = new Complex(); </pre> <script type="text/javascript"> $("pre[code]").codehighlight({ language: "c#" }); </script> Something like that?

    Read the article

  • asp.net impersonation identity: Where does it come from?

    - by Rising Star
    Here's a simple question I've been stuck on for a while. When I set < identity impersonate=true > in my web.config so that asp.net impersonates the logged on user automatically (or the anonymous account if not using Windows Authentication), where does the identity that asp.net impersonates come from? This document: http://msdn.microsoft.com/en-us/library/ff649264.aspx shows three places you can retrieve information about the logged on user: Httpcontext.Current.user System.Threading.Thread.Current System.Security.Principal.WindowsIdentity.GetCurrent It seems that none of these locations consistently match the identity that gets impersonated when I set < identity impersonate=true > in web.config. I would like to know where the impersonated identity comes from.

    Read the article

  • Cross domain secure cookie usage?

    - by asdasda
    I have a website that came with a SSL site for HTTPS but its on a different server. Example being my website: http://example.com my SSL site: http://myhostingcompany.com/~myuseraccount/ So I can do transactions over HTTPS and we have user accounts and everything but it is located on a different domain. The cookie domain is set for that one. Is there a way I can check on my actual site to see if a cookie is set for the other one? And possibly grab its data and auth a user? I think this violates a major principle of security and can't be done for good reasons, but am i wrong? is this possible?

    Read the article

  • How do I make non-framework code to framework code? (PHP)

    - by ggfan
    I just started using CakePHP and it's very different from just normal procedural or basic OOP PHP. I am still learning PHP and still read "beginning PHP/mysql" books that teaches you basic PHP. Also lots of sites online provide code that isn't for a framework. Is the only way to make non-framework code to say a framework, say cakePHP, by learning cakePHP thoroughly than rewriting the code yourself to fit the MVC model?

    Read the article

  • Javascript Code For HTML5 Form Validation Not Working

    - by MistUnleashed
    I'm new to JavaScript so I have no idea why this code does not work and validate my HTML5 Form like it should. The JavaScript code which can be found below is supposed to check if the browser supports the required attribute and if it doesn't then it will validate the form and check for any empty spaces. I got the code from this website. In the body of the webpage containing my form I have this: Below is the contactvalidate.js file: $('#formTemplate').submit(function() { if (!attributeSupported("required") || ($.browser.safari)) { $("#formTemplate [required]").each(function(index) { if (!$(this).val()) { alert("Please fill all required fields."); return false; } }); } return false; }); Do I need to change anything in this code or should it work? As I've said I'm new to JavaScript so any help you guys could give me is greatly appreciated.

    Read the article

  • Creating a Simple C# Wrapper to clean up code

    - by Tangopop
    I have this code: public void Contacts(string domainToBeTested, string[] browserList, string timeOut, int numberOfBrowsers) { verificationErrors = new StringBuilder(); for (int i = 0; i < numberOfBrowsers; i++) { ISelenium selenium = new DefaultSelenium("LMTS10", 4444, browserList[i], domainToBeTested); try { selenium.Start(); selenium.Open(domainToBeTested); selenium.Click("link=Email"); Assert.IsTrue(selenium.IsElementPresent("//div[@id='tabs-2']/p/a/strong")); selenium.Click("link=Address"); Assert.IsTrue(selenium.IsElementPresent("//div[@id='tabs-3']/p/strong")); selenium.Click("link=Telephone"); Assert.IsTrue(selenium.IsElementPresent("//div[@id='tabs-1']/ul/li/strong")); } catch (AssertionException e) { verificationErrors.AppendLine(browserList[i] + " :: " + e.Message); } finally { selenium.Stop(); } } Assert.AreEqual("", verificationErrors.ToString(), verificationErrors.ToString()); } My problem is i would like to make it so that i can use the code surrounding the 'try' many many times in the rest of the code. I think it has something to do with wrappers, but i can't get a simple answer for this from the web. So in simple terms the only piece of this code which changes is the bit between the try {} the rest is standard code that i have currently used over 100 times and is turning out to be a pain to maintain. Hope this is clear, many thanks.

    Read the article

  • Understanding c++ block of code

    - by kotoko
    I was given a c++ main and have to code it so it works. I am having some trouble understanding the code as I am a bit new to cpp. Here is the code int main(int argc, char *argv[]) { Class::setAtribute("string"); Class(Class::CONSTANT) << "starting up..."; } Some questions: How can the first line work with no variables? Is it static? The second line is really strange for me, what I can make out is a Constructor that takes in a class constante and then prints it out somehow? If someone could explain me this bit of code it would be great! Thanks in advance.

    Read the article

  • Is there any simple C++ code to grab video from UVC webcam and display it simultaneously?

    - by mShero
    I'm very very new to Linux and programming! I'm using ubuntu 11.10 - 64 bits with gcc 4.6.1 I've been searching online for an example C++ code that simply grabs video from a compliant UVC webcam and displays it simultaneously.. I need to compile it on gcc. In OpenCV, it's a very simple code less than 20 lines as I remember! I found this: http://v4l2spec.bytesex.org/spec/capture-example.html But it's very huge code relative to OpenCV code ?! and even when I tried to compile it using gcc.. I got many errors! I copied the code into a cpp file: cap.cpp then wrote in the terminal: gcc cap.cpp -o cap and the errors showed up... same errors with g++ I hope if someone can help me and tell me where can I find another simpler code? and how can I test it ? Thank you :)

    Read the article

  • On Linux do people chroot a Java Web Application or use IPTables and run as non-root?

    - by Adam Gent
    When you run a Java Servlet Container that you would like to serve both static and dynamic content on port 80 you have the classic question of whether to run the server as: As root in hopefully a chroot jail if you can (haven't gotten this working yet) As a non root user and then use IPTables to forward port 80 to some other port (1024) that the container is running on Both: As a non root user, IPTables, and chroot jail. The problem with opt. 1 is the complexity of chrooting and still the security problems of running root.The problem with opt. 2 is that each Linux distro has a different way of persisting IPTables. Option 3 of course is probably idea but very hard to setup. Finally every distro has the annoying differences in daemon scripts. What do people find as the best distro agnostic solution and are there resources to show how to do this?

    Read the article

  • How do I simplify my code?

    - by Mitchell Skurnik
    I just finished creating my first major application in C#/Silverlight. In the end the total line count came out to over 12,000 lines of code. Considering this was a rewrite of a php/javascript application I created 2 years that was over 28,000 lines I am actually quite proud of my accomplishment. After reading many questions and answers here on stackoverflow and other sites online, I followed many posters advice: I created classes, procedures, and such for things that I would have a year ago copied and pasted; I created logic charts to figure out complex functions; making sure there are no crazy hidden characters (used tabs instead of spaces); and a few others things; place comments where necessary (I have lots of comments). My application consists of 4 tiles laid out horizontally that have user controls loaded into each slice. You can have between one and four slices loaded at anytime. If you have once slice loaded, the slice takes up the entire artboard...if you have 2 loaded, each take up half, 3 a third, 4 a quarter. Each one of these slices represent (for the sake of this example) a light control. Each slice has 3 slider controls in it. Now when I coded the functionality of the sliders, I used a switch/case statement inside of a public function that would run the command on the specified slice/slider. The made for some duplicate code but I saw no way around it as each slice was named differently. So I would do slice1.my.commands(); slice2.my.commands(); etc. My question to you is how do I clean up my code even futher? (Sadly I cannot post any of my code). Is there any way to take this repetion out of my code?

    Read the article

  • JQuery: After adding some AJAX, some of the jquery code no longer works

    - by fwaokda
    Here's a pastebin link to my entire jQuery code. [ http://pastebin.com/w57ma5Gx ] The "Thumbnails" section was working fine before I added the ajax sections. Anyone can help me with why it quit working? And if I need to I can post another question but figured I'd try it here first. Whats a better way of writing the ajax code where it executes once upon loading the page and then every time I click the $("a#next") link afterwards? Right now I just repasted the code outside of the next link and that works, but seems silly to have the same code in two different places like that. Thanks!

    Read the article

  • What is a good way to simulate O_NOFOLLOW on systems without this flag?

    - by Daniel Trebbien
    I would like to safely be able to simulate open with O_CREAT | O_WRONLY | O_TRUNC | O_NOFOLLOW and O_CREAT | O_WRONLY | O_APPEND | O_NOFOLLOW on systems that do not support O_NOFOLLOW. I can somewhat achieve what I am asking for with: struct stat lst; if (lstat(filename, &lst) != -1 && S_ISLNK(lst.st_mode)) { errno = ELOOP; return -1; } mode_t mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH; int fd = open(filename, O_CREAT | O_WRONLY | O_TRUNC | O_NOFOLLOW, mode); but then I introduce a race condition and possibly a security problem. I thought about maybe creating a dummy file with only the user being able to write, kind of like touching filename, doing the lstat check, and then using chmod after I finish writing (to correct the file mode bits), but I could be overlooking something major (e.g. if the file at filename exists, is not a regular file, or is already a symbolic link). What do you think?

    Read the article

  • How to organize Windows Phone code base to target both 7.x and 8 platforms

    - by ljubomir
    I took over a Windows Phone project which was previously targeting WP 7.1 platform, and with the recent announcement of the new platform it should target WP 8 as well. My VS 2010 solution consists on several projects (Data access, Model, Tests and WP7 client app) and i am wandering on how to include support for WP8. I have to note that the code-base is not compatible with WP8, due to usage of Toolkit controls and other 3rd party libraries targeted for WP7.1 specifically. Also there is another problem with the Visual Studio versions - WP7.1 can work with VS 2010, but WP8 requires VS 2012. Should i move the whole code-base to VS 2012? Any good advice on how to organize code-base in a most meaningful way in order to avoid duplication and possible painful maintenance? I am thinking between one solution - multiple projects vs. multiple solutions - reusable projects approach. Code duplication (like two separate folders/solutions) should be the least possible approach (fallback).

    Read the article

  • Why is using a Non-Random IV with CBC Mode a vulnerability?

    - by The Rook
    I understand the purpose of an IV. Specifically in CBC mode this insures that the first block of of 2 messages encrypted with the same key will never be identical. But why is it a vulnerability if the IV's are sequential? According to CWE-329 NON-Random IV's allow for the possibility of a dictionary attack. I know that in practice protocols like WEP make no effort to hide the IV. If the attacker has the IV and a cipher text message then this opens the door for a dictionary attack against the key. I don't see how a random iv changes this. (I know the attacks against wep are more complex than this.) What security advantage does a randomized iv have? Is this still a problem with an "Ideal Block Cipher"? (A perfectly secure block cipher with no possible weaknesses.)

    Read the article

  • Using macro to check null values

    - by poliron
    My C code contains many functions with pointers to different structs as parameters which shouldn't be NULL pointers. To make my code more readable, I decided to replace this code: if(arg1==NULL || arg2==NULL || arg3==NULL...) { return SOME_ERROR; } With that macro: NULL_CHECK(arg1,arg2,...) How should I write it, if the number of args is unknown and they can point to different structs?(I work in C99)

    Read the article

  • How secure is encryption?

    - by Stomped
    Let me preface this by saying I know nothing about encryption. I understand the basic concept of public key / private key encryption but I don't how easily it can be broken, if at all. If one were to believe the movies, encrypted data can be broken by a teenager with a decent computer in a few hours. I have a client who wants credit card information sent via email - encrypted of course, but I'm still not feeling terribly good about the idea. I feel it would be safer to store the info on the VPS, but even then its an unmanaged server and there's nobody watching it who knows much about security. So can anyone tell me if there's a safe way to store and/or send this data out? Thanks

    Read the article

  • Good ACL implementation in Java

    - by yonconf
    Hi All. I'm implementing a web based document management system and I'd like to implement ACLs in my system. My formal requirements are hierarchal permissions (documents inherit permissions from their folders) user groups (users can dynamically create groups and associate users with groups). Such groups can have permissions on objects in the system. My code will query permission on objects in two cases: 1. Manipulating a single document 2. Listing all documents where a manipulation is possible The latter requirement seems the achilles heel for Spring Security ACLs (their method seems likely to incur multiple DB hits for each document I manage) Anyone know of another ACL implementation? Thanks!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 249 250 251 252 253 254 255 256 257 258 259 260  | Next Page >