Search Results

Search found 97980 results on 3920 pages for 'code security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 303/3920 | < Previous Page | 299 300 301 302 303 304 305 306 307 308 309 310  | Next Page >

  • Rewriting Live TCP Streams

    - by user213060
    I want to rewrite TCP/IP streams. Ettercap's etterfilter command lets you perform simple live replacements of TCP/IP data based on fixed strings or regexes. Example: http://ettercap.sourceforge.net/forum/viewtopic.php?t=2833 I would like to rewrite streams based on my own filter program instead of just simple string replacements. Anyone have an idea of how to do this? Is there anything other than Ettercap that can do live replacement like this, maybe as a plugin to a VPN software or something? Thanks!

    Read the article

  • Cleaning all inline events from HTML tags

    - by Itay Moav
    For HTML input, I want to neutralize all HTML elements that have inline js (onclick="..", onmouseout=".." etc). I am thinking, isn't it enough to encode the following chars? =,(,) So onclick="location.href='ggg.com'" will become onclick%3D"location.href%3D'ggg.com'" What am I missing here? Edit: I do need to accept active HTML (I can't escape it all or entities is it).

    Read the article

  • GWT RPC - Does it do enough to protect against CSRF ?

    - by sri
    GWT's RPC mechanism does the following things on every HTTP Request - Sets two custom request headers - X-GWT-Permutation and X-GWT-Module-Base Sets the content-type as text/x-gwt-rpc; charset=utf-8 The HTTP request is always a POST, and on server side GET methods throw an exception (method not supported). Also, if these headers are not set or have the wrong value, the server fails processing with an exception "possibly CSRF?" or something to that effect. Question is : Is this sufficient to prevent CSRF? Is there a way to set custom headers and change content type in a pure cross-site request forgery method?

    Read the article

  • Modifying a model and texture mid-game code

    - by MicroPirate
    Just have a question for anyone out there who knows some sort of game engine pretty well. What I am trying to implement is some sort of script or code that will allow me to make a custom game character and textures mid-game. A few examples would be along the lines of changing facial expressions and body part positions in the game SecondLife. I don't really need a particular language, feel free to use your favorite, I'm just really looking for an example on how to go about this. Also I was wondering if there is anyway to combine textures for optimization; for example if i wanted to add a tattoo to a character midgame, is there any code that could combine his body texture and the tattoo texture into one texture to use (this way I can simply just render one texture per body.) Any tips would be appreciated, sorry if the question is a wee bit to vauge.

    Read the article

  • Configure Windows firewall to prevent an application from listening on a specific port [closed]

    - by U-D13
    The issue: there are many applications struggling to listen on port 80 (Skype, Teamviewer et al.), and to many of them that even is not essential (in the sense that you can have a httpd running and blocking the http port, and the other application won't even squeak about being unable to open the port). What makes things worse, some of the apps are... Well, I suppose, that it's okay that the mentally impaired are being integrated in the society by giving them a job to do, but... Programming requires some intellectual effort, in my humble opinion... What I mean is that there is no way to configure the app not to use specific ports (that's what you get for using proprietary software) - you can either add it to windows firewall exceptions (and succumb to undesired port opening behavior) or not (and risk losing most - if not all - of the functionality). Technically, it is not impossible for the firewall to deny an application opening an incoming port even if the application is in the exception list. And if this functionality is built into the Windows firewall somewhere, there should be a way to activate it. So, what I want to know is: whether there exists such an option, and if it does how to activate it.

    Read the article

  • Temporarily impersonate and enable privileges?

    - by Luke
    We maintain a DLL that does a lot of system-related things; traversing the file system, registry, etc. The callers of this DLL may or may not be using impersonation. In order to better support all possible scenarios I'm trying to modify it to be smarter. I'll use the example of deleting a file. Currently we just call DeleteFile(), and if that fails that's the end of that. I've come up with the following: BOOL TryReallyHardToDeleteFile(LPCTSTR lpFileName) { // 1. caller without privilege BOOL bSuccess = DeleteFile(lpFileName); DWORD dwError = GetLastError(); if(!bSuccess && dwError == ERROR_ACCESS_DENIED) { // failed with access denied; try with privilege DWORD dwOldRestorePrivilege = 0; BOOL bHasRestorePrivilege = SetPrivilege(SE_RESTORE_NAME, SE_PRIVILEGE_ENABLED, &dwOldRestorePrivilege); if(bHasRestorePrivilege) { // 2. caller with privilege bSuccess = DeleteFile(lpFileName); dwError = GetLastError(); SetPrivilege(SE_RESTORE_NAME, dwOldRestorePrivilege, NULL); } if(!bSuccess && dwError == ERROR_ACCESS_DENIED) { // failed with access denied; if caller is impersonating then try as process HANDLE hToken = NULL; if(OpenThreadToken(GetCurrentThread(), TOKEN_QUERY | TOKEN_IMPERSONATE, TRUE, &hToken)) { if(RevertToSelf()) { // 3. process without privilege bSuccess = DeleteFile(lpFileName); dwError = GetLastError(); if(!bSuccess && dwError == ERROR_ACCESS_DENIED) { // failed with access denied; try with privilege bHasRestorePrivilege = SetPrivilege(SE_RESTORE_NAME, SE_PRIVILEGE_ENABLED, &dwOldRestorePrivilege); if(bHasRestorePrivilege) { // 4. process with privilege bSuccess = DeleteFile(lpFileName); dwError = GetLastError(); SetPrivilege(SE_RESTORE_NAME, dwOldRestorePrivilege, NULL); } } SetThreadToken(NULL, hToken); } CloseHandle(hToken); hToken = NULL; } } } if(!bSuccess) { SetLastError(dwError); } return bSuccess; } So first it tries as the caller. If that fails with access denied, it temporarily enables privileges in the caller's token and tries again. If that fails with access denied and the caller is impersonating, it temporarily unimpersonates and tries again. If that fails with access denied, it temporarily enables privileges in the process token and tries again. I think this should handle pretty much any situation, but I was wondering if there was a better way to achieve this? There are a lot of operations that we would potentially want to use this method (i.e. pretty much any operation that accesses securable objects).

    Read the article

  • Downloading Eclipse's Source Code

    - by digiarnie
    I'm doing a study on large Java projects and would like to view the source code for Eclipse. I have gone to this url (http://wiki.eclipse.org/index.php/CVS_Howto) and figured that the most useful cvs repository for me to look at would be this one: :pserver:[email protected]:/cvsroot/eclipse (The Eclipse platform project) However, when looking at this repository, it has so many modules! Which modules should I be trying to check out? I don't necessarily want to build the IDE from source, however, I just want to get the core Eclipse code base to perform some analysis. Would I just check out any modules starting with "org.eclipse..."? Should I be checking out any of the others? Or is there an easier way to get the source? I read somewhere that you can get the source from the binary version of Eclipse but I am unsure where to find the source.

    Read the article

  • What's the best way to detect web applications attacks ?

    - by paulgreg
    What is the best way to survey and detect bad users behavior or attacks like deny of services or exploits on my web app ? I know server's statistics (like Awstats) are very useful for that kind of purpose, specially to see 3XX, 4XX and 5XX errors (here's an Awstats example page) which are often bots or bad intentioned users that try well-known bad or malformed URLs. Is there others (and betters) ways to analyze and detect that kind of attack tentative ? Note : I'm speaking about URL based attacks, not attacks on server's component (like database or TCP/IP).

    Read the article

  • How do i sign variables?

    - by acidzombie24
    I have a few variables that must be stored on the client side. As usual anything on client side can be tampered. I would like to sign a few variables and verified them when the data is sent back to the server. At the moment i think they are 5 64bit vars. On the server i would like to sign those 5 variables, then ensure the signature is valid when the client sends it back. How do i do this using C# .NET?

    Read the article

  • [Symfony] Login to application with GET/POST token

    - by Henri
    I work on a Symfony web application which has a standard login form. To allow users to login more easily we want to give them a link which logs them in directly. I've already build a way to get a token to use, but I have no clue as to how the Symfony login process works, specifically how I can adapt it to take a GET/POST token instead of redirecting to the login page. Any help appreciated! Oh and this is Symfony 1.2 BTW (and no, upgrading is not an option right now)

    Read the article

  • Setting a "dependency property" in code

    - by Matt B
    I'm on a roll today... I have the following code delaring a dependency property inside a class called ActionScreen: #region Dependency Properties & Methods public string DescriptionHeader { get { return (string)GetValue(DescriptionHeaderProperty); } set { SetValue(DescriptionHeaderProperty, value); } } // Using a DependencyProperty as the backing store for DescriptionHeader. This enables animation, styling, binding, etc... public static readonly DependencyProperty DescriptionHeaderProperty = DependencyProperty.Register("DescriptionHeader", typeof(string), typeof(ActionScreen), new UIPropertyMetadata("xxx")); #endregion I bind to this property in my Xaml as so: <GridViewColumn DisplayMemberBinding="{Binding Description}" Header="{Binding DescriptionHeader}" Width="350" /> Now I want to be able to set the parameter from my code behind when I recieve an event - but it's not working: public string DescColText { set { this.Dispatcher.Invoke(DispatcherPriority.Normal, new Action(delegate() { DescriptionHeader = value; })); } }

    Read the article

  • Why doesn't this (translated) VB.NET code work?

    - by ropstah
    I had a piece of C# code converted, but the translated code isn't valid... Can somebody help out? C# <table> <% Html.Repeater<Hobby>("Hobbies", "row", "row-alt", (hobby, css) => { %> <tr class="<%= css %>"> <td><%= hobby.Title%></td> </tr> <% }); %> </table> VB <% Html.Repeater(of Jrc3.BLL.Product)(Model.ProductCollectionByPrcAutoKey, "row", "row-alt", Function(product, css) Do %> <tr class="<%= css %>"> <td><%= hobby.Title%></td> </tr> <% End Function)%>

    Read the article

  • Problem exporting RSA key -'key not valid for use in specified state'

    - by asp316
    I'm encrypting the web.config in our web sites using aspnet_regiis. However, I want the ability to export the encryption key so if we need to move from Machine A to Machine B, asp.net will be able to decrypt it. When I run aspnetregiis -px "NetFrameworkConfigurationKey" c:\keys.xml -pri, I get the following : 'Key not valid for use in specified state'. I've seen all kinds of responses online but they don't seem to apply. It's not an invalid key because when I use aspnet_regiis to encrypt sections of the web.config, they encrypt fine. Ideas?

    Read the article

  • AES Encryption library

    - by Spines
    Is there a library or something that will allow me to simply call a function that will AES encrypt a byte array? I don't want to deal with multiple update blocks/transformFinal/etc, because there is a possibility I will mess up...

    Read the article

  • Row level user permissions, help with design

    - by bambam
    Hi, Say I am creating a forums application, I understand how to design a forum level permission system with Groups. i.e. you create a forum to group mapping, and assign users to a group to give them access to a particular forum. How can I refine the permissions to allow for row level permissions (or in forum terms, post level).

    Read the article

  • vb6: set SysTabControl32 by code

    - by Fuxi
    hi, i'm coding a little app for controlling soulseek - what i want do is clicking the "Search Files" button by code. i've got the handle to the tabbed control (SysTabControl32) and managed to change the tab with following code: rc1 = SendMessage(hwnd, TCM_SETCURFOCUS, ByVal 0, ByVal 0&) the problem: the tab control is changing to the proper button, but nothing happens. i assume i also also have to send a mouseclick to it, as when clicking by mouse, the button goes down and up again. any ideas how to do this? thx

    Read the article

  • how to force client(winform) application to use NTLM when calling web services

    - by peanut
    Hi, I have a winform application calling web services hosted in IIS, by default, the client app will use Kerberose for authentication to IIS, and it failed for some reasons? But the same app works fine at another PC(with different user login), and I found it is using NTLM by checking the IIS server event log. is there anyway we can change the client app(winform) authentication type? Thanks in advance

    Read the article

  • Shared User Session for Multiple ASP.NET Websites

    - by Oliver
    I have been tasked with developing a single Login and Dashboard page that user can login too, the user will then be shown all the systems (we developed) that they have access based to based on some roles stored in our databases. If they logged in we would like that "User Session" (not sure of correct terminology) to be carried to which ever system they are redirected too. To illustrate a very rough overview of what I want to achieve: Is there a way that a user can login in one site, and then carry over that login to the other sites? Help, Advice, Link will be much appreciated. Sorry I am not experienced at ASP.net but have a good understanding of Silverlight, C#, WPF. Thanks in advance.

    Read the article

  • Simple User Access Control with CodeIgniter framework Code (ACL) Library

    - by Hafiz Arslan Akbar
    Friends, I am new User of PHP n CodeIgniter. I just want do a simple task, user access control. there are 5 different user in a class,, I have to write a code which gives just one line output for one user. for example,, by using ACL library, just pick one out put. deal with basic level... Manager , Teacher , Student , Chairperson PHP page contain one text box and button. by using ACL library we just put one code or string in textbox and get related output... some thing like this... text box contain 1, Now Manager access Control,, text box contain 2, Now Teacher Access Control,, text box contain 3, Chairperson access control.. Plz guide step by step. Thanx in advance dear.......

    Read the article

  • An equivalent of -javaagent in C#? Or: ways to use a java framework in C#.

    - by Alix
    Hi everyone. This is probably something I should be able to figure out by myself, but I'm not having much luck so I figured I'd ask. The issue: I'm translating a system from java to C# and they use a java framework that I'd really like to use, since it takes care of the most complex parts of the system, which I would otherwise have to implement myself. I have the source code of this framework. I know there are several possibilities for using java libraries in C# (although I'm not familiar with any of them, so I'd appreciate suggestions). So far I've thought of using IKVM.NET to generate a .dll, but I'm not sure what to do next, because in java in order to run the framework with your code you're supposed to use the option -javaagent by adding -javaagent:bin/deuceAgent.jar (where deuceAgent is the framework) to your java command line. I don't know what the equivalent in C# would be once I have my .dll, or whether there's an equivalent at all. Any help? Thanks so much.

    Read the article

  • Accessing WPF Template for Custom Control from Code behind

    - by Ashwani Mehlem
    Hi, i am trying to access a named grid inside a default template for a custom control from code behind. But it seems that the template for the control is null, even after calling ApplyTemplate(). Is that impossible inside the controls constuctor? Here's the code: Generic.xaml: ... <ControlTemplate TargetType="{x:Type local:TimeTableControl}"> <Grid Name="ContentGrid"> </Grid> </ControlTemplate> ... TimeTableControl.cs: public TimeTableControl() { ApplyTemplate(); contentGrid = (Grid)(Template.FindName("ContentGrid", this)); //Line above causes null-pointer-exception ... }

    Read the article

  • Restrict the page to be browsed in the other browser with the same urls

    - by subash
    how to restrict the page to be browsed in the other browser with the same urls with out logging asp.net & c#.net. i followed the following steps for example: i am logging in to a page developed in asp.net & c#.net. i am viewing a page.Let it be admin page. i am copying the url of the admin page. i am opening another browser window and pasting the url. i was able to see the same admin page in the other browser. the question is how to restrict the opening of admin page in other browser,if they try to open admin page in another browser while user is currently viewing the admin page then it should be redirected to the login page? how could this be accomplished? is there any thing could be done with "login" control tool of the .net frame work?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 299 300 301 302 303 304 305 306 307 308 309 310  | Next Page >