Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 302/3920 | < Previous Page | 298 299 300 301 302 303 304 305 306 307 308 309  | Next Page >

  • Account sharing among Ubuntu machines

    - by muckabout
    I'd like a simple and secure system to have allow users in our network to have their account (e.g., 'myname') work on every machine in the network (e.g., such that they could ssh to any machine and have the same userid, mounted smb share). Any suggestions?

    Read the article

  • Process.Start - Pass html code to exe as argument

    - by dkirk
    Hello, I am using the code below to start a executable file from a windows service and I need to pass html code (stored in a variable) as an argument. I am escaping with double quotes but this is not working. What do I need to do in order to pass this correctly? Thanks in advance for any guidance that is offered. Inside the service: Process.Start(@"E:\Program Files\MyApp.exe", dr["rec"].ToString() + " \"" + subject + "\" \"" + htmlVar); and then within MyApp.exe: static void Main(string[] args) { Program MyProg = new Program(); MyProg.MyMeth(args[0].ToString(), args[1].ToString(), args[2].ToString()); }

    Read the article

  • What should a developer know before building a public web site?

    - by Joel Coehoorn
    What things should a programmer implementing the technical details of a web site address before making the site public? If Jeff Atwood can forget about HttpOnly cookies, sitemaps, and cross-site request forgeries all in the same site, what important thing could I be forgetting as well? I'm thinking about this from a web developer's perspective, such that someone else is creating the actual design and content for the site. So while usability and content may be more important than the platform, you the programmer have little say in that. What you do need to worry about is that your implementation of the platform is stable, performs well, is secure, and meets any other business goals (like not cost too much, take too long to build, and rank as well with Google as the content supports). Think of this from the perspective of a developer who's done some work for intranet-type applications in a fairly trusted environment, and is about to have his first shot and putting out a potentially popular site for the entire big bad world wide web. Also: I'm looking for something more specific than just a vague "web standards" response. I mean, HTML, JavaScript, and CSS over HTTP are pretty much a given, especially when I've already specified that you're a professional web developer. So going beyond that, Which standards? In what circumstances, and why? Provide a link to the standard's specification. This question is community wiki, so please feel free to edit that answer to add links to good articles that will help explain or teach each particular point.

    Read the article

  • WCF REST based services authentication schemes

    - by FlySwat
    I have a simple authentication scheme for a set of semi-public REST API's we are building: /-----------------------\ | Client POST's ID/Pass | | to an Auth Service | \-----------------------/ [Client] ------------POST----------------------> [Service/Authenticate] | /-------------------------------\ | Service checks credentials | [Client] <---------Session Cookie------- | and generates a session token | | | in a cookie. | | \-------------------------------/ | [Client] -----------GET /w Cookie -------------> [Service/Something] | /----------------------------------\ | Client must pass session cookie | | with each API request | | or will get a 401. | \----------------------------------/ This works well, because the client never needs to do anything except receive a cookie, and then pass it along. For browser applications, this happens automatically by the browser, for non browser applications, it is pretty trivial to save the cookie and send it with each request. However, I have not figured out a good approach for doing the initial handshake from browser applications. For example, if this is all happening using a AJAX technique, what prevents the user from being able to access the ID/Pass the client is using to handshake with the service? It seem's like this is the only stumbling block to this approach and I'm stumped.

    Read the article

  • How do I ensure that SOAP requests from a flash client to my ASP server are coming from the flash cl

    - by Gary Benade
    I have a flash based game that has a high score system implemented with a SOAP service. There are prizes involved and I want to prevent someone from using FireBug or similar to discover the webservice path and submit fake scores. I considered using some kind of encryption on the data but am aware that someone could decompile the swf and work out how I did it. I also considered using an IP whitelist but since the incoming data will come from the users IP and not the servers that won't work. (I'm sure I'm missing something obvious here...) I know that there is a tried and tested solution for this, but I don't seem to be asking google the right questions to get to it. Any help and suggestions will be appreciated, thank you

    Read the article

  • How to improve IntelliJ code editor speed?

    - by Hoàng Long
    I am using IntelliJ (Community Edition) for several months, and at first I'm pleased about its speed & simplicity. But now, after upgrading to version 10, it's extremely slow. Sometimes I click a file then it takes 5 - 15 seconds to open that file (it freeze for that time). I don't know if I have done anything which cause that: I have installed 2 plugins(regex, sql), and have 2 versions of IntelliJ on my machine (now the version 9 removed, only version 10 remains). Is there any tips to improve speed of code editor, in general, or specifically IntelliJ? I have some experience when using IntelliJ: 1. Should open IntelliJ a while before working, cause it needs time for indexing. Don't open too many code tabs Open as less other program as possible. I'm using 2 GB RAM WinXP, and it just seems fairly enough for Java, IntelliJ & Chrome at the same time.

    Read the article

  • Is there a /users/www-data type directory in RedHat/Fedora?

    - by Yarin
    I'm trying to setup web2py on my Fedora server, and the instructions, written for Debian, are telling me to install it in the /users/www-data directory. I realize that Fedora uses a default 'apache' user for running Apache, and Debian uses a 'www-data' user, but there's no corresponding /users/apache directory on my machine... Here are the instructions http://web2py.com/book/default/section/11/2

    Read the article

  • Can per-user randomized salts be replaced with iterative hashing?

    - by Chas Emerick
    In the process of building what I'd like to hope is a properly-architected authentication mechanism, I've come across a lot of materials that specify that: user passwords must be salted the salt used should be sufficiently random and generated per-user ...therefore, the salt must be stored with the user record in order to support verification of the user password I wholeheartedly agree with the first and second points, but it seems like there's an easy workaround for the latter. Instead of doing the equivalent of (pseudocode here): salt = random(); hashedPassword = hash(salt . password); storeUserRecord(username, hashedPassword, salt); Why not use the hash of the username as the salt? This yields a domain of salts that is well-distributed, (roughly) random, and each individual salt is as complex as your salt function provides for. Even better, you don't have to store the salt in the database -- just regenerate it at authentication-time. More pseudocode: salt = hash(username); hashedPassword = hash(salt . password); storeUserRecord(username, hashedPassword); (Of course, hash in the examples above should be something reasonable, like SHA-512, or some other strong hash.) This seems reasonable to me given what (little) I know of crypto, but the fact that it's a simplification over widely-recommended practice makes me wonder whether there's some obvious reason I've gone astray that I'm not aware of.

    Read the article

  • Are there any differences between MSSQL and MySQL when it comes to preventing SQL injection?

    - by Derek Adair
    I am used to developing in PHP/MySQL and have no experience developing with MSSQL. I've skimmed over the PHP MSSQL documentation and it looks similar to MySQLi in some of the methods I read about. For example, with MySQL I utilize the function mysql_real_excape_string(). Is there a similar function with PHP/MSSQL? What steps do I need to take in order to protect against SQL injection with MSSQL? What are the differences between MSSQL and MySQL pertaining to SQL injection prevention?

    Read the article

  • XSLT: Disable output escaping in an entire document.

    - by Kragen
    I'm trying to generate some C# code using xslt - its working great until I get to generics and need to output some text like this: MyClass<Type> In this case I've found that the only way to emit this is to do the following: MyClass<xsl:text disable-output-escaping="yes">&lt;</xsl:text>Type<xsl:text disable-output-escaping="yes">&gt;</xsl:text> Where: Often it all needs to go on one line, otherwise you end up with line breaks in the generated code In the above example I technically could have used only 1 <xsl:text />, however usually the type Type is given by some other template, e.g: <xsl:value-of select="@type" /> I don't mind having to write &lt; a lot, but I would like to avoid writing <xsl:text disable-output-escaping="yes">&lt;</xsl:text> for just a single character! Is there any way of doing disable-output-escaping="yes" for the entire document?

    Read the article

  • Choosing http status code for unknown command reply

    - by w0rldart
    So, I'm writing a small test that I have been required to complete and I just want to give it some final touches by adding some header status code responses and some other stuff. Right now, my dilemma is what HTTP status code to choose for my "Unknown command" response after the $_GET['cmd'] has been compared to the existing commands list. case 404: $text = 'Not Found'; break; case 405: $text = 'Method Not Allowed'; break; case 406: $text = 'Not Acceptable'; break; For which one of the above should I go? And if none, which other?

    Read the article

  • Securing Elmah RSS Feeds in ASP.NET website

    - by olivehour
    I followed the answer to this question http://stackoverflow.com/questions/1245364/securing-elmah-in-asp-net-website to restrict access to the elmah handler. However, it seems that adding an RSS feed to Outlook for the URL elmah.axd/rss or elmah.axd/digestrss bypasses the authentication. What's the point of securing the handler if someone can guess the RSS URL and subscribe to a feed of the error log?

    Read the article

  • Flash: Adjust this code to keep the duplicated movie clip

    - by Luke Evans
    OK, so here is my code ham_mc.onPress=function(){ startDrag(this); } ham_mc.onRelease=ham_mc.onReleaseOutside=function(){ stopDrag(); _root.ham_mc.duplicateMovieClip("ham_mc" + "x",2); x++; } The user can at first drag the movie clip. When released, the duplicateMovieClip command runs, leaving a new ham movie clip in the position the first is dragged to. PROBLEM: When I click and drag the first ham movie click again, the duplicateMovieClip runs again but REPLACES the previous generated movie clip. I added x and x++ in an attempt to give the movie clip duplication a different name every time, but this doesn't solve it. How do I change this code so that a NEW ham_mc is created every time, rather than overwriting the old one. I'm tired, sorry for the poor explaination!

    Read the article

  • Rhino - Set FEATURE_LOCATION_INFORMATION_IN_ERROR in code?

    - by Scott
    I'd like fileName, lineNumber and stack traces to automatically be provided by Rhino for any errors. I've been told that I need to set FEATURE_LOCATION_INFORMATION_IN_ERROR on the current context, but I'm not sure how to do this in code. Does anybody have an example of turning this feature on so that I can see stacktrace dumps on crashes? I'm using Rhino as part of Narwhal/Jack, and so that complicates things a bit, and I think the easiest way to at least get moving forward is if I can set it through code. Thanks.

    Read the article

  • Cleaning all inline events from HTML tags

    - by Itay Moav
    For HTML input, I want to neutralize all HTML elements that have inline js (onclick="..", onmouseout=".." etc). I am thinking, isn't it enough to encode the following chars? =,(,) So onclick="location.href='ggg.com'" will become onclick%3D"location.href%3D'ggg.com'" What am I missing here? Edit: I do need to accept active HTML (I can't escape it all or entities is it).

    Read the article

  • How do i sign variables?

    - by acidzombie24
    I have a few variables that must be stored on the client side. As usual anything on client side can be tampered. I would like to sign a few variables and verified them when the data is sent back to the server. At the moment i think they are 5 64bit vars. On the server i would like to sign those 5 variables, then ensure the signature is valid when the client sends it back. How do i do this using C# .NET?

    Read the article

  • Rewriting Live TCP Streams

    - by user213060
    I want to rewrite TCP/IP streams. Ettercap's etterfilter command lets you perform simple live replacements of TCP/IP data based on fixed strings or regexes. Example: http://ettercap.sourceforge.net/forum/viewtopic.php?t=2833 I would like to rewrite streams based on my own filter program instead of just simple string replacements. Anyone have an idea of how to do this? Is there anything other than Ettercap that can do live replacement like this, maybe as a plugin to a VPN software or something? Thanks!

    Read the article

  • vb6: set SysTabControl32 by code

    - by Fuxi
    hi, i'm coding a little app for controlling soulseek - what i want do is clicking the "Search Files" button by code. i've got the handle to the tabbed control (SysTabControl32) and managed to change the tab with following code: rc1 = SendMessage(hwnd, TCM_SETCURFOCUS, ByVal 0, ByVal 0&) the problem: the tab control is changing to the proper button, but nothing happens. i assume i also also have to send a mouseclick to it, as when clicking by mouse, the button goes down and up again. any ideas how to do this? thx

    Read the article

  • Abstract out repeated code

    - by CookieMonster
    The code in this event is repeated exactly in two other event handlers. How do I put the repeated code into a method and call that method from the event handlers so I only have to maintain it in one place? I'm not sure how to pass the event args to the calling method. protected void gvDocAssoc_RowDataBound(object sender, GridViewRowEventArgs e) { if (e.Row.RowType == DataControlRowType.DataRow) { if ((Convert.ToString(DataBinder.Eval(e.Row.DataItem, "DETAIL_TYPE_DESC")) == "Transcript") && (Convert.ToString(DataBinder.Eval(e.Row.DataItem, "INSTITUTION_CODE")) == "")) { e.Row.BackColor = System.Drawing.Color.Red; } if ((Convert.ToString(DataBinder.Eval(e.Row.DataItem, "DETAIL_TYPE_DESC")) == "Certified Diploma") && (Convert.ToString(DataBinder.Eval(e.Row.DataItem, "INSTITUTION_CODE")) == "")) { e.Row.BackColor = System.Drawing.Color.Red; } if ((Convert.ToString(DataBinder.Eval(e.Row.DataItem, "DOC_TYPE_DESC")) == "Post Graduate conditions") && (Convert.ToString(DataBinder.Eval(e.Row.DataItem, "INSTITUTION_CODE")) == "")) { e.Row.BackColor = System.Drawing.Color.Red; } } }

    Read the article

  • Shared User Session for Multiple ASP.NET Websites

    - by Oliver
    I have been tasked with developing a single Login and Dashboard page that user can login too, the user will then be shown all the systems (we developed) that they have access based to based on some roles stored in our databases. If they logged in we would like that "User Session" (not sure of correct terminology) to be carried to which ever system they are redirected too. To illustrate a very rough overview of what I want to achieve: Is there a way that a user can login in one site, and then carry over that login to the other sites? Help, Advice, Link will be much appreciated. Sorry I am not experienced at ASP.net but have a good understanding of Silverlight, C#, WPF. Thanks in advance.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 298 299 300 301 302 303 304 305 306 307 308 309  | Next Page >